Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
File: 631196a4-90f5-4760-982e-15fbaf4805ec.roa (raw, json)
Hash identifier: /s6v+AfcWCuMDniObXGfzBHP8ZJg5NhYDCo/fIJPwIs=
Subject key identifier: 4D:C7:A2:34:00:BD:3A:69:96:BE:BF:C9:99:55:69:9F:88:AC:FA:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0666F05185BCC58AAB0883066E28823673E8EFA0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
Signing time: Sun 19 Oct 2025 07:00:05 +0000
ROA not before: Sun 19 Oct 2025 07:00:05 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:66:f0:51:85:bc:c5:8a:ab:08:83:06:6e:28:82:36:73:e8:ef:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 19 07:00:05 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=16ccf4001b64d55fad488a1e2ee32b8dc416538a3fff4077958af95a841ff750, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:96:6c:2e:3d:1b:d5:b4:dd:d0:22:13:38:a5:
6a:45:2c:a9:3a:a8:33:17:ff:14:00:28:53:cc:ad:
cc:3b:76:c9:99:c7:b5:12:67:e1:29:d4:38:cc:d7:
20:27:1b:6c:9a:9a:1e:ad:d2:a1:2b:99:32:9c:f3:
31:9a:30:4f:88:6f:b8:4d:fc:51:d2:0e:65:22:43:
d8:1f:f4:5d:d8:7d:cf:58:80:40:40:9a:0c:2b:1c:
0b:b9:45:a8:80:d8:eb:1d:23:b9:2c:4e:9c:6a:a6:
5a:61:59:cb:1c:7b:44:e4:24:18:d6:3a:2b:b2:03:
3e:9a:04:dd:af:fa:c3:0f:ae:28:af:3b:f7:91:49:
fd:5c:80:6c:f2:86:6c:08:4f:02:78:40:c4:1f:6a:
56:d9:c1:cc:9d:43:35:d7:67:b8:1d:e0:77:8f:c0:
b1:8e:58:cd:d9:e0:36:88:fa:8f:d0:0a:d7:b3:dd:
b8:cf:7b:9a:f6:ba:9b:7a:01:14:35:88:25:c2:2d:
5f:e1:43:f5:3a:14:77:3f:0b:d9:b8:82:e7:f7:f0:
dc:30:b4:8c:74:c3:dc:72:41:da:0e:a1:58:1c:b5:
bc:32:40:a6:7f:b5:e8:6a:24:d2:4f:ab:ad:52:02:
87:b0:79:58:3e:fb:12:78:f2:65:d7:4d:e9:00:e8:
71:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C7:A2:34:00:BD:3A:69:96:BE:BF:C9:99:55:69:9F:88:AC:FA:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020:8000::/36
Signature Algorithm: sha256WithRSAEncryption
c9:7a:55:f6:37:53:0b:1d:97:47:8a:e3:f7:47:4f:17:54:08:
d8:a4:18:c9:b9:05:1e:95:65:91:0e:db:41:a3:27:4e:1a:f6:
16:6e:4a:c0:93:00:b0:6a:5d:78:c1:0d:09:f1:2b:0f:14:18:
df:d1:a7:bb:86:c0:09:e4:00:56:e7:7b:bb:2d:f2:e3:51:0c:
4d:e1:7f:e1:b3:ef:3e:4f:23:89:8c:5f:9c:81:0b:5f:c7:ff:
2c:86:f5:91:90:4d:4c:a1:26:7b:90:54:a2:77:50:5e:98:c8:
42:fc:c6:81:51:33:c5:93:2d:e2:8c:08:64:48:bc:8c:82:7c:
23:9d:e8:c5:bb:68:46:29:52:61:29:45:eb:63:e0:75:11:ce:
7d:d4:2b:0d:7d:32:f4:b3:09:2a:a3:90:a6:b9:d9:8f:02:8d:
b1:ea:8b:b3:73:5a:32:3b:79:b8:f1:34:2d:0a:f8:6b:74:a9:
3f:2c:a5:41:7d:c2:50:94:73:22:2c:53:f5:d8:00:c1:4d:b5:
e7:e9:8d:b6:83:ba:43:53:24:d6:fe:d9:9f:14:88:c5:8d:f1:
6b:29:ce:fd:84:98:22:d9:6a:ee:42:ab:fc:53:73:0f:4e:7b:
98:bf:9e:10:15:9e:3b:43:8a:04:fb:86:55:bf:50:1e:a4:46:
b5:51:99:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBmbwUYW8xYqrCIMGbiiCNnPo76AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTkwNzAwMDVaFw0yNTExMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2Y2NmNDAwMWI2NGQ1NWZhZDQ4OGExZTJlZTMyYjhkYzQxNjUzOGEzZmZm
NDA3Nzk1OGFmOTVhODQxZmY3NTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJaWbC49G9W03dAiEzilakUsqTqoMxf/FAAoU8ytzDt2yZnHtRJn4SnUOMzX
ICcbbJqaHq3SoSuZMpzzMZowT4hvuE38UdIOZSJD2B/0Xdh9z1iAQECaDCscC7lF
qIDY6x0juSxOnGqmWmFZyxx7ROQkGNY6K7IDPpoE3a/6ww+uKK8795FJ/VyAbPKG
bAhPAnhAxB9qVtnBzJ1DNddnuB3gd4/AsY5YzdngNoj6j9AK17PduM97mva6m3oB
FDWIJcItX+FD9ToUdz8L2biC5/fw3DC0jHTD3HJB2g6hWBy1vDJApn+16Gok0k+r
rVICh7B5WD77EnjyZddN6QDocRMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNx6I0
AL06aZa+v8mZVWmfiKz6aTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjMxMTk2YTQtOTBmNS00NzYwLTk4MmUtMTVmYmFmNDgwNWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CCA
MA0GCSqGSIb3DQEBCwUAA4IBAQDJelX2N1MLHZdHiuP3R08XVAjYpBjJuQUelWWR
DttBoydOGvYWbkrAkwCwal14wQ0J8SsPFBjf0ae7hsAJ5ABW53u7LfLjUQxN4X/h
s+8+TyOJjF+cgQtfx/8shvWRkE1MoSZ7kFSid1BemMhC/MaBUTPFky3ijAhkSLyM
gnwjnejFu2hGKVJhKUXrY+B1Ec591CsNfTL0swkqo5CmudmPAo2x6ouzc1oyO3m4
8TQtCvhrdKk/LKVBfcJQlHMiLFP12ADBTbXn6Y22g7pDUyTW/tmfFIjFjfFrKc79
hJgi2WruQqv8U3MPTnuYv54QFZ47Q4oE+4ZVv1AepEa1UZlX
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:30 2025 by rpki-client