Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
File: 979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa (raw, json)
Hash identifier: WnJBFvzwlwXoeQgToQ+xqFQBLTsOlayULXvlIedEHJE=
Subject key identifier: 9A:51:53:CF:1D:97:FE:7F:8F:65:84:D9:28:2C:09:AD:8D:62:3A:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A3ACB0A5AAE49B7A478D8088652377A6A5379BB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
Signing time: Fri 26 Sep 2025 18:39:02 +0000
ROA not before: Fri 26 Sep 2025 18:39:02 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:3a:cb:0a:5a:ae:49:b7:a4:78:d8:08:86:52:37:7a:6a:53:79:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:39:02 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=3f3fe8640063a17f5d1c73c134cab2b6dc57dd5c61eefecff004a1172c10f322, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bc:18:ba:93:8f:27:2b:3e:e3:6c:ee:4b:9a:
b9:2f:10:51:9d:7d:9b:29:5f:00:f3:34:dc:de:d2:
02:b1:28:8a:3b:41:72:69:97:a4:b2:58:a1:d2:2a:
1e:c0:ef:11:26:ff:1f:08:33:a9:08:9d:7a:77:38:
06:53:3f:b4:98:18:d4:2a:83:4d:32:44:71:f9:d1:
99:2c:ea:70:03:ae:28:a4:8f:57:cd:57:d9:2e:1d:
03:75:89:7a:5a:c5:61:77:c1:a5:35:90:17:aa:5e:
8c:ea:87:30:bb:8a:25:85:e7:06:2e:6a:68:6c:23:
3e:50:99:d0:be:0f:58:bc:3d:a0:cc:fc:2f:b7:59:
ad:75:d9:97:4d:b3:41:b2:66:ce:e1:82:37:aa:1c:
49:b6:10:75:7b:fc:d2:e4:04:17:03:6a:98:ec:7b:
8c:67:15:4d:ce:17:7a:a3:de:a0:c9:a3:77:9b:b6:
4e:58:69:dd:c8:4b:25:4b:6a:13:b3:f4:7f:3d:11:
74:05:c8:d0:98:8f:bd:0d:c3:df:d3:57:97:d4:0c:
de:d8:18:01:2a:d4:34:b3:8a:b4:db:69:2d:96:d5:
57:8b:c8:1d:da:66:af:67:9e:8d:a9:29:17:a1:91:
82:45:72:ee:8f:1d:4d:e5:85:07:bb:0e:a7:c2:02:
d4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:51:53:CF:1D:97:FE:7F:8F:65:84:D9:28:2C:09:AD:8D:62:3A:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8040::/48
Signature Algorithm: sha256WithRSAEncryption
c7:ef:2e:d7:43:81:4a:48:42:79:64:d8:15:5a:07:b7:9c:19:
8a:51:ca:51:41:f2:d1:ac:c8:4f:fe:7b:20:9f:fb:74:3f:8e:
88:a3:fc:28:6b:f9:e7:51:a2:f5:26:9e:8e:10:cb:3a:33:48:
68:c5:71:98:70:2f:7c:8b:f4:c7:d6:ba:d1:b9:38:b6:93:a2:
0e:dc:35:c2:8d:57:88:3f:a0:71:d1:da:86:50:a3:d0:f7:4c:
9f:71:53:27:76:d8:54:0e:0c:62:86:6b:6f:07:fb:c5:ae:e0:
91:83:3d:17:2f:8b:2d:d8:1a:0d:4b:eb:94:20:bb:40:3d:f1:
a9:29:b0:1b:56:6e:19:88:66:70:e6:64:38:61:5d:d4:6c:2d:
f9:07:3c:3b:3e:71:3d:85:e0:31:e1:28:ab:d9:11:2a:cb:54:
ea:c8:9d:27:5b:8c:45:1e:24:1b:f7:a8:fc:5d:63:97:a9:e9:
ef:87:fc:a1:fb:c6:cc:49:7a:c3:ea:66:63:4b:46:1c:9f:4f:
9d:5f:12:96:8b:5f:4d:72:2e:d2:24:a4:c6:e9:32:bc:72:93:
7b:e0:ef:d8:1e:57:3e:79:28:ca:46:c4:fe:c7:25:5c:c4:ab:
07:18:e6:19:7e:15:98:75:97:34:6f:ec:e1:c4:a2:19:98:38:
be:00:c0:6d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKjrLClquSbekeNgIhlI3empTebswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODM5MDJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmM2ZlODY0MDA2M2ExN2Y1ZDFjNzNjMTM0Y2FiMmI2ZGM1N2RkNWM2MWVl
ZmVjZmYwMDRhMTE3MmMxMGYzMjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMK8GLqTjycrPuNs7kuauS8QUZ19mylfAPM03N7SArEoijtBcmmXpLJYodIq
HsDvESb/HwgzqQidenc4BlM/tJgY1CqDTTJEcfnRmSzqcAOuKKSPV81X2S4dA3WJ
elrFYXfBpTWQF6pejOqHMLuKJYXnBi5qaGwjPlCZ0L4PWLw9oMz8L7dZrXXZl02z
QbJmzuGCN6ocSbYQdXv80uQEFwNqmOx7jGcVTc4XeqPeoMmjd5u2Tlhp3chLJUtq
E7P0fz0RdAXI0JiPvQ3D39NXl9QM3tgYASrUNLOKtNtpLZbVV4vIHdpmr2eejakp
F6GRgkVy7o8dTeWFB7sOp8IC1HsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSaUVPP
HZf+f49lhNkoLAmtjWI65jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc5YmM3M2YtN2Q4Ny00Y2ZhLTkzYmQtMDM3OGNmMWQ2YWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
QDANBgkqhkiG9w0BAQsFAAOCAQEAx+8u10OBSkhCeWTYFVoHt5wZilHKUUHy0azI
T/57IJ/7dD+OiKP8KGv551Gi9SaejhDLOjNIaMVxmHAvfIv0x9a60bk4tpOiDtw1
wo1XiD+gcdHahlCj0PdMn3FTJ3bYVA4MYoZrbwf7xa7gkYM9Fy+LLdgaDUvrlCC7
QD3xqSmwG1ZuGYhmcOZkOGFd1Gwt+Qc8Oz5xPYXgMeEoq9kRKstU6sidJ1uMRR4k
G/eo/F1jl6np74f8ofvGzEl6w+pmY0tGHJ9PnV8SlotfTXIu0iSkxukyvHKTe+Dv
2B5XPnkoykbE/sclXMSrBxjmGX4VmHWXNG/s4cSiGZg4vgDAbQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:53 2025 by rpki-client