Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe71cd9-cbff-4ca4-b8a6-7dc13b1013e4.roa
File: 5fe71cd9-cbff-4ca4-b8a6-7dc13b1013e4.roa (raw, json)
Hash identifier: j9JAGoMPxvdDh3JPDNIdZyAQ3W+MEVq/RvyMDC5396o=
Subject key identifier: 70:D8:B8:6B:3C:B0:C6:52:66:55:C2:2B:08:F9:3C:36:26:9C:3F:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 739BD8328D8054608CA1E80FCB1ABF165CE403C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe71cd9-cbff-4ca4-b8a6-7dc13b1013e4.roa
Signing time: Fri 26 Sep 2025 20:11:14 +0000
ROA not before: Fri 26 Sep 2025 20:11:14 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:9b:d8:32:8d:80:54:60:8c:a1:e8:0f:cb:1a:bf:16:5c:e4:03:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:11:14 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=4339505bb3945454e6f08343c5bfed0b236ca81e72a4fc321faf28be1097e585, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:fa:9a:12:01:ef:cf:96:b5:db:c7:06:75:ae:
ec:89:5c:bc:f0:13:8e:35:6f:8b:ba:ca:dc:f5:fe:
10:12:3a:e0:84:65:76:32:94:41:0a:01:4c:7c:64:
86:0f:53:cc:4a:d6:10:d3:cb:66:fe:75:5b:17:41:
db:b6:cd:e6:0f:c9:37:70:54:47:6b:9a:55:ff:cd:
56:6f:84:5c:69:e0:81:92:22:64:84:47:c0:a9:c4:
1c:ae:5c:24:91:b7:b5:b2:2d:9b:4a:0c:88:dc:b3:
bd:26:6a:bd:31:bf:f8:4e:f0:8f:74:4d:d7:2e:a8:
d0:f1:79:be:f3:27:6f:9a:da:09:9e:a9:1d:dd:84:
74:f4:4d:b0:ce:02:9f:38:9f:e1:57:69:dc:32:c9:
6b:da:ab:f8:dd:60:f6:ff:dd:f4:f6:ec:d1:68:ad:
21:d7:c3:af:9a:f4:43:64:91:b4:0b:7c:98:34:2b:
90:5e:d7:ec:5f:58:05:e6:39:29:28:14:4e:00:7e:
6f:f0:04:a4:7d:bb:ec:3c:df:70:16:9c:c0:cc:3e:
1b:df:0c:f6:a0:57:99:7c:00:5b:5d:e6:39:c2:6c:
19:e3:f8:33:8d:a7:2d:6e:ab:12:56:28:87:99:4d:
3b:28:e4:a9:7f:a2:db:c7:16:5f:c7:52:e7:40:b1:
27:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D8:B8:6B:3C:B0:C6:52:66:55:C2:2B:08:F9:3C:36:26:9C:3F:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe71cd9-cbff-4ca4-b8a6-7dc13b1013e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d::/36
Signature Algorithm: sha256WithRSAEncryption
2c:57:06:2b:4d:24:01:d7:2c:e3:6d:47:ff:4f:47:8b:b5:9e:
83:c5:31:6c:f7:4a:85:c4:3c:0e:3b:fd:8c:38:e1:0c:ab:bc:
a1:18:db:54:34:fe:02:db:67:6d:f7:e0:4d:d5:03:cd:8a:79:
a8:69:05:5b:e7:3b:25:b5:d9:a5:87:90:4c:d7:80:51:e9:2d:
fb:dd:ca:20:55:46:03:28:6a:61:ec:ed:6e:65:53:85:03:44:
a8:cf:30:5c:23:14:9b:55:c0:da:ef:9b:39:13:8d:93:d4:dd:
24:21:83:88:d3:af:28:e4:24:7a:7e:f5:e8:03:70:07:f6:c4:
41:05:2d:9e:2f:f0:a1:82:e7:a9:01:91:cc:ab:36:2a:3e:74:
bd:2f:e7:d1:d2:1d:77:8b:15:81:57:d7:4a:35:5f:88:60:44:
aa:8d:1e:33:79:31:12:7d:f3:0c:c8:0b:0a:7c:fb:15:5e:69:
38:71:4a:74:11:f1:db:31:39:07:df:b0:1e:d2:a7:c5:e1:71:
2f:a8:5d:75:74:c3:e3:53:0b:4d:a6:5d:95:42:95:e0:92:7a:
a6:6e:02:62:a9:5f:b5:05:50:aa:9b:3f:c5:b0:9f:47:94:47:
1f:6d:2c:74:f4:c9:30:a6:81:05:a1:e2:fe:4e:9a:a8:ef:e4:
ac:6a:bb:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc5vYMo2AVGCMoegPyxq/FlzkA8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDExMTRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzMzk1MDViYjM5NDU0NTRlNmYwODM0M2M1YmZlZDBiMjM2Y2E4MWU3MmE0
ZmMzMjFmYWYyOGJlMTA5N2U1ODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPD6mhIB78+WtdvHBnWu7IlcvPATjjVvi7rK3PX+EBI64IRldjKUQQoBTHxk
hg9TzErWENPLZv51WxdB27bN5g/JN3BUR2uaVf/NVm+EXGnggZIiZIRHwKnEHK5c
JJG3tbItm0oMiNyzvSZqvTG/+E7wj3RN1y6o0PF5vvMnb5raCZ6pHd2EdPRNsM4C
nzif4Vdp3DLJa9qr+N1g9v/d9Pbs0WitIdfDr5r0Q2SRtAt8mDQrkF7X7F9YBeY5
KSgUTgB+b/AEpH277DzfcBacwMw+G98M9qBXmXwAW13mOcJsGeP4M42nLW6rElYo
h5lNOyjkqX+i28cWX8dS50CxJ7MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRw2Lhr
PLDGUmZVwisI+Tw2Jpw/ADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWZlNzFjZDktY2JmZi00Y2E0LWI4YTYtN2RjMTNiMTAxM2U0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B0A
MA0GCSqGSIb3DQEBCwUAA4IBAQAsVwYrTSQB1yzjbUf/T0eLtZ6DxTFs90qFxDwO
O/2MOOEMq7yhGNtUNP4C22dt9+BN1QPNinmoaQVb5zsltdmlh5BM14BR6S373cog
VUYDKGph7O1uZVOFA0SozzBcIxSbVcDa75s5E42T1N0kIYOI068o5CR6fvXoA3AH
9sRBBS2eL/ChguepAZHMqzYqPnS9L+fR0h13ixWBV9dKNV+IYESqjR4zeTESffMM
yAsKfPsVXmk4cUp0EfHbMTkH37Ae0qfF4XEvqF11dMPjUwtNpl2VQpXgknqmbgJi
qV+1BVCqmz/FsJ9HlEcfbSx09MkwpoEFoeL+Tpqo7+Ssarsd
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:23 2025 by rpki-client