Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa
File: 92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa (raw, json)
Hash identifier: 4TzwopImlP68GUdV3WrzSv8xb8pGY8HIjz0WqjrF/aw=
Subject key identifier: 19:BE:1A:CB:35:AF:A9:F5:93:3C:13:44:4D:45:F0:C8:D8:FD:FF:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DE32BCED1785F8F795F3F7A5779C1C247CAD82E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa
Signing time: Mon 06 Oct 2025 18:00:10 +0000
ROA not before: Mon 06 Oct 2025 18:00:10 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:4040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:e3:2b:ce:d1:78:5f:8f:79:5f:3f:7a:57:79:c1:c2:47:ca:d8:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:00:10 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=4a9f38ecf43aba898e22a7356d62f671c77d71edaf645b8c157bb154defc4cf1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:96:92:83:53:c2:fc:d6:f1:a5:50:af:97:a3:
33:dd:c7:ba:b0:12:8e:f1:b3:7e:48:63:75:33:d3:
be:74:49:e9:91:da:74:04:31:44:6e:3f:3e:9a:6b:
d1:75:c1:57:54:f6:5c:8c:4f:e9:0f:0a:8e:32:e3:
f7:a5:8e:94:0e:34:c4:70:f8:cb:91:de:23:30:dd:
6d:8c:01:56:f1:7b:81:c8:be:fa:e2:99:6d:a8:61:
02:f1:62:89:7c:3d:3c:bc:e8:33:f8:8b:72:07:05:
9d:21:a5:83:74:e0:d1:9a:07:f5:1b:9a:e8:2c:08:
1e:77:56:f9:9b:f1:12:3d:9a:10:bf:b2:cf:72:3f:
21:9a:1f:7d:f1:1d:0e:e8:24:2a:b7:6b:ad:03:c9:
6e:43:e5:4f:23:f0:52:02:0e:59:72:0f:24:0c:bc:
1d:19:23:6e:8a:16:36:6f:b6:90:b9:2b:b6:cb:68:
dc:60:86:b3:bd:03:9a:68:7d:1a:34:e9:d5:20:56:
eb:14:b0:4c:7c:5b:8b:23:2b:5f:a3:88:db:d8:53:
80:21:58:0b:d0:60:82:63:28:87:e1:3e:cf:7c:be:
d2:72:01:c2:28:25:d6:13:c3:72:25:7d:c0:ab:3c:
e4:ad:44:74:1f:85:cc:4e:12:b4:3b:d9:57:ca:19:
e6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:BE:1A:CB:35:AF:A9:F5:93:3C:13:44:4D:45:F0:C8:D8:FD:FF:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:4040::/46
Signature Algorithm: sha256WithRSAEncryption
6f:1c:42:db:47:1d:ac:46:33:22:84:a2:ea:4f:09:fa:63:db:
a6:49:e4:f2:3a:d9:bc:31:9e:a5:fd:54:42:a1:54:aa:d1:2b:
69:e3:bc:eb:67:2b:89:44:54:59:9f:46:d6:86:8f:c8:f4:10:
55:52:7e:78:df:11:9c:9e:00:70:4d:75:59:aa:1e:d5:df:1c:
ae:8a:4e:d8:dc:b2:9c:68:de:76:57:98:e2:63:93:9e:6a:95:
ef:54:f8:78:1d:c0:74:9e:71:b3:6a:c1:45:b5:f6:9a:1a:08:
07:42:74:34:bc:08:73:08:b0:9a:39:90:b4:f2:ce:da:7c:58:
80:c7:b5:bf:e3:11:f1:42:fb:03:fc:15:9a:f3:f1:3e:02:98:
ef:11:0c:fe:29:a9:34:f9:9d:51:76:b0:6c:c2:c3:4f:0c:3d:
44:27:2c:ae:1a:e7:2e:ae:0c:ba:bc:22:fc:23:56:22:8f:01:
4d:55:77:32:c5:b1:54:78:02:15:d8:6e:c1:88:fa:29:91:36:
05:5a:c3:3e:a1:3c:8f:2e:96:b6:72:41:bc:63:77:9b:81:5d:
95:e3:0d:43:52:a1:ff:72:78:e5:27:dc:fe:aa:9e:f6:44:8c:
ce:6d:fc:25:72:be:83:23:e1:12:14:cb:8f:3f:26:3e:5c:66:
bd:26:e4:be
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULeMrztF4X495Xz96V3nBwkfK2C4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAwMTBaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhOWYzOGVjZjQzYWJhODk4ZTIyYTczNTZkNjJmNjcxYzc3ZDcxZWRhZjY0
NWI4YzE1N2JiMTU0ZGVmYzRjZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmWkoNTwvzW8aVQr5ejM93HurASjvGzfkhjdTPTvnRJ6ZHadAQxRG4/Pppr
0XXBV1T2XIxP6Q8KjjLj96WOlA40xHD4y5HeIzDdbYwBVvF7gci++uKZbahhAvFi
iXw9PLzoM/iLcgcFnSGlg3Tg0ZoH9Rua6CwIHndW+ZvxEj2aEL+yz3I/IZofffEd
DugkKrdrrQPJbkPlTyPwUgIOWXIPJAy8HRkjbooWNm+2kLkrtsto3GCGs70Dmmh9
GjTp1SBW6xSwTHxbiyMrX6OI29hTgCFYC9BggmMoh+E+z3y+0nIBwigl1hPDciV9
wKs85K1EdB+FzE4StDvZV8oZ5tECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQZvhrL
Na+p9ZM8E0RNRfDI2P3/nDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTJiMzFmYTItYmUxYS00MjNlLTlhY2ItMGUyMTY4YzJmYWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNA
QDANBgkqhkiG9w0BAQsFAAOCAQEAbxxC20cdrEYzIoSi6k8J+mPbpknk8jrZvDGe
pf1UQqFUqtEraeO862criURUWZ9G1oaPyPQQVVJ+eN8RnJ4AcE11Waoe1d8cropO
2NyynGjedleY4mOTnmqV71T4eB3AdJ5xs2rBRbX2mhoIB0J0NLwIcwiwmjmQtPLO
2nxYgMe1v+MR8UL7A/wVmvPxPgKY7xEM/impNPmdUXawbMLDTww9RCcsrhrnLq4M
urwi/CNWIo8BTVV3MsWxVHgCFdhuwYj6KZE2BVrDPqE8jy6WtnJBvGN3m4FdleMN
Q1Kh/3J45Sfc/qqe9kSMzm38JXK+gyPhEhTLjz8mPlxmvSbkvg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:04 2025 by rpki-client