Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6027ce14-95d4-4f5a-9a58-52d26678ea8f.roa
File: 6027ce14-95d4-4f5a-9a58-52d26678ea8f.roa (raw, json)
Hash identifier: 99hvG+WXHLHhcYVKAJVIZjYWJ209kfPSN1RXel9nRGA=
Subject key identifier: 4A:D4:22:0A:06:87:09:F1:70:FE:9F:95:FB:C1:54:5B:A3:65:79:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50B29F349683AA70A0178F769DD34B86B11E06EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6027ce14-95d4-4f5a-9a58-52d26678ea8f.roa
Signing time: Mon 29 Sep 2025 15:24:05 +0000
ROA not before: Mon 29 Sep 2025 15:24:05 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:b2:9f:34:96:83:aa:70:a0:17:8f:76:9d:d3:4b:86:b1:1e:06:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 29 15:24:05 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=56016fcda68de994f316ea80cd0ac5fa3f1a7123ec0d75d455a52db0655a8274, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e8:57:68:67:3a:44:de:e0:04:5a:44:03:0f:
bf:d8:e5:61:ba:32:50:57:88:a9:9e:b2:92:b8:9a:
f6:f0:dd:83:51:2b:4e:94:3a:f0:25:84:e3:b6:25:
fb:31:4e:b5:0d:e3:da:18:f7:ed:dc:06:e9:1d:8f:
9e:98:21:a8:a3:e6:38:43:63:28:96:46:73:36:03:
99:04:a1:3c:f3:80:65:c0:99:ff:5d:40:37:97:28:
b0:86:e7:6b:64:7a:72:9c:1f:66:99:cd:cb:b1:a5:
44:41:ba:f4:8b:47:9e:16:3f:98:97:b2:66:d5:13:
71:2a:39:9a:e2:a1:43:be:0e:cd:bb:a2:21:8e:13:
0c:49:20:c1:62:e6:b6:2a:40:cd:30:40:ae:2b:af:
5c:4e:cb:b7:a7:98:1f:40:db:14:2d:82:8c:8f:8c:
3f:c6:9d:d0:e2:91:ac:ea:6b:9f:16:e5:f9:c1:7b:
b9:13:10:b0:03:8e:59:73:2f:12:68:37:9b:e9:77:
6e:e1:64:e9:5f:7d:9b:b2:9f:89:c4:07:fb:c0:63:
ad:7e:1f:e8:73:b1:74:61:1b:c3:4b:63:b7:bd:8d:
fb:4d:b9:3e:68:1e:1a:19:c0:94:08:be:94:9b:77:
cd:9c:5a:4c:92:13:57:a6:c8:d8:c8:cc:b3:88:9c:
ff:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D4:22:0A:06:87:09:F1:70:FE:9F:95:FB:C1:54:5B:A3:65:79:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6027ce14-95d4-4f5a-9a58-52d26678ea8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:8080::/48
Signature Algorithm: sha256WithRSAEncryption
c6:76:85:c0:6a:89:e1:ce:3e:bd:1b:89:af:33:cb:87:2f:fa:
db:63:b7:1f:b1:fc:91:79:7a:76:c8:6a:28:d5:97:2a:dd:89:
25:67:b9:80:15:6d:1f:79:9c:7d:7f:27:95:90:b4:c4:16:97:
c5:48:6f:c5:41:8e:62:54:46:cf:2b:38:04:74:91:ce:84:b9:
ee:1f:7a:0b:cc:02:93:e3:7f:e3:44:7c:09:8e:3a:1b:17:49:
56:8c:7a:c0:7f:62:6d:a9:87:d9:f9:0a:e9:28:66:ee:a6:82:
4b:64:48:f9:6f:56:cc:60:da:65:5d:81:ee:59:4d:b4:ba:af:
8b:4a:de:4d:59:fe:e0:88:96:04:8b:4b:7f:5f:68:2e:b5:dd:
3f:49:9e:3c:15:d7:56:be:ae:4b:19:7e:ae:04:9d:18:39:71:
5e:8f:9a:05:1b:b0:11:84:dd:12:08:ce:11:f9:39:81:56:97:
39:67:ea:ef:4a:24:4b:f5:28:a4:c0:d7:8c:11:04:3c:72:72:
4a:55:86:b2:92:6f:63:db:67:b7:75:03:aa:c9:67:ee:7f:8a:
32:94:9b:85:2e:72:25:2c:8d:30:7f:0b:31:13:ac:3f:77:b4:
40:ce:9b:94:74:cb:68:5c:a0:66:45:5f:72:30:4b:ed:10:c5:
dc:a4:52:ed
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUULKfNJaDqnCgF492ndNLhrEeBuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjkxNTI0MDVaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2MDE2ZmNkYTY4ZGU5OTRmMzE2ZWE4MGNkMGFjNWZhM2YxYTcxMjNlYzBk
NzVkNDU1YTUyZGIwNjU1YTgyNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzoV2hnOkTe4ARaRAMPv9jlYboyUFeIqZ6ykria9vDdg1ErTpQ68CWE47Yl
+zFOtQ3j2hj37dwG6R2PnpghqKPmOENjKJZGczYDmQShPPOAZcCZ/11AN5cosIbn
a2R6cpwfZpnNy7GlREG69ItHnhY/mJeyZtUTcSo5muKhQ74OzbuiIY4TDEkgwWLm
tipAzTBAriuvXE7Lt6eYH0DbFC2CjI+MP8ad0OKRrOprnxbl+cF7uRMQsAOOWXMv
Emg3m+l3buFk6V99m7KficQH+8BjrX4f6HOxdGEbw0tjt72N+025PmgeGhnAlAi+
lJt3zZxaTJITV6bI2MjMs4ic/6kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRK1CIK
BocJ8XD+n5X7wVRbo2V5kTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjAyN2NlMTQtOTVkNC00ZjVhLTlhNTgtNTJkMjY2NzhlYThmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G2A
gDANBgkqhkiG9w0BAQsFAAOCAQEAxnaFwGqJ4c4+vRuJrzPLhy/622O3H7H8kXl6
dshqKNWXKt2JJWe5gBVtH3mcfX8nlZC0xBaXxUhvxUGOYlRGzys4BHSRzoS57h96
C8wCk+N/40R8CY46GxdJVox6wH9ibamH2fkK6Shm7qaCS2RI+W9WzGDaZV2B7llN
tLqvi0reTVn+4IiWBItLf19oLrXdP0mePBXXVr6uSxl+rgSdGDlxXo+aBRuwEYTd
EgjOEfk5gVaXOWfq70okS/UopMDXjBEEPHJySlWGspJvY9tnt3UDqsln7n+KMpSb
hS5yJSyNMH8LMROsP3e0QM6blHTLaFygZkVfcjBL7RDF3KRS7Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:58:59 2025 by rpki-client