Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
File: 62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa (raw, json)
Hash identifier: spL5891MqZnUyBPoe/CI811u8uW8b1hf8/b9nqBwC4Q=
Subject key identifier: 92:F0:9F:FE:30:23:2B:AF:E3:A5:1C:09:D3:C1:81:EB:55:D0:12:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 565BBE525C6D7E491F1B3B7CC5444E83E27A2634
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
Signing time: Fri 26 Sep 2025 18:50:13 +0000
ROA not before: Fri 26 Sep 2025 18:50:13 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:5b:be:52:5c:6d:7e:49:1f:1b:3b:7c:c5:44:4e:83:e2:7a:26:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:50:13 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=d52e1706d4a0a19d1f8bea859d1832c114d34d4dec670e3f89ef35cc03d16a26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b2:d4:fd:ab:49:17:0a:8e:b3:94:23:b3:eb:
25:b9:75:cc:a2:0f:6a:67:2c:0a:56:0b:b9:05:d1:
4f:cf:a9:78:ee:ee:27:b5:91:8c:c1:c2:fe:50:4e:
54:5c:0a:bd:f3:f9:5b:34:ed:99:6c:36:36:17:8e:
a5:f5:6a:ed:69:64:0c:17:8d:c5:eb:ad:1f:17:25:
fc:9b:96:4f:26:53:67:31:7b:89:99:97:56:86:63:
ad:06:a7:61:6c:fe:17:b4:be:0a:85:02:47:7f:3b:
30:ca:73:23:8a:68:2c:4a:37:cb:b6:cc:f9:77:78:
71:7a:42:07:1f:6d:ff:89:90:e2:72:e3:83:94:c0:
0e:9f:b8:25:34:db:f4:5f:e7:03:e1:95:b8:9e:3c:
11:10:8f:06:3f:f3:4c:36:5d:cd:26:f9:10:59:ac:
b1:6e:ac:ed:71:76:68:4b:0b:9d:4c:0d:81:53:47:
de:e7:14:b0:d9:24:f6:f5:05:72:d8:9f:e1:fd:a0:
df:c2:8d:31:47:6e:bd:78:19:82:ce:78:6c:76:32:
79:a4:cd:91:50:2c:27:9f:98:b6:22:9b:87:6d:3d:
e1:f1:fd:3f:6f:47:d6:3b:7e:81:30:27:81:88:be:
d8:49:4d:e3:38:b5:07:0b:83:a5:32:dd:97:d5:be:
d8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F0:9F:FE:30:23:2B:AF:E3:A5:1C:09:D3:C1:81:EB:55:D0:12:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1080::/48
Signature Algorithm: sha256WithRSAEncryption
57:5c:5c:c2:c9:f6:b4:7e:a0:c0:0c:5d:53:e8:90:b9:38:b5:
9e:e2:e9:dd:99:75:70:ad:19:fa:75:9b:d4:e2:ec:d1:ec:1c:
59:52:60:c0:ef:73:5a:12:a6:87:3f:6e:08:9d:08:53:d4:9b:
88:78:65:62:71:3b:d4:70:46:26:4d:97:42:8f:a5:59:c7:52:
a6:57:ee:37:da:ac:d7:86:10:10:6b:23:ab:38:a1:df:51:22:
f4:6c:bf:44:3a:21:a6:5d:73:0f:a0:d3:4f:00:44:e7:8f:f5:
ad:3b:3d:35:0d:7c:fe:6e:8a:b6:34:16:bb:1d:5f:10:a0:21:
22:8e:e1:71:b9:98:99:86:68:fe:11:5a:30:48:bc:20:8d:20:
3c:4b:69:ff:31:77:27:2d:64:99:17:77:e2:f2:81:97:56:94:
31:5e:fe:fc:1a:11:d4:55:11:b0:40:61:4f:c0:48:60:6e:ab:
f5:37:9a:84:99:1c:8a:e4:af:0a:ce:e5:a1:3b:78:9f:ec:61:
64:b7:fc:b4:1c:7c:63:5d:f6:71:e5:ae:d7:9f:ac:0d:9e:93:
04:06:8e:65:8b:91:aa:2d:4a:3c:d5:9d:d4:9a:17:23:2a:0a:
2b:2c:79:a8:ad:ab:a6:93:68:07:55:b4:22:e6:93:68:41:b0:
fe:d8:df:0c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVlu+UlxtfkkfGzt8xUROg+J6JjQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODUwMTNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1MmUxNzA2ZDRhMGExOWQxZjhiZWE4NTlkMTgzMmMxMTRkMzRkNGRlYzY3
MGUzZjg5ZWYzNWNjMDNkMTZhMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyy1P2rSRcKjrOUI7PrJbl1zKIPamcsClYLuQXRT8+peO7uJ7WRjMHC/lBO
VFwKvfP5WzTtmWw2NheOpfVq7WlkDBeNxeutHxcl/JuWTyZTZzF7iZmXVoZjrQan
YWz+F7S+CoUCR387MMpzI4poLEo3y7bM+Xd4cXpCBx9t/4mQ4nLjg5TADp+4JTTb
9F/nA+GVuJ48ERCPBj/zTDZdzSb5EFmssW6s7XF2aEsLnUwNgVNH3ucUsNkk9vUF
ctif4f2g38KNMUduvXgZgs54bHYyeaTNkVAsJ5+YtiKbh2094fH9P29H1jt+gTAn
gYi+2ElN4zi1BwuDpTLdl9W+2CsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSS8J/+
MCMrr+OlHAnTwYHrVdASLTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJmZjRlNWUtOWU2NS00NGZjLWFmN2YtNGU0NDkzNWNlYjQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAV1xcwsn2tH6gwAxdU+iQuTi1nuLp3Zl1cK0Z
+nWb1OLs0ewcWVJgwO9zWhKmhz9uCJ0IU9SbiHhlYnE71HBGJk2XQo+lWcdSplfu
N9qs14YQEGsjqzih31Ei9Gy/RDohpl1zD6DTTwBE54/1rTs9NQ18/m6KtjQWux1f
EKAhIo7hcbmYmYZo/hFaMEi8II0gPEtp/zF3Jy1kmRd34vKBl1aUMV7+/BoR1FUR
sEBhT8BIYG6r9TeahJkciuSvCs7loTt4n+xhZLf8tBx8Y132ceWu15+sDZ6TBAaO
ZYuRqi1KPNWd1JoXIyoKKyx5qK2rppNoB1W0IuaTaEGw/tjfDA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:06 2025 by rpki-client