Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
File: 9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa (raw, json)
Hash identifier: anu1hAig2cYKrxiSMapnh5iVbrWg6Hbk+4qyXedP76Y=
Subject key identifier: 33:43:3C:5C:C2:D4:04:45:E6:31:80:0D:58:BE:CF:31:A4:56:B8:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D9E4F77E28624ADF28D368F99FC02EDFF7AFCFB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
Signing time: Fri 26 Sep 2025 19:21:09 +0000
ROA not before: Fri 26 Sep 2025 19:21:09 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:9e:4f:77:e2:86:24:ad:f2:8d:36:8f:99:fc:02:ed:ff:7a:fc:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:21:09 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=f20df4bc556fd88654a0ff2fa4055f2b05a2abb908aabb7f2221e8f20dc917c4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c1:87:8a:57:9a:b1:40:93:ca:bc:22:73:d9:
82:86:c1:16:96:ec:b1:01:c1:c6:1d:a3:0e:3b:f3:
4a:0c:f8:74:e2:19:a9:43:5e:ad:41:1f:ba:f3:e8:
1b:ad:db:84:15:06:a9:07:d7:74:4e:6b:5b:ea:bd:
f1:04:9c:6b:13:bd:ed:fc:97:53:c7:83:af:54:0c:
1a:da:27:b8:97:f2:8e:3c:52:8d:93:41:c7:3e:4c:
4f:4e:c8:85:04:cd:fb:af:d0:42:4b:61:60:f6:01:
1a:f6:bd:ce:8b:f7:0d:6f:e9:8e:aa:e2:48:a1:0f:
73:ac:c8:96:12:2c:f9:88:c3:06:84:5e:df:09:b8:
d8:8b:aa:2c:a2:32:e6:9a:a9:89:b0:cd:ae:87:c5:
7f:c6:5c:12:20:0a:62:e0:97:9d:e6:ed:80:f6:73:
3a:73:77:58:e5:f0:86:d3:99:6f:d1:d9:12:ac:55:
07:ef:40:36:05:96:5e:e7:be:14:44:da:00:85:e6:
30:62:81:48:a7:01:40:8e:b6:b2:48:0c:33:ee:03:
29:6c:78:f2:b1:12:ed:e6:33:b6:07:b9:a9:9b:5c:
f4:34:c1:78:8c:ce:fa:c6:7c:d3:81:d2:14:4b:55:
45:e2:8a:33:62:44:18:2b:48:ed:e5:be:2b:c1:9c:
8e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:43:3C:5C:C2:D4:04:45:E6:31:80:0D:58:BE:CF:31:A4:56:B8:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:6000::/40
Signature Algorithm: sha256WithRSAEncryption
15:b9:07:57:ed:a3:40:37:4e:dc:e0:19:0d:dd:88:64:69:43:
06:cb:00:04:3b:a1:70:ed:d4:6b:67:0e:24:42:ba:83:82:10:
87:1d:33:14:76:91:93:97:68:20:89:55:ee:62:95:ec:80:c4:
e8:d1:b3:e6:c8:b9:2a:73:02:0e:f7:c3:30:52:6b:74:40:70:
e8:21:5c:70:61:aa:1a:5b:5a:2e:e5:3d:43:9a:a2:59:64:a4:
b4:1f:b0:7a:84:e3:ac:ee:ae:cd:35:92:94:35:99:60:34:14:
63:09:14:f8:8e:9f:41:df:16:85:3e:bf:2a:a4:42:44:54:6e:
c1:e6:78:60:80:17:2e:33:98:69:2f:d1:9b:07:dc:1d:2e:66:
56:7d:dc:4d:81:4d:e4:96:f4:8e:41:eb:6a:9c:31:38:a6:92:
02:b8:24:75:6e:90:5d:c7:2b:9d:41:fd:3a:2f:77:94:49:4f:
fd:eb:88:55:47:56:93:6a:f2:7b:c2:72:d2:fe:dd:c9:24:b0:
f7:56:ad:05:03:3b:b4:7c:fd:7b:be:1f:94:f7:42:5b:f4:d1:
f0:53:7b:98:a9:54:2d:ab:07:30:77:73:36:06:07:5c:65:1a:
62:5c:12:39:c7:6b:5b:38:75:e4:5e:d7:54:68:c8:aa:29:49:
6b:d0:27:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHZ5Pd+KGJK3yjTaPmfwC7f96/PswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTIxMDlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyMGRmNGJjNTU2ZmQ4ODY1NGEwZmYyZmE0MDU1ZjJiMDVhMmFiYjkwOGFh
YmI3ZjIyMjFlOGYyMGRjOTE3YzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7Bh4pXmrFAk8q8InPZgobBFpbssQHBxh2jDjvzSgz4dOIZqUNerUEfuvPo
G63bhBUGqQfXdE5rW+q98QScaxO97fyXU8eDr1QMGtonuJfyjjxSjZNBxz5MT07I
hQTN+6/QQkthYPYBGva9zov3DW/pjqriSKEPc6zIlhIs+YjDBoRe3wm42IuqLKIy
5pqpibDNrofFf8ZcEiAKYuCXnebtgPZzOnN3WOXwhtOZb9HZEqxVB+9ANgWWXue+
FETaAIXmMGKBSKcBQI62skgMM+4DKWx48rES7eYztge5qZtc9DTBeIzO+sZ804HS
FEtVReKKM2JEGCtI7eW+K8Gcjj0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQzQzxc
wtQEReYxgA1Yvs8xpFa4HTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWRjYzcwZGUtNjJiMC00MTBhLThjNDAtZDUxMDJjOWNjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJg
MA0GCSqGSIb3DQEBCwUAA4IBAQAVuQdX7aNAN07c4BkN3YhkaUMGywAEO6Fw7dRr
Zw4kQrqDghCHHTMUdpGTl2ggiVXuYpXsgMTo0bPmyLkqcwIO98MwUmt0QHDoIVxw
YaoaW1ou5T1DmqJZZKS0H7B6hOOs7q7NNZKUNZlgNBRjCRT4jp9B3xaFPr8qpEJE
VG7B5nhggBcuM5hpL9GbB9wdLmZWfdxNgU3klvSOQetqnDE4ppICuCR1bpBdxyud
Qf06L3eUSU/964hVR1aTavJ7wnLS/t3JJLD3Vq0FAzu0fP17vh+U90Jb9NHwU3uY
qVQtqwcwd3M2BgdcZRpiXBI5x2tbOHXkXtdUaMiqKUlr0Cdf
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:47 2025 by rpki-client