Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa
File: 8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa (raw, json)
Hash identifier: fB7nJt2nsLHEC2cUY4VXlfxNYMlX3f1mGkJ0x6sUfGk=
Subject key identifier: 66:38:24:91:6A:62:F5:21:AF:07:3E:1C:D8:0C:25:43:66:64:8D:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53E277D93AB616209303A6C287EF09B3F0D9CA33
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa
Signing time: Mon 06 Oct 2025 18:01:05 +0000
ROA not before: Mon 06 Oct 2025 18:01:05 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:e2:77:d9:3a:b6:16:20:93:03:a6:c2:87:ef:09:b3:f0:d9:ca:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:01:05 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=7c3da88c9bf3d63ce8b1ba793e33b03c768b6630fadb709440aff7923e688314, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b4:e5:5b:9d:30:51:9a:7e:62:6e:aa:b1:ab:
f4:47:0f:06:28:01:6b:15:44:7c:b5:bf:f5:9e:43:
ec:e9:9e:db:70:1c:95:0a:a2:30:6e:93:a7:82:9c:
f6:b0:ce:ab:58:18:1c:12:fc:35:2d:c9:22:42:79:
c1:ee:f5:57:3b:99:a1:e5:b8:0c:5a:41:8f:59:d9:
e7:16:67:b4:28:40:1e:43:1a:3d:59:29:f7:40:de:
15:d8:b1:85:af:f3:f7:77:cc:44:6c:34:e5:b3:0b:
54:22:bf:17:89:de:50:3a:c3:f0:4f:27:ce:ef:46:
5d:9e:e7:88:de:f7:17:87:d5:cf:2b:fc:0a:dd:b3:
c0:57:30:5e:b5:87:3f:00:ae:42:2f:79:ba:c8:c6:
0b:78:a0:3c:8e:d8:7f:5f:4f:19:fd:0d:da:c3:b0:
09:57:2c:3f:47:8c:51:71:c4:89:65:71:ab:32:d3:
a3:74:8a:3b:07:d6:24:37:3f:43:14:67:1a:3a:ff:
7b:b0:59:9e:28:af:b5:07:ef:a2:01:36:ef:4a:bc:
c9:62:d8:34:16:7c:c6:af:2a:06:1b:fd:8d:6d:62:
c6:17:42:9e:87:d9:be:7c:7c:7e:fc:d6:0e:69:ae:
39:5e:06:b7:85:aa:80:54:42:8a:b3:51:3e:ea:4c:
6a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:38:24:91:6A:62:F5:21:AF:07:3E:1C:D8:0C:25:43:66:64:8D:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8000::/40
Signature Algorithm: sha256WithRSAEncryption
05:fb:09:e1:91:da:ca:46:4b:d9:23:11:d4:37:21:73:73:1a:
7f:ce:44:3a:cc:b0:da:a1:c8:b7:ea:3a:2a:f0:65:a1:49:b9:
33:41:60:20:2e:06:97:21:cf:17:56:0a:4c:9e:64:da:34:d4:
45:46:b6:3f:75:64:12:0c:71:76:f0:c7:d1:04:a1:90:2c:1a:
a9:ee:a1:7e:b4:5e:46:2b:0b:1a:70:9e:2c:1f:9c:06:be:7b:
ba:5a:23:38:6e:57:45:ca:1e:18:be:a2:e6:ce:84:36:62:2d:
48:a8:3a:57:f8:bb:4e:28:61:37:63:14:e1:08:ac:a9:c3:32:
0f:05:0a:ad:dc:d8:d5:c7:a7:9a:99:2d:6b:20:f6:a6:f4:1f:
27:02:d4:29:97:b5:02:c4:dd:23:ae:c6:1e:68:0b:5f:99:41:
42:0e:88:a0:83:79:c3:f2:4b:7c:92:be:64:9f:e4:43:cd:e1:
f7:e3:bf:60:c6:9f:f8:87:09:1a:d7:21:d4:b3:b2:9b:6e:62:
51:c3:98:d8:be:77:45:f6:05:29:82:58:2d:58:a0:55:73:ed:
d1:f3:88:f8:e6:5d:a2:2c:fe:2c:f8:88:ac:62:19:fc:a7:93:
3e:73:3d:eb:b2:77:81:c2:61:ca:7c:82:a9:fa:bb:fa:64:bc:
3c:7b:32:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUU+J32Tq2FiCTA6bCh+8Js/DZyjMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAxMDVaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjM2RhODhjOWJmM2Q2M2NlOGIxYmE3OTNlMzNiMDNjNzY4YjY2MzBmYWRi
NzA5NDQwYWZmNzkyM2U2ODgzMTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKm05VudMFGafmJuqrGr9EcPBigBaxVEfLW/9Z5D7Ome23AclQqiMG6Tp4Kc
9rDOq1gYHBL8NS3JIkJ5we71VzuZoeW4DFpBj1nZ5xZntChAHkMaPVkp90DeFdix
ha/z93fMRGw05bMLVCK/F4neUDrD8E8nzu9GXZ7niN73F4fVzyv8Ct2zwFcwXrWH
PwCuQi95usjGC3igPI7Yf19PGf0N2sOwCVcsP0eMUXHEiWVxqzLTo3SKOwfWJDc/
QxRnGjr/e7BZniivtQfvogE270q8yWLYNBZ8xq8qBhv9jW1ixhdCnofZvnx8fvzW
DmmuOV4Gt4WqgFRCirNRPupMat8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRmOCSR
amL1Ia8HPhzYDCVDZmSNuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGY2Y2FiNmYtNDRiZS00ZjgwLTkwNDAtYzJmOWFiMGUwNTc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOA
MA0GCSqGSIb3DQEBCwUAA4IBAQAF+wnhkdrKRkvZIxHUNyFzcxp/zkQ6zLDaoci3
6joq8GWhSbkzQWAgLgaXIc8XVgpMnmTaNNRFRrY/dWQSDHF28MfRBKGQLBqp7qF+
tF5GKwsacJ4sH5wGvnu6WiM4bldFyh4YvqLmzoQ2Yi1IqDpX+LtOKGE3YxThCKyp
wzIPBQqt3NjVx6eamS1rIPam9B8nAtQpl7UCxN0jrsYeaAtfmUFCDoigg3nD8kt8
kr5kn+RDzeH3479gxp/4hwka1yHUs7KbbmJRw5jYvndF9gUpglgtWKBVc+3R84j4
5l2iLP4s+IisYhn8p5M+cz3rsneBwmHKfIKp+rv6ZLw8ezLX
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:21 2025 by rpki-client