Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa
File: 950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa (raw, json)
Hash identifier: oIM6iLgteE5b35o0x3DfzkocckwY5YMNq8gw99ZBFHg=
Subject key identifier: 64:3B:39:03:D7:DC:7A:7F:82:BA:F7:D9:A8:18:53:8B:AD:62:ED:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 590ECC751EEF9C8B046C3450679C7BF28C487D70
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa
Signing time: Mon 06 Oct 2025 18:01:01 +0000
ROA not before: Mon 06 Oct 2025 18:01:01 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:a0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:0e:cc:75:1e:ef:9c:8b:04:6c:34:50:67:9c:7b:f2:8c:48:7d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:01:01 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=75d5abf9ccc38686f366e809c092b46240b92c2a2ba79b3a70e82934be41756f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:74:3a:b3:81:22:6c:1d:0a:b3:d1:f2:65:10:
fc:e7:23:9f:de:51:1f:70:2f:bd:67:f0:08:2c:47:
65:4a:f5:7f:83:04:32:b6:cd:3b:55:95:7a:ee:62:
51:25:48:23:2d:79:b7:3b:d1:12:ff:76:45:1f:3f:
c5:b2:f4:95:fa:5a:21:aa:11:c8:03:29:ed:e6:1f:
69:c6:94:9a:13:84:be:72:7a:f5:fc:b1:97:95:1d:
d6:ca:8f:f8:43:ff:c4:fb:25:1a:cd:55:00:ee:b0:
48:3d:c4:74:77:e0:c2:96:e2:78:71:04:13:bc:41:
f6:45:b8:2f:8b:43:83:a7:87:24:3b:39:0b:07:3b:
26:7a:9b:da:f6:59:51:19:43:c0:97:29:dc:a2:c2:
b3:a0:f9:e0:9f:55:d7:29:2b:66:be:8f:f0:a2:96:
88:cd:87:f2:0f:2e:44:79:bc:b6:64:50:46:04:0f:
71:29:60:e4:d3:eb:eb:66:96:a9:d1:ca:90:81:d6:
1f:b0:8a:c2:32:41:51:7b:bc:e0:ce:28:32:c3:fe:
d0:61:5c:78:c8:9f:da:66:e9:05:dc:e6:75:6a:67:
27:02:ba:34:8e:e5:97:34:60:6f:ae:7a:7d:35:63:
53:e8:b7:62:9b:f0:ac:ee:d6:48:fb:af:b6:12:96:
41:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:3B:39:03:D7:DC:7A:7F:82:BA:F7:D9:A8:18:53:8B:AD:62:ED:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:a0c0::/46
Signature Algorithm: sha256WithRSAEncryption
8a:7a:e5:81:1e:7c:5c:8c:48:04:82:3d:6e:17:24:85:28:2b:
aa:a5:ff:33:9b:29:ca:a0:24:42:a1:3e:1e:2d:74:9f:88:d1:
80:7f:d2:0b:a8:f4:58:9c:2d:fc:ac:31:f8:0d:46:63:79:3e:
bd:7d:0e:44:56:ac:2d:62:28:e3:24:e8:18:06:ab:22:34:b8:
1a:cc:4c:9b:ca:08:1f:3d:f1:7d:e7:a7:e7:eb:45:3d:64:8c:
63:a7:2f:fe:69:88:95:fc:69:c9:95:2e:b4:3c:81:3e:c9:62:
ce:8b:ef:6b:3f:22:e0:7f:c8:1e:33:83:11:3c:bf:2d:c1:25:
6a:59:ee:79:b9:e3:83:be:0b:37:de:49:56:c8:01:0b:f5:90:
c9:21:0c:1a:21:23:0b:3a:87:6a:27:c6:ab:f9:76:08:9e:6f:
af:ad:f1:d9:f4:18:e6:2b:88:b5:17:88:c4:02:14:84:47:ff:
9e:68:23:2a:c3:07:3a:6d:c5:3f:36:8c:3c:4e:55:ac:2b:82:
eb:13:a8:83:4e:2e:09:78:b0:1e:f1:c0:b2:19:8e:2b:f7:35:
7a:e3:b5:0f:ce:b1:e1:9c:5d:d3:a2:5e:c7:1d:ac:3c:fc:dd:
fa:4e:72:80:be:f9:06:7f:10:00:90:3a:a2:62:8a:f8:bc:b6:
c0:22:b2:66
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWQ7MdR7vnIsEbDRQZ5x78oxIfXAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAxMDFaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1ZDVhYmY5Y2NjMzg2ODZmMzY2ZTgwOWMwOTJiNDYyNDBiOTJjMmEyYmE3
OWIzYTcwZTgyOTM0YmU0MTc1NmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKV0OrOBImwdCrPR8mUQ/Ocjn95RH3AvvWfwCCxHZUr1f4MEMrbNO1WVeu5i
USVIIy15tzvREv92RR8/xbL0lfpaIaoRyAMp7eYfacaUmhOEvnJ69fyxl5Ud1sqP
+EP/xPslGs1VAO6wSD3EdHfgwpbieHEEE7xB9kW4L4tDg6eHJDs5Cwc7Jnqb2vZZ
URlDwJcp3KLCs6D54J9V1ykrZr6P8KKWiM2H8g8uRHm8tmRQRgQPcSlg5NPr62aW
qdHKkIHWH7CKwjJBUXu84M4oMsP+0GFceMif2mbpBdzmdWpnJwK6NI7llzRgb656
fTVjU+i3YpvwrO7WSPuvthKWQV8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRkOzkD
19x6f4K699moGFOLrWLtEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTUwZTlkMzctYTliNS00Yzc4LWI2NWUtYzdiNDVjYTg1MWM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOg
wDANBgkqhkiG9w0BAQsFAAOCAQEAinrlgR58XIxIBII9bhckhSgrqqX/M5spyqAk
QqE+Hi10n4jRgH/SC6j0WJwt/Kwx+A1GY3k+vX0ORFasLWIo4yToGAarIjS4GsxM
m8oIHz3xfeen5+tFPWSMY6cv/mmIlfxpyZUutDyBPslizovvaz8i4H/IHjODETy/
LcElalnuebnjg74LN95JVsgBC/WQySEMGiEjCzqHaifGq/l2CJ5vr63x2fQY5iuI
tReIxAIUhEf/nmgjKsMHOm3FPzaMPE5VrCuC6xOog04uCXiwHvHAshmOK/c1euO1
D86x4Zxd06Jexx2sPPzd+k5ygL75Bn8QAJA6omKK+Ly2wCKyZg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:21 2025 by rpki-client