Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
File: 8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa (raw, json)
Hash identifier: 2xs4Vvp3URa8IjM/Wki3QqGgFIv8O9WTi/1yU4pe104=
Subject key identifier: DD:71:D9:9C:52:95:9E:45:95:04:9C:6A:31:9F:29:CA:AF:1C:C8:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6ADEBBEFE4C987E14E75F85CCD4D098A9A2B668B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
Signing time: Fri 26 Sep 2025 20:10:06 +0000
ROA not before: Fri 26 Sep 2025 20:10:06 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:de:bb:ef:e4:c9:87:e1:4e:75:f8:5c:cd:4d:09:8a:9a:2b:66:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:10:06 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=5ba2463f493f5ba7795caa6e325b7890eef1cc541844918c6197b962e88319fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b1:ff:23:8c:be:fd:a3:b5:b1:04:e7:c3:8d:
c5:d9:79:6c:53:96:9a:e4:24:25:54:62:26:5a:d6:
62:89:45:4f:d2:46:5a:e0:48:24:81:2b:02:43:c8:
a0:bb:5d:85:9c:d3:c1:a5:1a:dc:22:8c:c4:31:7f:
a4:75:4e:63:2b:ff:75:43:24:87:d8:34:0d:60:83:
44:e6:c1:19:09:3e:28:e6:2f:a4:fb:6d:2e:58:33:
4e:a0:aa:2b:a5:e4:bb:3f:47:b0:9d:4d:38:b1:31:
92:7a:19:52:c4:00:99:41:2c:a2:1b:ae:db:03:68:
07:20:16:5a:b9:69:13:d4:d4:b9:ab:e0:14:71:9e:
3f:ec:65:92:66:a7:8a:fc:88:f6:b1:14:6e:2b:d3:
00:04:2d:28:a7:a3:98:8a:99:83:0a:31:83:35:89:
e4:61:4b:8f:d9:ee:1c:02:04:21:a8:76:4d:4d:be:
7a:0f:36:1a:b4:69:09:16:b1:df:e4:8b:c7:8a:8f:
0d:fb:08:30:6e:92:2f:7d:ea:b2:ae:72:4b:fd:76:
a6:37:a7:48:ee:07:df:94:d1:15:ed:20:21:42:e1:
5a:53:d1:39:af:1d:11:39:ac:62:0c:b3:bd:72:a8:
2f:25:78:ac:81:4a:bf:73:42:f2:0c:d4:57:37:e9:
4c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:71:D9:9C:52:95:9E:45:95:04:9C:6A:31:9F:29:CA:AF:1C:C8:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028::/36
Signature Algorithm: sha256WithRSAEncryption
0d:ed:34:60:0e:d6:c3:e0:09:f8:01:12:62:fc:65:44:5d:dc:
7b:57:ae:f8:9a:0b:e1:3c:3c:43:dc:68:24:e9:b7:54:97:06:
3a:40:50:25:02:12:70:eb:44:e9:54:7c:6a:da:cf:c8:b4:13:
f4:48:64:d5:87:d9:af:59:f5:1e:a9:7d:7c:a5:35:12:68:4f:
77:47:29:c4:3b:b3:27:c1:43:58:2f:ba:25:b3:da:17:bb:8a:
da:42:6f:fa:12:8a:8b:4c:c3:91:31:0c:15:5d:e6:d2:ac:e6:
19:27:22:2d:b6:4a:32:77:46:4a:34:6f:dd:85:98:75:37:4e:
90:6d:27:1f:0f:59:1a:55:cc:64:72:39:c7:63:ac:8e:3d:23:
be:13:a9:e5:ea:06:ff:40:bf:be:ec:a8:8a:5f:b0:33:26:67:
67:a4:eb:95:e3:e4:8c:c1:09:08:15:d1:7b:71:75:dc:8e:72:
b2:19:9c:dd:ee:5f:07:98:d3:b0:67:67:1a:90:b6:75:bd:70:
e4:52:1b:6e:74:6f:c6:be:dc:29:e7:12:8a:11:54:4e:34:ab:
2d:7e:96:34:45:4c:23:f5:9e:32:72:ce:9c:2f:89:68:a2:57:
b7:36:a1:05:0f:a7:45:f9:a2:41:a4:c3:29:54:f0:7d:a1:8d:
b9:1a:69:2c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUat677+TJh+FOdfhczU0JiporZoswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDEwMDZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDViYTI0NjNmNDkzZjViYTc3OTVjYWE2ZTMyNWI3ODkwZWVmMWNjNTQxODQ0
OTE4YzYxOTdiOTYyZTg4MzE5ZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALix/yOMvv2jtbEE58ONxdl5bFOWmuQkJVRiJlrWYolFT9JGWuBIJIErAkPI
oLtdhZzTwaUa3CKMxDF/pHVOYyv/dUMkh9g0DWCDRObBGQk+KOYvpPttLlgzTqCq
K6Xkuz9HsJ1NOLExknoZUsQAmUEsohuu2wNoByAWWrlpE9TUuavgFHGeP+xlkman
ivyI9rEUbivTAAQtKKejmIqZgwoxgzWJ5GFLj9nuHAIEIah2TU2+eg82GrRpCRax
3+SLx4qPDfsIMG6SL33qsq5yS/12pjenSO4H35TRFe0gIULhWlPROa8dETmsYgyz
vXKoLyV4rIFKv3NC8gzUVzfpTJECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdcdmc
UpWeRZUEnGoxnynKrxzITDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODAxNWZkYzQtZTc5ZC00NDAwLWE3ODYtYzcwYWIzZjEwZDJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CgA
MA0GCSqGSIb3DQEBCwUAA4IBAQAN7TRgDtbD4An4ARJi/GVEXdx7V674mgvhPDxD
3Ggk6bdUlwY6QFAlAhJw60TpVHxq2s/ItBP0SGTVh9mvWfUeqX18pTUSaE93RynE
O7MnwUNYL7ols9oXu4raQm/6EoqLTMORMQwVXebSrOYZJyIttkoyd0ZKNG/dhZh1
N06QbScfD1kaVcxkcjnHY6yOPSO+E6nl6gb/QL++7KiKX7AzJmdnpOuV4+SMwQkI
FdF7cXXcjnKyGZzd7l8HmNOwZ2cakLZ1vXDkUhtudG/Gvtwp5xKKEVRONKstfpY0
RUwj9Z4ycs6cL4loole3NqEFD6dF+aJBpMMpVPB9oY25Gmks
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:41 2025 by rpki-client