Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
File: 99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa (raw, json)
Hash identifier: NgZVjZXQDee92eOxsN+EeSbDasirbXhNS/L+hk6hkCs=
Subject key identifier: 3A:33:36:DD:CC:31:D9:EB:5E:7E:94:36:39:59:FD:36:C7:BD:2D:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0170623CF71DB1271FB70C7D371FC629060F8828
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
Signing time: Sat 27 Sep 2025 00:53:28 +0000
ROA not before: Sat 27 Sep 2025 00:53:28 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:70:62:3c:f7:1d:b1:27:1f:b7:0c:7d:37:1f:c6:29:06:0f:88:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 27 00:53:28 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=50df33c29fd628dedd6b2ca3623b5245a2c7d34f07f4cf6f21e1876a974a6159, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0b:3b:3c:7f:65:31:fd:6d:35:2b:41:b3:87:
e0:7d:a4:d3:05:f9:6b:86:b6:ea:c9:f2:60:b7:db:
01:9d:cc:11:b4:c3:5d:d2:de:0b:31:d4:93:35:89:
a2:4b:ba:d5:a6:82:ee:52:ce:ea:39:f0:8d:9d:36:
20:82:a2:eb:95:42:15:66:15:8b:e5:e2:1f:62:8c:
b6:19:7e:d0:88:f1:36:09:a8:e4:ce:cf:98:2f:86:
95:04:dc:1f:70:9c:eb:a2:4e:e5:c8:85:d4:2c:ee:
95:f9:3e:48:ca:17:78:7f:f3:65:d1:87:18:29:6a:
e5:18:c2:c3:41:aa:03:b5:31:5b:b8:e1:d7:8f:c3:
29:fa:3d:c5:33:62:42:de:2d:f0:b6:42:5d:08:3d:
59:90:8b:54:69:a1:92:0a:30:f2:28:2c:b3:5c:a2:
f5:31:4d:7d:11:a0:a2:e6:d9:73:7f:00:49:96:be:
79:d7:1c:3e:91:d1:bf:c6:ef:73:13:01:65:08:20:
1b:64:5f:76:b0:d2:5f:d1:e4:86:93:ae:fd:40:f6:
c7:db:68:24:9d:83:ac:08:c5:89:eb:8b:9d:2e:62:
03:98:be:90:c4:20:3b:47:96:57:b9:fb:92:f6:50:
7b:79:02:7f:c1:ae:46:70:be:c2:bb:36:df:6c:a3:
f4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:33:36:DD:CC:31:D9:EB:5E:7E:94:36:39:59:FD:36:C7:BD:2D:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1000::/38
Signature Algorithm: sha256WithRSAEncryption
76:1a:30:43:6d:a3:0c:dc:d5:e7:6f:78:fd:88:c4:0b:61:5c:
e0:87:90:f4:ad:65:1b:c0:23:4b:d7:fa:33:2e:e8:02:79:3d:
5b:9d:5f:3c:0e:77:e2:fa:b0:d7:40:2f:08:53:c5:30:63:4d:
05:4e:4b:b2:bc:66:f0:55:3a:6f:27:b5:a1:a3:fd:2d:b9:11:
d0:ea:51:76:74:99:99:95:02:93:fd:3e:ea:49:62:0d:c2:22:
23:98:31:a2:c1:79:6a:1a:4e:b9:d2:86:0e:dc:7a:38:68:7a:
24:49:e5:71:93:41:34:42:40:05:0e:32:01:4d:d1:da:88:9f:
96:ff:eb:65:c2:fb:16:dd:73:81:3c:fe:56:9c:de:d0:ef:81:
df:35:dd:36:45:4e:1e:1d:9b:13:48:32:53:4d:78:9d:7f:ca:
e8:47:f4:c2:92:25:ad:63:59:63:16:b2:d3:74:ac:af:a8:66:
2d:26:6d:8e:a3:e2:d9:f0:d9:92:0b:e2:50:3e:e5:5a:8f:22:
3d:27:fe:a5:49:14:b6:09:3f:d9:00:17:f9:ce:84:9d:9e:7f:
41:c5:f2:c4:8d:4d:54:2f:35:11:5f:d9:24:58:92:13:4b:11:
11:46:3c:16:e5:83:8d:60:39:f2:32:d8:0d:a2:c3:32:c2:e7:
d7:73:12:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAXBiPPcdsScftwx9Nx/GKQYPiCgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjcwMDUzMjhaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwZGYzM2MyOWZkNjI4ZGVkZDZiMmNhMzYyM2I1MjQ1YTJjN2QzNGYwN2Y0
Y2Y2ZjIxZTE4NzZhOTc0YTYxNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJILOzx/ZTH9bTUrQbOH4H2k0wX5a4a26snyYLfbAZ3MEbTDXdLeCzHUkzWJ
oku61aaC7lLO6jnwjZ02IIKi65VCFWYVi+XiH2KMthl+0IjxNgmo5M7PmC+GlQTc
H3Cc66JO5ciF1Czulfk+SMoXeH/zZdGHGClq5RjCw0GqA7UxW7jh14/DKfo9xTNi
Qt4t8LZCXQg9WZCLVGmhkgow8igss1yi9TFNfRGgoubZc38ASZa+edccPpHRv8bv
cxMBZQggG2RfdrDSX9HkhpOu/UD2x9toJJ2DrAjFieuLnS5iA5i+kMQgO0eWV7n7
kvZQe3kCf8GuRnC+wrs232yj9AECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6Mzbd
zDHZ615+lDY5Wf02x70tojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTliYzUyZjMtYjRmNS00NGViLTlhNTMtYzc0ZGEzZTk3MTNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB2GjBDbaMM3NXnb3j9iMQLYVzgh5D0rWUbwCNL
1/ozLugCeT1bnV88Dnfi+rDXQC8IU8UwY00FTkuyvGbwVTpvJ7Who/0tuRHQ6lF2
dJmZlQKT/T7qSWINwiIjmDGiwXlqGk650oYO3Ho4aHokSeVxk0E0QkAFDjIBTdHa
iJ+W/+tlwvsW3XOBPP5WnN7Q74HfNd02RU4eHZsTSDJTTXidf8roR/TCkiWtY1lj
FrLTdKyvqGYtJm2Oo+LZ8NmSC+JQPuVajyI9J/6lSRS2CT/ZABf5zoSdnn9BxfLE
jU1ULzURX9kkWJITSxERRjwW5YONYDnyMtgNosMywufXcxJB
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:15:56 2025 by rpki-client