Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b951c2-f827-4554-9466-de8fd6e7ecec.roa
File: 83b951c2-f827-4554-9466-de8fd6e7ecec.roa (raw, json)
Hash identifier: 9L057V88nqaLZtV8VXG8sYhKS/bGw9awnf/d+hSHD6g=
Subject key identifier: 20:3F:E1:95:A9:2C:24:2B:38:41:69:CB:95:16:65:D9:B3:80:96:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EAF62BAD654D9B6411BA6C7A9D6E1D2FF3F8D6B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b951c2-f827-4554-9466-de8fd6e7ecec.roa
Signing time: Fri 10 Oct 2025 17:05:03 +0000
ROA not before: Fri 10 Oct 2025 17:05:03 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:af:62:ba:d6:54:d9:b6:41:1b:a6:c7:a9:d6:e1:d2:ff:3f:8d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:05:03 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=d56a775415ccafc1f93a9fb0761a762b06a6c5f2972bf6f58c33efbca64bb0a2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6c:a7:a3:b7:30:5c:fb:3a:2d:ae:77:0c:fa:
9f:de:d4:b8:cd:8e:4c:1f:4a:e1:a5:1f:a7:9b:03:
5f:05:c4:d3:96:02:e4:6a:0f:0e:ce:be:1d:d2:54:
80:1f:75:86:4b:66:0f:47:c3:3a:41:86:7a:da:e3:
96:60:f8:e9:6a:2a:0d:77:48:a1:a9:2d:06:09:90:
40:48:2c:ca:16:57:7a:1e:38:6d:57:a9:45:a5:db:
54:ea:c0:d7:ac:c2:e1:a4:6d:06:36:e1:ae:71:d8:
32:8a:49:78:5f:74:55:28:8d:ff:f2:eb:2c:6c:10:
62:ca:9f:ae:84:f0:cb:5f:95:0a:20:c3:fa:4e:c8:
20:8f:01:4f:0f:84:10:a6:0c:59:b9:6b:73:c6:77:
5c:af:6e:09:4c:fe:c1:e0:f5:5c:e1:7f:41:8b:be:
64:3a:fc:61:7d:76:59:57:20:9e:92:7f:67:d3:23:
5d:7b:02:64:8a:9c:ff:92:44:ed:9a:66:6f:74:16:
79:2a:f9:ce:71:1a:56:2b:aa:6e:d3:dd:dd:49:15:
a5:9a:f7:f6:32:46:a1:2d:47:f2:77:75:03:f1:cc:
25:8a:b7:12:6d:4e:fe:4b:f7:76:dd:67:e6:49:df:
36:da:c8:b0:a8:95:d5:fb:12:4e:67:61:b4:16:ac:
1b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:3F:E1:95:A9:2C:24:2B:38:41:69:CB:95:16:65:D9:B3:80:96:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b951c2-f827-4554-9466-de8fd6e7ecec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:9000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:ea:3d:ff:5f:9a:96:a4:df:4d:53:ff:c8:49:d8:01:3b:63:
7e:6e:9d:f7:a1:50:13:8c:7c:df:24:2f:9d:ab:78:b8:47:09:
d9:ce:d9:aa:99:2c:09:e2:0e:58:07:9b:6a:32:21:71:96:18:
c3:1c:b1:f6:f4:96:2b:53:56:34:29:88:f8:8f:44:75:ea:37:
d1:a4:94:67:05:7e:c7:38:a8:4e:09:68:d4:75:41:c8:62:a4:
a4:0a:b2:36:a3:84:8d:e6:bf:ba:61:49:53:c1:5e:f9:34:00:
0b:b1:80:a8:85:44:cf:d3:b6:da:ca:0a:ad:70:dc:bc:9a:09:
2d:a3:33:d3:a9:8b:bb:3d:b3:3d:79:21:8b:31:66:9d:cc:e7:
0c:e0:bf:dd:cd:88:7c:48:14:45:fb:2d:43:a9:ca:89:b3:72:
e9:17:f7:08:bf:74:d8:cd:7f:83:cb:7c:cb:a5:fd:d8:d8:09:
50:59:41:07:bc:74:cf:d5:e5:59:77:14:92:d9:56:37:d1:f5:
e3:31:93:8f:8e:4e:9c:6c:2a:ae:9c:2a:66:bc:01:8f:f3:99:
f5:55:7e:c5:08:ec:ba:cd:83:64:d7:5d:87:1c:bf:e4:18:20:
c5:6b:af:fb:d3:ba:be:10:95:88:06:fb:76:7f:39:9a:e0:e7:
c2:5b:c5:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDq9iutZU2bZBG6bHqdbh0v8/jWswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzA1MDNaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1NmE3NzU0MTVjY2FmYzFmOTNhOWZiMDc2MWE3NjJiMDZhNmM1ZjI5NzJi
ZjZmNThjMzNlZmJjYTY0YmIwYTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJsp6O3MFz7Oi2udwz6n97UuM2OTB9K4aUfp5sDXwXE05YC5GoPDs6+HdJU
gB91hktmD0fDOkGGetrjlmD46WoqDXdIoaktBgmQQEgsyhZXeh44bVepRaXbVOrA
16zC4aRtBjbhrnHYMopJeF90VSiN//LrLGwQYsqfroTwy1+VCiDD+k7III8BTw+E
EKYMWblrc8Z3XK9uCUz+weD1XOF/QYu+ZDr8YX12WVcgnpJ/Z9MjXXsCZIqc/5JE
7Zpmb3QWeSr5znEaViuqbtPd3UkVpZr39jJGoS1H8nd1A/HMJYq3Em1O/kv3dt1n
5knfNtrIsKiV1fsSTmdhtBasG/kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQgP+GV
qSwkKzhBacuVFmXZs4CWIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODNiOTUxYzItZjgyNy00NTU0LTk0NjYtZGU4ZmQ2ZTdlY2VjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC76j3/X5qWpN9NU//ISdgBO2N+bp33oVATjHzf
JC+dq3i4RwnZztmqmSwJ4g5YB5tqMiFxlhjDHLH29JYrU1Y0KYj4j0R16jfRpJRn
BX7HOKhOCWjUdUHIYqSkCrI2o4SN5r+6YUlTwV75NAALsYCohUTP07baygqtcNy8
mgktozPTqYu7PbM9eSGLMWadzOcM4L/dzYh8SBRF+y1DqcqJs3LpF/cIv3TYzX+D
y3zLpf3Y2AlQWUEHvHTP1eVZdxSS2VY30fXjMZOPjk6cbCqunCpmvAGP85n1VX7F
COy6zYNk112HHL/kGCDFa6/707q+EJWIBvt2fzma4OfCW8Wz
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:31 2025 by rpki-client