Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
File: 9902e563-fe64-4a01-9616-0424a53839fb.roa (raw, json)
Hash identifier: QxqGCDonjZ6bgYN7IX6o2/BgWntQaeka24ojDYHWGXQ=
Subject key identifier: 22:B1:AE:4C:39:E9:42:39:BE:95:52:88:6A:DB:4B:62:20:CE:AC:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 609D5D2CE2010B60A389452BBAE7E13A0B0C5826
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
Signing time: Fri 26 Sep 2025 18:50:19 +0000
ROA not before: Fri 26 Sep 2025 18:50:19 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:9d:5d:2c:e2:01:0b:60:a3:89:45:2b:ba:e7:e1:3a:0b:0c:58:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:50:19 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=464599b9560cd279fa39daa143c4cd925f22d64df8094fc7311325682ffa2af1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:05:ed:d0:3a:56:5a:97:e0:5d:ae:ae:6f:0f:
1b:50:52:24:33:35:5c:b3:62:18:7d:ad:bf:b3:a3:
4c:d1:a3:48:e5:29:4c:4b:0b:fc:18:84:de:4f:02:
a4:6e:f3:79:96:db:6b:80:73:a2:d7:26:6b:79:b7:
03:9e:66:99:bb:66:74:b9:92:f8:6e:e2:ba:81:ae:
cc:ee:00:de:37:22:f8:fa:f1:18:22:86:eb:d5:cf:
1f:ee:c2:12:24:64:47:99:88:38:17:6d:42:78:77:
c8:88:14:90:c9:6c:90:54:63:ad:39:72:0c:e2:7f:
66:5d:39:0e:08:10:c0:c4:9c:6c:83:93:bc:e3:16:
18:0b:f4:25:5b:46:4b:31:d7:59:4a:f3:79:38:27:
65:e1:da:95:9e:0b:8f:9c:75:1a:c2:18:0b:0a:fb:
ac:43:43:0b:fb:2c:f5:8c:f2:eb:47:27:2b:a6:8d:
96:01:7b:15:5e:26:9e:bf:e7:d5:89:c9:12:42:45:
3b:bc:82:37:f5:fc:42:0e:62:b9:db:ff:8a:9c:b9:
64:f7:b2:ea:ba:9d:73:e7:03:6a:a0:ed:79:25:f6:
d8:20:41:39:67:43:3a:a2:1a:2b:fe:65:71:64:11:
0a:fb:98:b9:dd:e4:b4:d7:77:61:3d:77:b0:ef:67:
68:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B1:AE:4C:39:E9:42:39:BE:95:52:88:6A:DB:4B:62:20:CE:AC:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
37:64:f8:5a:76:a3:1c:be:32:b5:85:df:f9:68:00:a3:b6:6c:
6d:2d:9b:1a:77:de:30:83:7b:dc:40:38:37:18:9b:66:99:28:
6f:c9:ee:40:b0:62:5f:0e:47:46:18:6c:55:a0:9e:53:94:95:
1e:27:d7:4d:78:66:e7:67:02:c8:b8:ba:4e:73:bc:4f:92:c7:
9e:3b:7d:e4:65:a6:42:8f:b1:cd:00:a8:cd:ac:03:11:24:53:
59:fd:7d:67:40:fe:80:c8:66:3d:56:05:5b:11:a2:52:88:05:
f4:d4:e9:12:5c:8e:f7:9c:a7:88:9d:68:73:9c:46:aa:7f:1a:
58:af:15:99:ff:1b:86:51:7c:ac:ba:17:93:28:a7:d5:76:59:
ba:c7:50:32:7d:2c:de:3c:ac:03:7a:bc:2e:c1:f9:ac:12:b5:
cc:e7:94:d7:40:84:c6:4e:26:65:df:03:b9:cf:27:91:e0:1a:
c7:5b:8b:a6:a5:67:f5:13:1a:93:d5:49:5e:03:7f:0f:d5:89:
81:77:6e:65:01:e6:b9:96:da:17:9f:2e:ad:5d:45:48:f1:8e:
1a:aa:37:77:8f:50:ae:22:ab:39:bb:1c:dc:4f:9b:1d:b4:6f:
2b:1c:2e:77:3e:4f:15:33:0d:11:7e:0b:1c:83:4e:f2:b3:31:
eb:cc:a7:20
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYJ1dLOIBC2CjiUUruufhOgsMWCYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODUwMTlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2NDU5OWI5NTYwY2QyNzlmYTM5ZGFhMTQzYzRjZDkyNWYyMmQ2NGRmODA5
NGZjNzMxMTMyNTY4MmZmYTJhZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoF7dA6VlqX4F2urm8PG1BSJDM1XLNiGH2tv7OjTNGjSOUpTEsL/BiE3k8C
pG7zeZbba4Bzotcma3m3A55mmbtmdLmS+G7iuoGuzO4A3jci+PrxGCKG69XPH+7C
EiRkR5mIOBdtQnh3yIgUkMlskFRjrTlyDOJ/Zl05DggQwMScbIOTvOMWGAv0JVtG
SzHXWUrzeTgnZeHalZ4Lj5x1GsIYCwr7rENDC/ss9Yzy60cnK6aNlgF7FV4mnr/n
1YnJEkJFO7yCN/X8Qg5iudv/ipy5ZPey6rqdc+cDaqDteSX22CBBOWdDOqIaK/5l
cWQRCvuYud3ktNd3YT13sO9naDkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQisa5M
OelCOb6VUohq20tiIM6sTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTkwMmU1NjMtZmU2NC00YTAxLTk2MTYtMDQyNGE1MzgzOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
wDANBgkqhkiG9w0BAQsFAAOCAQEAN2T4WnajHL4ytYXf+WgAo7ZsbS2bGnfeMIN7
3EA4NxibZpkob8nuQLBiXw5HRhhsVaCeU5SVHifXTXhm52cCyLi6TnO8T5LHnjt9
5GWmQo+xzQCozawDESRTWf19Z0D+gMhmPVYFWxGiUogF9NTpElyO95yniJ1oc5xG
qn8aWK8Vmf8bhlF8rLoXkyin1XZZusdQMn0s3jysA3q8LsH5rBK1zOeU10CExk4m
Zd8Duc8nkeAax1uLpqVn9RMak9VJXgN/D9WJgXduZQHmuZbaF58urV1FSPGOGqo3
d49QriKrObsc3E+bHbRvKxwudz5PFTMNEX4LHINO8rMx68ynIA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:44 2025 by rpki-client