Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/640a1f52-8635-44af-ae6e-cc941e49e749.roa
File: 640a1f52-8635-44af-ae6e-cc941e49e749.roa (raw, json)
Hash identifier: KJ/wgb/tsGt8dXJueimMmNQh8XlmDBMwS6N4TbJ/zqQ=
Subject key identifier: B5:A6:F6:E6:59:21:A1:2E:92:96:9A:BA:E3:25:25:B3:8C:15:32:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5214AFE46E5F646670D7EAC79AA3683F15A82C39
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/640a1f52-8635-44af-ae6e-cc941e49e749.roa
Signing time: Mon 29 Sep 2025 15:24:14 +0000
ROA not before: Mon 29 Sep 2025 15:24:14 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:6080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:14:af:e4:6e:5f:64:66:70:d7:ea:c7:9a:a3:68:3f:15:a8:2c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 29 15:24:14 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=bcf4c0b53f419beea40007e26b14ffd255360e7763dd2a69ba57c6447f52efee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0b:71:8e:0a:63:a1:9a:37:76:3f:1d:db:27:
36:51:74:44:64:96:7d:36:cd:dd:82:65:a7:86:ec:
52:18:82:6e:b8:b6:b2:c6:91:7e:37:c0:b3:78:5a:
92:58:e0:7a:df:22:19:2d:1d:df:00:3f:e3:8e:83:
51:af:31:6e:70:d9:ed:c5:11:8d:b7:af:f2:29:52:
f2:f7:51:33:ad:65:60:44:64:1b:77:18:24:76:29:
8a:8d:fe:33:5f:7a:19:2a:a5:cc:59:ba:d7:5e:ac:
a7:80:c8:a2:54:11:3f:1c:f1:79:04:de:d4:e7:30:
f1:76:3d:7a:2a:30:e9:cb:50:bf:86:6f:fc:c6:45:
8f:24:c0:6c:4e:46:c5:2a:a0:6b:0b:96:9a:c9:19:
db:08:32:46:b0:a8:2b:21:04:7e:f4:b2:b5:4f:5d:
a5:ff:b0:1d:da:b3:ff:8d:79:92:0b:81:ef:42:0a:
fc:1b:15:af:14:bb:03:53:7f:85:e3:45:74:f1:60:
c3:13:4e:81:e7:b2:b8:d8:64:07:ad:6d:10:b0:00:
f6:0b:5f:ee:52:44:5d:9d:61:0f:35:88:fe:e6:01:
85:42:e1:14:22:a2:56:e1:98:e2:d1:47:82:40:2d:
10:e6:6f:2a:ea:72:d0:77:c4:3b:4b:f5:82:39:d0:
6e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A6:F6:E6:59:21:A1:2E:92:96:9A:BA:E3:25:25:B3:8C:15:32:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/640a1f52-8635-44af-ae6e-cc941e49e749.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6080::/46
Signature Algorithm: sha256WithRSAEncryption
09:04:38:11:48:97:1b:7a:7e:0c:f8:cc:08:15:a7:e5:fa:ed:
88:50:26:1e:28:b6:4c:bd:1b:41:c8:51:dc:01:d7:7c:4e:0e:
16:49:76:3b:93:23:85:5a:81:08:c4:74:40:e8:53:ba:df:4e:
f3:5d:1b:ea:4f:0d:b8:4b:7d:bc:67:9f:4f:1f:31:30:90:eb:
d3:f7:b8:62:c6:e7:90:45:cb:12:28:7c:19:67:5e:df:0b:b1:
b3:7a:f3:cb:40:a2:d4:4e:75:c3:4c:5b:b8:40:63:33:f7:5c:
b5:fa:90:39:c2:8f:8c:2e:ef:d0:0a:cd:f8:55:b9:02:99:34:
ce:3a:37:f5:2e:6c:34:eb:94:47:44:86:c7:d6:0a:69:77:90:
11:25:43:86:45:81:24:24:9b:5a:fd:f7:f9:e9:76:84:8e:70:
34:13:39:ef:69:a3:92:1a:5f:28:62:d0:78:78:22:b5:73:a4:
7f:da:bf:0c:ba:7b:17:86:22:de:8f:4a:fb:8a:56:f2:b5:41:
a6:32:12:3e:cf:1c:67:d6:cc:1a:09:90:04:7c:d4:03:a2:68:
31:5d:a7:94:8f:47:ca:88:5b:21:eb:b2:1d:f1:c6:45:25:0f:
67:b3:2a:d4:73:c0:60:41:e0:2b:bb:12:a8:11:25:e5:99:3e:
76:26:0a:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUhSv5G5fZGZw1+rHmqNoPxWoLDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjkxNTI0MTRaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjZjRjMGI1M2Y0MTliZWVhNDAwMDdlMjZiMTRmZmQyNTUzNjBlNzc2M2Rk
MmE2OWJhNTdjNjQ0N2Y1MmVmZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMLcY4KY6GaN3Y/HdsnNlF0RGSWfTbN3YJlp4bsUhiCbri2ssaRfjfAs3ha
kljget8iGS0d3wA/446DUa8xbnDZ7cURjbev8ilS8vdRM61lYERkG3cYJHYpio3+
M196GSqlzFm6116sp4DIolQRPxzxeQTe1Ocw8XY9eiow6ctQv4Zv/MZFjyTAbE5G
xSqgawuWmskZ2wgyRrCoKyEEfvSytU9dpf+wHdqz/415kguB70IK/BsVrxS7A1N/
heNFdPFgwxNOgeeyuNhkB61tELAA9gtf7lJEXZ1hDzWI/uYBhULhFCKiVuGY4tFH
gkAtEOZvKupy0HfEO0v1gjnQbq0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS1pvbm
WSGhLpKWmrrjJSWzjBUydDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjQwYTFmNTItODYzNS00NGFmLWFlNmUtY2M5NDFlNDllNzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
gDANBgkqhkiG9w0BAQsFAAOCAQEACQQ4EUiXG3p+DPjMCBWn5frtiFAmHii2TL0b
QchR3AHXfE4OFkl2O5MjhVqBCMR0QOhTut9O810b6k8NuEt9vGefTx8xMJDr0/e4
YsbnkEXLEih8GWde3wuxs3rzy0Ci1E51w0xbuEBjM/dctfqQOcKPjC7v0ArN+FW5
Apk0zjo39S5sNOuUR0SGx9YKaXeQESVDhkWBJCSbWv33+el2hI5wNBM572mjkhpf
KGLQeHgitXOkf9q/DLp7F4Yi3o9K+4pW8rVBpjISPs8cZ9bMGgmQBHzUA6JoMV2n
lI9HyohbIeuyHfHGRSUPZ7Mq1HPAYEHgK7sSqBEl5Zk+diYK1w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:27 2025 by rpki-client