Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9945cd2e-c13e-46b8-83ad-2175ff7c3188.roa
File: 9945cd2e-c13e-46b8-83ad-2175ff7c3188.roa (raw, json)
Hash identifier: OIFJsijtTbdjGylx4acOAReT1W85C6EIb1ypSwx//5A=
Subject key identifier: D2:64:6A:64:6E:2A:69:04:C6:81:55:E4:1F:B3:75:73:D4:08:F8:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F8A850BD9543789186361566D21FAE16EF38B71
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9945cd2e-c13e-46b8-83ad-2175ff7c3188.roa
Signing time: Fri 17 Oct 2025 23:20:11 +0000
ROA not before: Fri 17 Oct 2025 23:20:11 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:4000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:8a:85:0b:d9:54:37:89:18:63:61:56:6d:21:fa:e1:6e:f3:8b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 17 23:20:11 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=27189ae8fca4a7644cc4173cdebd18450dcbe14c633f2bc6026ad1a19fe6a110, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:15:9f:b4:47:f1:86:12:d9:9f:db:2b:8b:2d:
25:70:8d:9a:4c:89:52:10:e0:37:07:cb:7b:8e:b6:
b8:29:b6:e5:ae:4e:f1:20:aa:2f:aa:94:44:2a:79:
d2:27:4e:7e:62:06:25:2d:c2:ac:6b:d3:4a:ce:f0:
e1:b1:a1:0a:a4:ef:53:c1:f5:4e:85:dd:24:2a:f4:
aa:c7:a3:98:d3:5e:7a:7e:a5:4a:ef:60:40:55:af:
94:e2:6b:33:d4:89:60:16:4d:a7:6b:d2:7d:73:a8:
5c:2b:4f:a8:3d:65:23:5f:38:50:d1:20:c4:62:99:
92:04:5d:4c:67:82:82:a5:3b:60:c2:57:10:e8:a9:
21:5e:ad:47:31:19:cd:b2:ce:5a:68:9d:77:c3:97:
d0:df:3f:3f:ef:b2:00:55:22:a3:64:08:68:ec:44:
56:36:b1:3a:34:eb:05:0e:cd:53:0a:e0:d3:8f:6d:
c7:a9:18:a0:45:f5:2d:d6:17:7d:2b:52:4a:d1:5b:
3d:aa:28:b0:3e:ba:64:5c:93:23:03:6b:04:3c:49:
99:35:8f:f9:0d:03:0d:eb:0c:11:ea:5e:b9:4b:0f:
91:c2:12:ee:46:c9:34:4e:b3:8c:d0:67:48:99:dd:
6d:a3:f5:6e:ca:c6:25:f1:89:cb:fc:2a:31:a9:db:
da:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:64:6A:64:6E:2A:69:04:C6:81:55:E4:1F:B3:75:73:D4:08:F8:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9945cd2e-c13e-46b8-83ad-2175ff7c3188.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:4000::/48
Signature Algorithm: sha256WithRSAEncryption
3d:33:8b:b0:cd:7d:61:77:38:7a:53:99:fa:1f:6a:83:be:9f:
be:d1:95:ce:72:83:d3:95:5c:c1:07:fd:ea:da:b8:37:98:77:
46:72:d7:35:0c:53:33:c7:2d:99:a3:ae:92:47:02:bd:fc:85:
e8:65:04:42:e4:76:80:a3:c8:5b:8a:f5:3f:26:ef:45:a5:8c:
8b:62:48:7b:ee:e0:af:1d:bb:83:e6:05:62:fa:fd:d1:3a:3e:
8f:48:33:42:59:12:15:a7:98:b1:63:18:08:6e:b7:2a:56:ba:
ac:4b:af:2a:02:4c:d6:12:cf:10:b4:c0:42:f8:13:7c:96:77:
85:f9:5d:ce:92:7f:bc:7e:1f:86:25:54:87:e7:82:fd:b5:7b:
ae:ab:ee:fe:a7:57:87:d0:bd:69:22:07:1c:45:3b:c0:54:1c:
a6:79:cc:e3:8c:e7:cd:54:3e:d1:c8:85:51:47:ba:c4:bd:b3:
37:3e:31:d4:c0:db:01:0f:a2:ea:cf:d6:2a:ec:8d:9b:4f:49:
60:ce:06:01:a4:bf:8c:c5:b5:d7:4d:9e:70:3b:1a:06:b4:2f:
0d:94:2d:e2:c3:5d:ba:30:f5:08:d0:7b:c2:a8:be:e4:74:81:
16:38:02:63:86:6c:ec:61:52:86:92:a9:46:8f:eb:fe:01:ed:
4f:22:23:46
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUD4qFC9lUN4kYY2FWbSH64W7zi3EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTcyMzIwMTFaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3MTg5YWU4ZmNhNGE3NjQ0Y2M0MTczY2RlYmQxODQ1MGRjYmUxNGM2MzNm
MmJjNjAyNmFkMWExOWZlNmExMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAVn7RH8YYS2Z/bK4stJXCNmkyJUhDgNwfLe462uCm25a5O8SCqL6qURCp5
0idOfmIGJS3CrGvTSs7w4bGhCqTvU8H1ToXdJCr0qsejmNNeen6lSu9gQFWvlOJr
M9SJYBZNp2vSfXOoXCtPqD1lI184UNEgxGKZkgRdTGeCgqU7YMJXEOipIV6tRzEZ
zbLOWmidd8OX0N8/P++yAFUio2QIaOxEVjaxOjTrBQ7NUwrg049tx6kYoEX1LdYX
fStSStFbPaoosD66ZFyTIwNrBDxJmTWP+Q0DDesMEepeuUsPkcIS7kbJNE6zjNBn
SJndbaP1bsrGJfGJy/wqManb2iUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTSZGpk
bippBMaBVeQfs3Vz1Aj4yjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk0NWNkMmUtYzEzZS00NmI4LTgzYWQtMjE3NWZmN2MzMTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GxA
ADANBgkqhkiG9w0BAQsFAAOCAQEAPTOLsM19YXc4elOZ+h9qg76fvtGVznKD05Vc
wQf96tq4N5h3RnLXNQxTM8ctmaOukkcCvfyF6GUEQuR2gKPIW4r1PybvRaWMi2JI
e+7grx27g+YFYvr90To+j0gzQlkSFaeYsWMYCG63Kla6rEuvKgJM1hLPELTAQvgT
fJZ3hfldzpJ/vH4fhiVUh+eC/bV7rqvu/qdXh9C9aSIHHEU7wFQcpnnM44znzVQ+
0ciFUUe6xL2zNz4x1MDbAQ+i6s/WKuyNm09JYM4GAaS/jMW1102ecDsaBrQvDZQt
4sNdujD1CNB7wqi+5HSBFjgCY4Zs7GFShpKpRo/r/gHtTyIjRg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:24 2025 by rpki-client