Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
File: 6a2f7401-8559-4633-8579-cca77d6fa971.roa (raw, json)
Hash identifier: qJLGnaroY7yoa2JZdsUlzNJPCiGQMhqWmUYkTbIo5PM=
Subject key identifier: E4:92:04:2F:97:8E:94:17:EC:23:2A:93:5E:1E:81:0C:41:A2:AD:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59579EF5BE07F10115572BC94D92E5E02C984A5F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
Signing time: Fri 26 Sep 2025 20:01:36 +0000
ROA not before: Fri 26 Sep 2025 20:01:36 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:57:9e:f5:be:07:f1:01:15:57:2b:c9:4d:92:e5:e0:2c:98:4a:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:01:36 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=104616124b9be76fd9882113329ebe02beb5b883482600012ab09711af49e244, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:89:0f:8e:83:8a:8e:dc:ba:ba:ba:19:bb:52:
75:0c:be:c7:be:d2:4d:ed:19:08:1f:df:e9:1c:9b:
52:7f:7e:be:00:78:fc:1a:42:b3:21:40:89:08:49:
14:34:b4:b3:e7:9a:be:00:69:03:28:2b:5f:8a:03:
fd:e4:31:34:60:d2:56:c6:1a:fa:03:a1:97:ee:6f:
d9:5f:65:d6:1e:3a:a3:92:03:89:d8:37:6b:6b:79:
53:04:fd:38:f8:0a:f9:f4:83:ad:0f:cd:0a:05:da:
d3:b8:4e:82:af:da:20:7c:67:e7:62:52:87:56:e3:
3b:ea:39:0f:55:a5:c2:b1:fb:ac:79:9b:1a:fb:01:
18:f9:c0:6c:07:cb:87:27:32:c6:62:44:4b:79:1e:
f3:b5:3b:2f:8e:b0:ab:42:43:85:43:79:13:11:0c:
bf:1d:34:8c:0f:b3:23:f2:c0:5a:ed:ff:3d:43:4a:
eb:0b:d9:cf:82:71:2e:8d:f2:2b:35:06:81:44:a6:
b1:78:f4:11:fa:eb:80:66:4e:04:ff:a1:d2:bf:16:
af:e5:0f:8d:ab:8c:7f:30:69:41:42:a0:fe:f3:1f:
a7:b2:f7:66:db:74:54:8f:bf:8a:42:65:91:be:1f:
87:34:e5:e5:02:4c:e7:de:f5:d6:05:bb:17:9f:81:
f9:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:92:04:2F:97:8E:94:17:EC:23:2A:93:5E:1E:81:0C:41:A2:AD:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a::/36
Signature Algorithm: sha256WithRSAEncryption
2f:82:a0:f5:7d:dd:96:1f:0d:28:4c:4f:27:04:6c:6a:35:25:
b0:5c:18:1f:52:9c:7b:11:5e:5f:70:25:ea:99:a7:74:16:38:
53:18:7b:ce:d0:b6:59:f8:5e:fa:df:1e:6a:ee:c5:34:b4:b7:
9c:17:1a:23:0b:04:52:8f:91:6a:c2:5f:5c:45:8c:44:89:15:
13:02:3f:52:b9:6f:49:36:62:5e:08:32:72:c6:a0:8f:89:b5:
6a:8b:84:8c:41:f5:15:1c:dc:ad:22:cb:37:84:7b:3a:47:29:
ec:8f:78:90:13:e1:74:f1:0c:76:fc:9f:21:75:6f:0d:0b:3d:
e9:b5:1c:5d:c4:4e:dc:7b:d6:dc:30:e6:d3:1c:40:2f:d1:4d:
44:68:7e:6d:c6:de:d1:e9:3b:0d:94:57:08:39:6c:97:d0:98:
53:41:74:6e:35:09:bb:86:18:9d:7c:fb:6d:84:73:7f:8a:28:
ad:fd:6b:17:26:5a:43:24:96:6c:bd:36:fc:64:57:6b:0b:b0:
f6:9b:d4:13:cd:2e:de:d0:bc:6b:42:c9:09:27:22:09:ef:7f:
98:fe:59:50:68:29:bd:1e:1a:0e:ac:8e:73:27:03:60:5b:9d:
4c:c8:a3:7e:b5:d5:f4:1e:85:64:93:cc:f8:6a:c8:21:b3:ce:
5c:86:38:be
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWVee9b4H8QEVVyvJTZLl4CyYSl8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAxMzZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwNDYxNjEyNGI5YmU3NmZkOTg4MjExMzMyOWViZTAyYmViNWI4ODM0ODI2
MDAwMTJhYjA5NzExYWY0OWUyNDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+JD46Dio7curq6GbtSdQy+x77STe0ZCB/f6RybUn9+vgB4/BpCsyFAiQhJ
FDS0s+eavgBpAygrX4oD/eQxNGDSVsYa+gOhl+5v2V9l1h46o5IDidg3a2t5UwT9
OPgK+fSDrQ/NCgXa07hOgq/aIHxn52JSh1bjO+o5D1WlwrH7rHmbGvsBGPnAbAfL
hycyxmJES3ke87U7L46wq0JDhUN5ExEMvx00jA+zI/LAWu3/PUNK6wvZz4JxLo3y
KzUGgUSmsXj0EfrrgGZOBP+h0r8Wr+UPjauMfzBpQUKg/vMfp7L3Ztt0VI+/ikJl
kb4fhzTl5QJM59711gW7F5+B+dkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTkkgQv
l46UF+wjKpNeHoEMQaKtHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmEyZjc0MDEtODU1OS00NjMzLTg1NzktY2NhNzdkNmZhOTcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BoA
MA0GCSqGSIb3DQEBCwUAA4IBAQAvgqD1fd2WHw0oTE8nBGxqNSWwXBgfUpx7EV5f
cCXqmad0FjhTGHvO0LZZ+F763x5q7sU0tLecFxojCwRSj5Fqwl9cRYxEiRUTAj9S
uW9JNmJeCDJyxqCPibVqi4SMQfUVHNytIss3hHs6Rynsj3iQE+F08Qx2/J8hdW8N
Cz3ptRxdxE7ce9bcMObTHEAv0U1EaH5txt7R6TsNlFcIOWyX0JhTQXRuNQm7hhid
fPtthHN/iiit/WsXJlpDJJZsvTb8ZFdrC7D2m9QTzS7e0LxrQskJJyIJ73+Y/llQ
aCm9HhoOrI5zJwNgW51MyKN+tdX0HoVkk8z4asghs85chji+
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:20 2025 by rpki-client