Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
File: 9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa (raw, json)
Hash identifier: uYCVfHFYWtnSo4WODDRQk6jJC0oDvo994MhLxSr5Pm8=
Subject key identifier: D8:DD:4F:25:A9:AE:C1:F1:73:44:19:09:54:C0:C7:7C:53:35:AC:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 258F496EB8FB999BA4F8CD5DC9539991986167B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
Signing time: Fri 26 Sep 2025 20:10:17 +0000
ROA not before: Fri 26 Sep 2025 20:10:17 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:8f:49:6e:b8:fb:99:9b:a4:f8:cd:5d:c9:53:99:91:98:61:67:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:10:17 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=9fd81fa6e2759ec470a9f383de49b239b8432ba882fbad47838a55b944ed73de, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fa:e4:29:19:02:dc:63:1d:6c:8a:f4:0d:b5:
32:0e:25:1f:4d:b5:57:3b:e3:00:98:e3:56:fa:79:
9c:4b:a4:f2:4f:6e:23:4b:cc:97:57:da:fb:4c:7c:
0b:21:8d:cc:d7:30:06:4d:a0:52:d3:8a:71:b6:5f:
10:88:e2:4e:14:75:5f:fd:3d:cd:e7:67:2a:0c:94:
76:9b:90:92:c0:14:9a:c6:d4:14:5c:0a:bd:96:13:
d4:01:14:25:5e:06:ed:59:42:7c:e7:12:da:aa:35:
5f:3c:e2:d7:29:6e:be:ce:28:8a:71:b4:3d:d2:ef:
b0:93:a9:7b:d7:82:a9:1c:33:ad:e9:0c:18:a5:00:
ac:0b:7a:c7:4e:fe:c9:c2:4f:b8:ff:bf:37:c6:16:
7d:48:1d:2e:49:a3:b8:e5:d6:96:94:0c:b3:9b:9e:
83:58:04:e9:39:56:29:a1:9e:b4:25:7c:83:8c:c5:
2e:9b:62:11:bb:20:a2:94:2b:86:c0:c2:f8:e9:07:
ab:a8:b7:32:6b:3c:ed:ce:de:a7:f3:07:83:6c:8f:
9e:1a:3e:2f:69:25:ab:65:26:09:fc:61:9f:18:bd:
1c:c1:1c:0e:ae:44:03:a5:36:7c:33:0b:6a:cd:7e:
fb:37:8f:d7:a8:9c:3d:8c:06:8a:ef:c7:52:b1:c2:
e8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DD:4F:25:A9:AE:C1:F1:73:44:19:09:54:C0:C7:7C:53:35:AC:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070::/32
Signature Algorithm: sha256WithRSAEncryption
a4:32:ed:5e:de:58:6e:88:3e:ed:b9:be:2f:a4:33:30:96:b8:
52:53:2f:ff:3c:1c:c2:b0:26:f0:d5:cc:ad:83:d4:00:6c:51:
23:a9:e7:47:70:39:91:b4:55:5d:2d:51:3c:40:64:4b:e2:1e:
94:b4:15:32:9d:14:b4:bb:b6:99:9e:60:32:b2:c3:9d:d4:ce:
4d:74:fa:eb:68:60:30:11:74:2f:6a:70:26:0d:fc:cf:e4:26:
5a:ff:24:24:16:8c:28:b6:46:b2:07:11:c1:fe:1b:b7:19:f0:
70:af:f1:4b:2b:2c:83:50:7c:99:f0:a6:cf:6b:36:21:78:2d:
c1:52:67:78:9d:19:08:1f:13:5a:63:e9:0a:8b:d7:b0:a2:d7:
f2:17:45:9e:d5:99:d6:e5:50:99:25:ca:7f:6f:1c:fb:74:a0:
96:25:54:2a:72:96:f8:3d:e6:54:3f:85:2b:26:90:38:3c:8c:
b7:30:23:9c:58:a1:49:67:12:7e:2b:37:a4:b9:5c:17:8b:8c:
c6:f3:d1:49:30:fd:d1:70:27:ee:8a:3a:bc:a3:9f:38:13:e4:
c1:4b:fa:5f:a4:d4:3a:25:41:65:c6:db:73:f6:13:92:b0:b6:
34:43:9d:fc:f8:9d:2d:6f:d2:3d:e8:0c:c5:0a:93:15:62:cf:
ac:9a:ef:ed
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUJY9Jbrj7mZuk+M1dyVOZkZhhZ7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDEwMTdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmZDgxZmE2ZTI3NTllYzQ3MGE5ZjM4M2RlNDliMjM5Yjg0MzJiYTg4MmZi
YWQ0NzgzOGE1NWI5NDRlZDczZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMz65CkZAtxjHWyK9A21Mg4lH021VzvjAJjjVvp5nEuk8k9uI0vMl1fa+0x8
CyGNzNcwBk2gUtOKcbZfEIjiThR1X/09zednKgyUdpuQksAUmsbUFFwKvZYT1AEU
JV4G7VlCfOcS2qo1Xzzi1yluvs4oinG0PdLvsJOpe9eCqRwzrekMGKUArAt6x07+
ycJPuP+/N8YWfUgdLkmjuOXWlpQMs5ueg1gE6TlWKaGetCV8g4zFLptiEbsgopQr
hsDC+OkHq6i3Mms87c7ep/MHg2yPnho+L2klq2UmCfxhnxi9HMEcDq5EA6U2fDML
as1++zeP16icPYwGiu/HUrHC6E0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTY3U8l
qa7B8XNEGQlUwMd8UzWs9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTExOWEwMWUtMmJiNC00ZDY5LTkzMjUtNWY0YWE4ZmI4YmU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HAw
DQYJKoZIhvcNAQELBQADggEBAKQy7V7eWG6IPu25vi+kMzCWuFJTL/88HMKwJvDV
zK2D1ABsUSOp50dwOZG0VV0tUTxAZEviHpS0FTKdFLS7tpmeYDKyw53Uzk10+uto
YDARdC9qcCYN/M/kJlr/JCQWjCi2RrIHEcH+G7cZ8HCv8UsrLINQfJnwps9rNiF4
LcFSZ3idGQgfE1pj6QqL17Ci1/IXRZ7VmdblUJklyn9vHPt0oJYlVCpylvg95lQ/
hSsmkDg8jLcwI5xYoUlnEn4rN6S5XBeLjMbz0Ukw/dFwJ+6KOryjnzgT5MFL+l+k
1DolQWXG23P2E5KwtjRDnfz4nS1v0j3oDMUKkxViz6ya7+0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:59 2025 by rpki-client