Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82df8d10-cbc3-4e10-bb57-64c489c9d380.roa
File: 82df8d10-cbc3-4e10-bb57-64c489c9d380.roa (raw, json)
Hash identifier: zXEVGI1wtQ1iOkG3yPuw2AYMbpHuTU9iIUAh8GDdqkI=
Subject key identifier: AC:FB:AF:E4:BD:55:94:36:FD:29:B4:F6:1E:5F:F0:33:76:9B:50:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74596123EF8DAAE42D523FCDFC76FCAAA83D0BC4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82df8d10-cbc3-4e10-bb57-64c489c9d380.roa
Signing time: Fri 17 Oct 2025 21:10:15 +0000
ROA not before: Fri 17 Oct 2025 21:10:15 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:d000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:59:61:23:ef:8d:aa:e4:2d:52:3f:cd:fc:76:fc:aa:a8:3d:0b:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 17 21:10:15 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=6765eef4f747488ba48715e6c9034961314cf64ee0ff779533bf04094a1d1efc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:68:ec:f3:dc:95:55:dd:fe:52:0b:87:dc:d6:
e0:85:a4:d9:e6:f5:91:bb:47:d5:d8:99:c7:ee:71:
88:5d:43:59:d5:ff:22:70:17:cb:07:44:d0:ae:e1:
05:50:ae:73:d9:6f:58:26:05:3b:21:4c:78:40:1d:
80:db:8d:a7:30:30:75:2b:a1:92:db:0a:0a:52:d5:
cd:f4:4e:f5:1e:42:ca:fd:84:19:74:3b:0b:ce:72:
46:0a:95:6e:5d:51:97:32:db:b1:b4:b1:82:4a:d9:
a3:37:34:d2:f6:73:cd:74:48:cc:65:30:89:1d:34:
7b:e7:32:42:07:3c:8e:6c:5e:15:f8:25:91:66:e4:
d9:0e:b0:11:3e:54:76:cb:f4:98:a3:84:b5:70:5a:
7a:84:2c:4b:af:a3:95:ac:ba:23:b8:49:27:84:7b:
1c:05:ca:64:f9:bb:ae:8e:b8:cf:6f:f4:cb:3d:fa:
ea:20:b1:3c:41:87:36:84:5b:f6:10:b6:9c:f4:97:
ce:51:54:93:d5:fb:e3:d1:f5:8d:35:1c:ff:83:92:
3e:64:3d:58:f0:cf:17:3f:3c:46:cf:f5:9d:3f:f9:
dd:f7:18:f5:50:59:7e:0d:7b:e0:a5:7b:21:73:3a:
9f:4f:3e:ff:d2:ef:0c:98:08:ce:90:6b:67:33:93:
ea:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FB:AF:E4:BD:55:94:36:FD:29:B4:F6:1E:5F:F0:33:76:9B:50:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82df8d10-cbc3-4e10-bb57-64c489c9d380.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:d000::/48
Signature Algorithm: sha256WithRSAEncryption
30:58:01:a3:e4:ff:57:44:b8:88:69:15:35:47:e6:09:50:06:
5d:f3:ee:1a:20:98:78:c8:50:eb:d5:8b:22:99:ed:02:39:72:
58:40:c0:16:19:71:47:04:db:19:ce:a5:f1:58:c5:f4:75:fa:
2d:77:e3:b2:39:f5:97:b8:2e:7c:6a:8b:1f:7a:96:22:bc:71:
c3:59:f6:f8:d4:e9:06:1b:d7:57:af:f7:c9:3a:82:d6:fd:09:
21:5b:a5:e4:7e:8d:33:9f:9d:63:1c:fa:b3:8a:8f:8a:d0:20:
0e:46:50:d3:58:8b:50:9d:54:77:01:a1:51:48:78:0a:cb:d2:
28:67:5e:a5:c9:58:21:99:71:a0:81:07:35:e3:3d:f8:c3:61:
b7:f5:09:65:f7:d0:63:5b:22:4d:ef:97:be:e8:9f:77:26:14:
7b:50:e8:d4:68:c7:1d:bb:02:61:cf:38:ae:10:10:8b:19:04:
91:72:c6:dc:12:35:23:26:65:a9:c2:a2:cb:2c:21:5c:ae:e5:
e4:8e:c0:84:67:92:17:d8:6c:84:fa:c2:67:8f:4e:39:db:d6:
c6:b9:92:45:3c:7c:a0:c4:ac:c3:13:b6:ce:7e:71:cf:b4:e0:
1f:bd:58:c7:1d:00:f7:60:3e:43:26:58:83:8b:45:0b:61:c3:
48:81:2c:18
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdFlhI++NquQtUj/N/Hb8qqg9C8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTcyMTEwMTVaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3NjVlZWY0Zjc0NzQ4OGJhNDg3MTVlNmM5MDM0OTYxMzE0Y2Y2NGVlMGZm
Nzc5NTMzYmYwNDA5NGExZDFlZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJto7PPclVXd/lILh9zW4IWk2eb1kbtH1diZx+5xiF1DWdX/InAXywdE0K7h
BVCuc9lvWCYFOyFMeEAdgNuNpzAwdSuhktsKClLVzfRO9R5Cyv2EGXQ7C85yRgqV
bl1RlzLbsbSxgkrZozc00vZzzXRIzGUwiR00e+cyQgc8jmxeFfglkWbk2Q6wET5U
dsv0mKOEtXBaeoQsS6+jlay6I7hJJ4R7HAXKZPm7ro64z2/0yz366iCxPEGHNoRb
9hC2nPSXzlFUk9X749H1jTUc/4OSPmQ9WPDPFz88Rs/1nT/53fcY9VBZfg174KV7
IXM6n08+/9LvDJgIzpBrZzOT6qUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSs+6/k
vVWUNv0ptPYeX/AzdptQUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODJkZjhkMTAtY2JjMy00ZTEwLWJiNTctNjRjNDg5YzlkMzgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GzQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAMFgBo+T/V0S4iGkVNUfmCVAGXfPuGiCYeMhQ
69WLIpntAjlyWEDAFhlxRwTbGc6l8VjF9HX6LXfjsjn1l7gufGqLH3qWIrxxw1n2
+NTpBhvXV6/3yTqC1v0JIVul5H6NM5+dYxz6s4qPitAgDkZQ01iLUJ1UdwGhUUh4
CsvSKGdepclYIZlxoIEHNeM9+MNht/UJZffQY1siTe+XvuifdyYUe1Do1GjHHbsC
Yc84rhAQixkEkXLG3BI1IyZlqcKiyywhXK7l5I7AhGeSF9hshPrCZ49OOdvWxrmS
RTx8oMSswxO2zn5xz7TgH71Yxx0A92A+QyZYg4tFC2HDSIEsGA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:28 2025 by rpki-client