Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
File: 98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa (raw, json)
Hash identifier: DwhFfg8CMgByAJ+FWsCKgGyroPE2Fr/XAC5gnDsLFyQ=
Subject key identifier: EB:58:AC:30:0D:E1:A0:FA:AA:E3:08:DD:5A:37:DA:FD:B4:C6:69:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56989A3B0606D774BBFBA0BFF0578B9EFD5B012C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
Signing time: Fri 26 Sep 2025 20:01:28 +0000
ROA not before: Fri 26 Sep 2025 20:01:28 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:98:9a:3b:06:06:d7:74:bb:fb:a0:bf:f0:57:8b:9e:fd:5b:01:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:01:28 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=23d06f486a104cfbf83294f78e4f7253a13d7d311e415138190c0c1ba168352f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0f:da:c3:74:5e:0d:ea:ae:53:c3:54:c0:e3:
d8:73:ac:a1:52:09:4e:38:6c:ca:25:f6:73:1b:7f:
11:e8:a1:8e:43:eb:35:bc:99:8d:e2:42:40:61:ba:
c9:78:86:68:95:e0:84:6c:9a:a8:98:db:f9:fb:21:
98:81:ef:9f:29:2b:f4:57:74:54:d2:72:33:ca:3a:
f5:e3:b5:ae:74:bb:d5:a6:6d:eb:0f:f8:9c:dd:2a:
b3:78:7b:13:eb:21:35:17:e2:1e:ce:c5:46:5a:e2:
66:29:77:3d:55:36:cc:2f:f6:ec:05:b6:23:53:9b:
e5:f3:ff:c7:95:2b:4b:8f:5a:13:12:f9:5d:6c:e2:
e1:eb:4a:df:46:bb:58:cc:e2:49:da:bd:d8:49:09:
2b:53:b6:f3:1d:38:c9:4e:99:27:da:d5:65:7c:e5:
22:18:72:86:bf:d4:7a:4a:66:99:5d:72:bf:da:6a:
20:57:a0:77:ab:31:09:62:18:19:c4:b4:f9:18:19:
1a:79:49:f8:25:74:0f:cc:1f:a9:d1:f9:cc:e9:82:
32:1a:fe:11:0f:5e:ad:17:1b:3e:0a:21:a7:2d:62:
63:c7:0b:22:7d:a6:6d:24:91:97:3b:5a:68:83:58:
5c:3b:41:e4:de:b3:f9:b7:9b:73:d9:c1:73:3b:c9:
e7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:58:AC:30:0D:E1:A0:FA:AA:E3:08:DD:5A:37:DA:FD:B4:C6:69:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015::/36
Signature Algorithm: sha256WithRSAEncryption
10:54:96:f9:5d:c7:5a:40:7e:cc:6c:68:b7:9c:89:01:50:5f:
d1:bb:9f:df:e7:e3:9b:5c:b2:32:5d:28:ae:a6:f2:8c:30:af:
cd:81:02:de:1f:e2:cd:02:fd:48:0f:a2:11:a1:6f:62:37:7e:
9a:60:10:93:33:53:99:e0:ab:d4:6e:07:ec:42:89:c5:d0:ba:
1c:e6:4c:57:fc:44:c8:da:4b:40:c2:24:26:2b:d2:91:bd:0a:
55:58:66:eb:72:c5:8b:fb:be:51:c3:e0:b2:b6:91:9e:8f:30:
34:08:fa:f1:ae:ee:01:fc:e6:3e:c4:15:14:b9:e4:70:a6:bf:
7e:6d:d7:59:32:5e:9e:79:de:61:02:cb:e6:37:41:a8:4b:c8:
b7:ec:a9:55:1a:3b:b4:fd:76:d2:71:b3:23:51:be:da:3f:50:
62:62:53:09:00:57:68:1a:c5:a6:4a:c9:15:4d:1c:3e:ce:b7:
6d:be:65:35:7f:ad:29:6b:79:7b:56:a1:d9:94:79:dc:34:9f:
30:c4:ac:3e:f3:ce:b4:bb:f7:1a:08:1a:30:bd:68:c1:63:f4:
8c:0a:63:59:af:16:55:0d:5b:78:7f:31:f9:d9:df:6d:66:3b:
51:93:d2:3e:b6:9c:48:b9:f1:dc:a5:57:c5:f4:2c:86:59:47:
41:88:7e:22
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVpiaOwYG13S7+6C/8FeLnv1bASwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAxMjhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzZDA2ZjQ4NmExMDRjZmJmODMyOTRmNzhlNGY3MjUzYTEzZDdkMzExZTQx
NTEzODE5MGMwYzFiYTE2ODM1MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUP2sN0Xg3qrlPDVMDj2HOsoVIJTjhsyiX2cxt/EeihjkPrNbyZjeJCQGG6
yXiGaJXghGyaqJjb+fshmIHvnykr9Fd0VNJyM8o69eO1rnS71aZt6w/4nN0qs3h7
E+shNRfiHs7FRlriZil3PVU2zC/27AW2I1Ob5fP/x5UrS49aExL5XWzi4etK30a7
WMziSdq92EkJK1O28x04yU6ZJ9rVZXzlIhhyhr/UekpmmV1yv9pqIFegd6sxCWIY
GcS0+RgZGnlJ+CV0D8wfqdH5zOmCMhr+EQ9erRcbPgohpy1iY8cLIn2mbSSRlzta
aINYXDtB5N6z+bebc9nBczvJ550CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTrWKww
DeGg+qrjCN1aN9r9tMZpZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OThjZjU1YzUtYmI0YS00NmE1LWE2NjctOTAxYjFhMmZmYjRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BUA
MA0GCSqGSIb3DQEBCwUAA4IBAQAQVJb5XcdaQH7MbGi3nIkBUF/Ru5/f5+ObXLIy
XSiupvKMMK/NgQLeH+LNAv1ID6IRoW9iN36aYBCTM1OZ4KvUbgfsQonF0Loc5kxX
/ETI2ktAwiQmK9KRvQpVWGbrcsWL+75Rw+CytpGejzA0CPrxru4B/OY+xBUUueRw
pr9+bddZMl6eed5hAsvmN0GoS8i37KlVGju0/XbScbMjUb7aP1BiYlMJAFdoGsWm
SskVTRw+zrdtvmU1f60pa3l7VqHZlHncNJ8wxKw+8860u/caCBowvWjBY/SMCmNZ
rxZVDVt4fzH52d9tZjtRk9I+tpxIufHcpVfF9CyGWUdBiH4i
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:23 2025 by rpki-client