Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
File: 8615f258-46a8-450c-972c-84b27581bb43.roa (raw, json)
Hash identifier: F4z5UK3XxfDjXSaE0Y8HIDhogle70c2YZYL6eDFTSYM=
Subject key identifier: 0F:5A:CC:FA:46:83:7B:79:89:7F:32:E4:97:02:5C:6E:4F:14:71:EA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DFD69D45A729AF1E5D0D77C0F5516889D879F4D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
Signing time: Fri 26 Sep 2025 20:00:59 +0000
ROA not before: Fri 26 Sep 2025 20:00:59 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:fd:69:d4:5a:72:9a:f1:e5:d0:d7:7c:0f:55:16:88:9d:87:9f:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:00:59 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=1c38fe93fe04f6b323d58f2b9341e317d03eadaf4b57975239fc5725d7a717fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:00:fc:1c:13:ef:b5:91:1e:99:7b:5d:cc:80:
38:e7:bb:42:4d:6c:d1:31:41:ab:c0:7a:29:7a:fb:
56:30:c5:3a:65:9e:d2:63:85:d7:4b:d5:e7:99:2c:
b8:10:2b:46:0b:42:d4:7b:e0:d3:14:30:08:d9:e8:
30:ef:2c:2e:2f:c0:ad:4c:51:1b:6d:00:f1:50:2d:
81:ef:b3:eb:69:15:15:7c:f4:fd:2b:0e:53:16:48:
b9:11:d8:5f:10:e3:c4:95:11:71:ca:c2:b5:64:3d:
62:c8:6b:16:ef:06:c4:da:e6:16:fd:36:4e:4f:2f:
7b:bc:75:c7:85:58:28:88:6d:77:30:67:fa:15:ff:
34:11:12:9d:18:a7:a3:d9:b4:bd:f0:c3:7d:d4:de:
c5:3a:c0:47:ca:08:18:31:e3:88:55:f6:9d:f1:15:
a7:05:38:5a:ec:d3:f8:9f:59:fd:f4:c8:e2:0d:05:
b2:e0:12:8d:33:b9:3a:4f:79:34:d0:4c:73:6b:82:
09:cc:12:d5:3e:38:24:53:53:97:c8:0a:aa:26:c8:
37:65:e2:51:57:9e:f2:5c:e4:c9:1f:8d:47:23:8e:
8a:9c:ce:18:9b:5a:ea:31:d2:3a:9b:26:e8:20:e1:
55:9e:b5:ca:aa:79:14:ef:9c:26:96:50:97:56:d0:
9b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:5A:CC:FA:46:83:7B:79:89:7F:32:E4:97:02:5C:6E:4F:14:71:EA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/36
Signature Algorithm: sha256WithRSAEncryption
95:43:df:89:36:5c:89:1d:0b:4d:20:e1:92:0a:d8:9b:be:6d:
68:66:10:e3:8b:a1:85:ac:20:32:35:6b:29:f9:e6:85:84:62:
e5:28:92:7d:57:0c:b3:b3:e8:97:a4:be:3a:16:02:4b:08:d3:
86:47:eb:5d:af:1b:68:e7:da:03:20:90:28:85:49:f6:b3:44:
50:03:d6:80:5e:c1:d2:32:40:ca:3e:71:c3:ac:a5:1d:94:31:
ca:c0:f6:2b:29:92:a7:0d:e9:cb:13:10:59:34:9e:b2:af:5f:
9f:4d:9f:46:25:40:95:fa:bc:24:79:58:3e:da:ca:9e:59:88:
f4:c9:0a:fb:89:6f:45:3b:f9:5b:1d:d9:40:fa:6a:bf:e1:6f:
7f:c9:7f:cc:30:12:b1:85:ef:a2:df:b6:42:fc:65:41:72:ac:
fe:5e:e2:da:f5:ac:fa:f4:7a:7e:e7:12:d8:6e:25:33:3f:81:
ee:45:93:ef:6d:45:75:e2:a2:1f:0f:a2:e2:a1:95:88:97:79:
fb:c2:e7:95:3d:73:38:c1:4c:66:6d:52:15:af:30:46:25:eb:
35:53:ce:eb:43:e0:f4:4c:e3:8e:31:bb:5d:5f:2f:f4:14:7a:
df:c9:74:50:61:e3:5a:c6:0e:ec:64:83:65:a4:a6:85:f1:aa:
fb:f9:02:db
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHf1p1FpymvHl0Nd8D1UWiJ2Hn00wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAwNTlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjMzhmZTkzZmUwNGY2YjMyM2Q1OGYyYjkzNDFlMzE3ZDAzZWFkYWY0YjU3
OTc1MjM5ZmM1NzI1ZDdhNzE3ZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8A/BwT77WRHpl7XcyAOOe7Qk1s0TFBq8B6KXr7VjDFOmWe0mOF10vV55ks
uBArRgtC1Hvg0xQwCNnoMO8sLi/ArUxRG20A8VAtge+z62kVFXz0/SsOUxZIuRHY
XxDjxJURccrCtWQ9YshrFu8GxNrmFv02Tk8ve7x1x4VYKIhtdzBn+hX/NBESnRin
o9m0vfDDfdTexTrAR8oIGDHjiFX2nfEVpwU4WuzT+J9Z/fTI4g0FsuASjTO5Ok95
NNBMc2uCCcwS1T44JFNTl8gKqibIN2XiUVee8lzkyR+NRyOOipzOGJta6jHSOpsm
6CDhVZ61yqp5FO+cJpZQl1bQm1cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQPWsz6
RoN7eYl/MuSXAlxuTxRx6jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODYxNWYyNTgtNDZhOC00NTBjLTk3MmMtODRiMjc1ODFiYjQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQCVQ9+JNlyJHQtNIOGSCtibvm1oZhDji6GFrCAy
NWsp+eaFhGLlKJJ9Vwyzs+iXpL46FgJLCNOGR+tdrxto59oDIJAohUn2s0RQA9aA
XsHSMkDKPnHDrKUdlDHKwPYrKZKnDenLExBZNJ6yr1+fTZ9GJUCV+rwkeVg+2sqe
WYj0yQr7iW9FO/lbHdlA+mq/4W9/yX/MMBKxhe+i37ZC/GVBcqz+XuLa9az69Hp+
5xLYbiUzP4HuRZPvbUV14qIfD6LioZWIl3n7wueVPXM4wUxmbVIVrzBGJes1U87r
Q+D0TOOOMbtdXy/0FHrfyXRQYeNaxg7sZINlpKaF8ar7+QLb
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:47 2025 by rpki-client