Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
File: 6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa (raw, json)
Hash identifier: Szw26f88W/jzHHgdENMbYjICwgwX9HtyxHq4n6zmcNY=
Subject key identifier: 1B:54:81:F8:28:63:92:3C:E2:C3:59:5B:42:C6:A0:DA:C8:3F:E9:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C37A4858E5DE9F3321862BE5B2D3B7BDC23C3CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
Signing time: Fri 26 Sep 2025 20:01:39 +0000
ROA not before: Fri 26 Sep 2025 20:01:39 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:37:a4:85:8e:5d:e9:f3:32:18:62:be:5b:2d:3b:7b:dc:23:c3:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:01:39 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=04af499238b9ecc191ea1ae9d75e8a4439b1d1910809659b9312c7624f14279a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:79:d1:3c:da:84:25:fb:15:c9:5e:00:7f:c4:
dd:59:65:15:63:bd:b2:c4:81:0d:98:b7:a5:bc:dd:
c3:92:05:79:e0:9c:f6:89:e6:b5:fa:18:08:9b:e6:
17:ec:4f:89:11:8a:5f:48:19:43:63:71:ee:7b:75:
89:d5:79:c9:e8:da:ec:bd:86:bb:90:d8:15:d0:67:
67:3b:9f:e3:2c:2c:6f:32:3b:7c:ee:49:70:8a:13:
07:59:d9:75:3e:5d:dd:db:01:61:b4:e2:08:9a:a7:
a0:9b:b6:04:87:89:eb:f9:50:e3:f2:44:fc:f1:de:
f1:61:2c:f7:00:d1:59:1c:0d:f6:8a:71:29:84:b4:
c7:a7:83:6a:4a:b8:da:b6:5f:44:9e:c6:d5:a9:09:
0e:ce:a7:76:c8:43:d4:31:e7:fa:46:1c:79:40:75:
98:33:70:04:34:97:80:4f:53:fe:dd:4e:83:ae:c2:
d9:17:5d:75:bf:5c:da:39:a7:ee:a3:39:35:5f:36:
2b:8f:c5:70:ba:7b:88:9f:fd:a7:5d:43:06:6d:5a:
a0:81:c4:37:7a:ea:8c:fd:55:30:34:32:a7:f9:8a:
d6:27:c6:6b:2b:e0:b8:b0:3f:95:3b:e7:5e:20:a7:
8a:92:92:df:83:9b:c6:d7:5e:6d:f5:0b:ec:af:bd:
5b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:54:81:F8:28:63:92:3C:E2:C3:59:5B:42:C6:A0:DA:C8:3F:E9:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/36
Signature Algorithm: sha256WithRSAEncryption
ca:94:d2:62:2b:0a:e8:92:6f:6b:2d:97:1f:5d:00:87:77:41:
40:2a:75:c4:a4:7e:1c:7a:ea:fe:a8:54:58:9f:0a:1b:3b:bc:
0c:1a:cd:a6:9d:3a:0f:02:30:34:af:fe:ef:ad:d1:c7:07:59:
96:df:94:2c:ec:a5:91:dd:62:7c:81:2f:b9:e9:5b:b9:0d:b3:
01:fb:10:a7:bf:5d:ae:0c:5d:f1:12:91:7d:df:ee:c0:5f:c8:
28:38:56:0f:4e:60:79:a6:0c:ea:e4:c9:9f:9e:05:68:65:df:
f3:26:c3:73:39:b1:60:c3:39:ac:0d:e7:ce:7b:49:25:66:eb:
45:0c:49:e1:99:18:aa:74:a0:d7:79:79:fc:42:44:24:d9:fb:
03:2e:fd:c9:d9:e3:b6:37:5e:d7:c9:88:50:3f:66:65:fc:09:
59:22:9a:1a:0d:3c:e2:1a:fa:71:e1:5e:20:a9:5b:fc:ba:ce:
f3:b7:f9:62:d6:eb:35:cf:1b:68:b5:a0:1e:d9:4b:4e:13:74:
77:13:02:35:9a:3b:fc:c3:9c:9a:f4:8e:b4:11:fe:8a:71:14:
37:da:d6:13:f7:d8:51:68:d7:13:ee:61:1e:be:b7:3f:6a:80:
34:b7:1f:fd:d9:15:0e:d3:de:64:e1:3a:57:b4:55:42:9a:b1:
38:b0:fe:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULDekhY5d6fMyGGK+Wy07e9wjw8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAxMzlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0YWY0OTkyMzhiOWVjYzE5MWVhMWFlOWQ3NWU4YTQ0MzliMWQxOTEwODA5
NjU5YjkzMTJjNzYyNGYxNDI3OWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANp50TzahCX7FcleAH/E3VllFWO9ssSBDZi3pbzdw5IFeeCc9onmtfoYCJvm
F+xPiRGKX0gZQ2Nx7nt1idV5yeja7L2Gu5DYFdBnZzuf4ywsbzI7fO5JcIoTB1nZ
dT5d3dsBYbTiCJqnoJu2BIeJ6/lQ4/JE/PHe8WEs9wDRWRwN9opxKYS0x6eDakq4
2rZfRJ7G1akJDs6ndshD1DHn+kYceUB1mDNwBDSXgE9T/t1Og67C2Rdddb9c2jmn
7qM5NV82K4/FcLp7iJ/9p11DBm1aoIHEN3rqjP1VMDQyp/mK1ifGayvguLA/lTvn
XiCnipKS34ObxtdebfUL7K+9WxMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQbVIH4
KGOSPOLDWVtCxqDayD/p3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU1OGZhMTctMGNmYy00YTA2LThkNDgtNDdkOTZjMGQ0OWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQDKlNJiKwrokm9rLZcfXQCHd0FAKnXEpH4ceur+
qFRYnwobO7wMGs2mnToPAjA0r/7vrdHHB1mW35Qs7KWR3WJ8gS+56Vu5DbMB+xCn
v12uDF3xEpF93+7AX8goOFYPTmB5pgzq5MmfngVoZd/zJsNzObFgwzmsDefOe0kl
ZutFDEnhmRiqdKDXeXn8QkQk2fsDLv3J2eO2N17XyYhQP2Zl/AlZIpoaDTziGvpx
4V4gqVv8us7zt/li1us1zxtotaAe2UtOE3R3EwI1mjv8w5ya9I60Ef6KcRQ32tYT
99hRaNcT7mEevrc/aoA0tx/92RUO095k4TpXtFVCmrE4sP4T
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:26 2025 by rpki-client