Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
File: 6e236a15-c957-4409-8a2a-3a19150d1b43.roa (raw, json)
Hash identifier: KbhQh0KwaSoWJ+Vt1vPnpr84P0YgMJaJw8nT/Skq+HU=
Subject key identifier: 52:2A:C7:C2:3B:05:DD:EA:03:35:B3:E3:58:0E:F7:11:9D:4B:F2:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2BF6B13D9D7B1BF06D41F7C422BDB78ED7F741CF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
Signing time: Mon 13 Oct 2025 17:55:53 +0000
ROA not before: Mon 13 Oct 2025 17:55:53 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:f6:b1:3d:9d:7b:1b:f0:6d:41:f7:c4:22:bd:b7:8e:d7:f7:41:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:55:53 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=4b33810db87ca132d959ac5b964378abc0c210a248a5df921f301533c6aabfbd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:41:9e:09:0c:f0:c8:86:bc:f4:54:55:2a:43:
0c:44:b7:16:f8:11:e7:7b:1c:17:44:28:87:a5:d6:
57:c1:bd:d5:db:0a:5f:12:6f:4b:b7:13:d8:7b:48:
94:dd:0a:63:17:a0:24:2f:45:ed:68:ae:8a:be:eb:
e1:35:62:8d:22:51:fd:e1:ad:4d:b4:15:47:b6:b0:
61:eb:e1:bd:47:2c:62:da:79:45:6f:fe:8d:27:60:
3e:c8:7f:b8:4c:a3:fc:7b:1e:76:4f:10:90:fa:76:
46:2f:3b:61:d5:8b:3c:da:83:3c:2b:cc:d8:ac:fd:
58:cd:c6:87:2e:21:40:36:31:ca:6c:ed:c7:98:7c:
c1:a3:e4:64:4f:a6:44:3d:1b:5f:0b:6b:55:56:42:
fb:24:54:f0:d0:4e:65:3c:18:58:c8:27:1a:8b:0b:
8c:89:96:5b:d0:5a:c0:18:6c:27:dc:e3:73:e2:1d:
da:6b:9d:60:88:ba:3a:3e:ee:5f:b0:09:13:04:46:
19:38:e0:01:b6:a9:a8:f2:8c:90:15:15:af:c4:53:
88:36:88:ce:0d:a0:cf:a8:cf:4d:d3:cb:50:1d:ab:
17:a7:26:c8:88:f8:a9:12:e1:9f:d1:3a:a0:b9:9b:
98:23:80:5c:6e:31:b0:c8:49:b4:d1:0f:13:5d:b3:
29:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:2A:C7:C2:3B:05:DD:EA:03:35:B3:E3:58:0E:F7:11:9D:4B:F2:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:9000::/40
Signature Algorithm: sha256WithRSAEncryption
25:f0:bc:80:eb:88:30:23:eb:cd:d3:61:41:0a:c2:74:8e:e2:
3a:1b:01:4e:e0:8b:f4:37:fe:66:cc:97:4c:3f:83:a1:ab:58:
be:b8:cb:f5:4f:61:aa:65:3d:7b:de:9b:8b:2e:e8:e6:81:90:
b9:9d:ac:25:10:78:67:0f:39:5e:e7:4f:70:9c:11:fd:8e:fc:
87:67:e4:33:e1:7d:9f:b6:dc:6e:f3:fb:b1:1c:86:6f:52:18:
cd:a0:5c:d1:19:88:bf:f1:4a:1e:22:8f:06:ef:1a:6c:02:71:
22:2b:74:d0:4a:97:36:9c:b4:c7:36:87:9d:1c:0b:73:82:1d:
e4:11:ea:a7:58:3b:f6:c5:e4:aa:6a:01:22:f0:b1:b7:0f:5f:
5d:2d:dd:99:4d:49:91:16:58:84:3d:53:df:01:36:5a:8f:62:
81:8d:7a:f9:85:d8:ee:19:ff:66:53:3b:b2:98:36:9e:15:8f:
55:b0:0e:72:7e:e1:16:a6:1f:e7:47:61:9f:bb:01:c4:60:8a:
a5:bf:dd:1e:ba:41:66:2b:54:3b:6c:3b:1a:ef:ab:44:75:9b:
0a:e2:96:10:ed:08:04:bb:5a:4b:4b:b5:0e:be:8b:f4:b5:3f:
2e:7d:14:47:2f:0c:ab:2b:e2:f6:65:6c:dd:38:78:d9:f0:b4:
9d:2a:ec:1e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK/axPZ17G/BtQffEIr23jtf3Qc8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU1NTNaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiMzM4MTBkYjg3Y2ExMzJkOTU5YWM1Yjk2NDM3OGFiYzBjMjEwYTI0OGE1
ZGY5MjFmMzAxNTMzYzZhYWJmYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNBngkM8MiGvPRUVSpDDES3FvgR53scF0Qoh6XWV8G91dsKXxJvS7cT2HtI
lN0KYxegJC9F7Wiuir7r4TVijSJR/eGtTbQVR7awYevhvUcsYtp5RW/+jSdgPsh/
uEyj/Hsedk8QkPp2Ri87YdWLPNqDPCvM2Kz9WM3Ghy4hQDYxymztx5h8waPkZE+m
RD0bXwtrVVZC+yRU8NBOZTwYWMgnGosLjImWW9BawBhsJ9zjc+Id2mudYIi6Oj7u
X7AJEwRGGTjgAbapqPKMkBUVr8RTiDaIzg2gz6jPTdPLUB2rF6cmyIj4qRLhn9E6
oLmbmCOAXG4xsMhJtNEPE12zKYECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSKsfC
OwXd6gM1s+NYDvcRnUvyKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUyMzZhMTUtYzk1Ny00NDA5LThhMmEtM2ExOTE1MGQxYjQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAl8LyA64gwI+vN02FBCsJ0juI6GwFO4Iv0N/5m
zJdMP4Ohq1i+uMv1T2GqZT173puLLujmgZC5nawlEHhnDzle509wnBH9jvyHZ+Qz
4X2fttxu8/uxHIZvUhjNoFzRGYi/8UoeIo8G7xpsAnEiK3TQSpc2nLTHNoedHAtz
gh3kEeqnWDv2xeSqagEi8LG3D19dLd2ZTUmRFliEPVPfATZaj2KBjXr5hdjuGf9m
UzuymDaeFY9VsA5yfuEWph/nR2GfuwHEYIqlv90eukFmK1Q7bDsa76tEdZsK4pYQ
7QgEu1pLS7UOvov0tT8ufRRHLwyrK+L2ZWzdOHjZ8LSdKuwe
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:43 2025 by rpki-client