Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa
File: 9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa (raw, json)
Hash identifier: WOYBLV7j4aZnI1UdW/ZdHX0TnxTfd85WTY6qLnEfQnc=
Subject key identifier: F2:BC:E4:9A:16:39:29:6C:93:05:A9:17:72:3F:D5:0D:5D:C3:B7:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5323B3FD263980DF371828579C1289EFE7BC1DCB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa
Signing time: Sat 18 Oct 2025 04:30:20 +0000
ROA not before: Sat 18 Oct 2025 04:30:20 +0000
ROA not after: Sat 22 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:23:b3:fd:26:39:80:df:37:18:28:57:9c:12:89:ef:e7:bc:1d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 18 04:30:20 2025 GMT
Not After : Nov 22 23:59:59 2025 GMT
Subject: serialNumber=8ee1af3a632e1cf9dad980c3f23b050c8f877921043c543b709d7fb9a0c91572, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:94:3b:6f:bf:ed:12:e1:ab:82:5e:41:21:43:
a5:f7:37:65:07:19:0e:76:b2:56:a2:bf:14:41:b2:
eb:ee:0c:ac:2e:42:a3:ea:c6:a5:0b:6a:0a:7e:2f:
c6:84:38:3c:28:9f:a0:80:c4:98:cc:8d:8d:7e:0d:
f9:83:e2:70:a6:7f:bc:be:72:7e:65:86:d8:cd:cc:
9f:4e:63:15:13:c6:fa:c1:7b:81:70:12:f0:19:31:
91:21:1f:bc:ab:96:28:ba:17:cb:76:5d:5f:b0:e7:
c2:53:02:30:85:50:e9:b3:0d:06:eb:79:3a:40:da:
37:a0:73:3c:98:05:59:51:90:dd:c7:71:f1:11:04:
e4:2f:27:2b:2a:6b:a1:09:f7:eb:68:5a:d4:83:22:
68:d5:05:f0:de:b5:a8:c6:61:7c:f1:07:ce:e7:0b:
ba:00:ff:d1:4a:b3:2d:4e:50:46:ba:30:40:c3:a2:
da:00:31:2b:af:46:9f:c9:c1:14:18:02:98:00:26:
dd:86:67:be:c3:4d:57:b7:59:88:8d:37:cf:83:a0:
48:b3:d5:f8:99:3f:8c:ab:ac:37:66:26:b9:d1:bf:
69:ab:47:74:3a:b9:d5:91:b5:07:8c:4b:39:b6:4e:
b0:4e:14:55:ab:c8:a6:6e:c6:e8:2d:48:1b:0d:39:
0d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:BC:E4:9A:16:39:29:6C:93:05:A9:17:72:3F:D5:0D:5D:C3:B7:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:c000::/48
Signature Algorithm: sha256WithRSAEncryption
09:04:e3:17:2a:d0:fd:28:22:53:d5:b7:e5:eb:f2:a5:46:bf:
87:bb:75:99:1c:11:0b:30:8a:2d:49:70:c5:71:78:b1:ff:b4:
fa:9b:04:7a:91:d0:bb:8f:68:be:73:ea:80:f8:0c:eb:5d:91:
ad:90:b3:03:82:fc:48:a1:9e:2b:33:2c:4f:06:56:05:0e:b6:
8b:3c:e7:f0:4b:b6:46:c4:94:d6:5f:8a:8a:20:4e:c2:8c:df:
ce:52:ff:33:1a:5c:f6:9f:85:ce:18:f0:f0:7c:b1:aa:66:00:
e4:bc:27:3b:f2:86:53:dd:db:de:28:84:af:37:95:85:a4:93:
fe:a9:b2:d2:72:91:90:8c:3e:6c:2d:68:09:39:23:fe:e0:86:
05:e2:36:97:6f:51:e5:96:8a:9d:66:db:1f:c7:0b:12:79:a0:
d9:56:a4:04:8f:32:4b:48:5d:29:f6:44:6a:00:f7:9e:5c:f1:
ca:59:bb:fb:c1:96:3f:9f:57:3e:c8:ef:a0:9d:c5:0b:f7:b8:
6e:b3:67:2f:3c:af:cc:9b:8d:14:98:80:3c:97:a7:b2:28:d5:
db:0c:58:ba:72:9c:a0:fb:9c:0e:35:88:5b:f2:f4:5d:54:46:
d7:23:28:dd:37:cf:8a:8b:11:64:6e:0b:f9:e2:13:d0:80:e5:
62:f7:4e:05
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUyOz/SY5gN83GChXnBKJ7+e8HcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTgwNDMwMjBaFw0yNTExMjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlZTFhZjNhNjMyZTFjZjlkYWQ5ODBjM2YyM2IwNTBjOGY4Nzc5MjEwNDNj
NTQzYjcwOWQ3ZmI5YTBjOTE1NzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqUO2+/7RLhq4JeQSFDpfc3ZQcZDnayVqK/FEGy6+4MrC5Co+rGpQtqCn4v
xoQ4PCifoIDEmMyNjX4N+YPicKZ/vL5yfmWG2M3Mn05jFRPG+sF7gXAS8BkxkSEf
vKuWKLoXy3ZdX7DnwlMCMIVQ6bMNBut5OkDaN6BzPJgFWVGQ3cdx8REE5C8nKypr
oQn362ha1IMiaNUF8N61qMZhfPEHzucLugD/0UqzLU5QRrowQMOi2gAxK69Gn8nB
FBgCmAAm3YZnvsNNV7dZiI03z4OgSLPV+Jk/jKusN2YmudG/aatHdDq51ZG1B4xL
ObZOsE4UVavIpm7G6C1IGw05DR8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTyvOSa
FjkpbJMFqRdyP9UNXcO3jzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWRmZThjNjUtZmQ1Yi00NTk3LWJlNGEtMGUwOTRjNTljNDBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GzA
ADANBgkqhkiG9w0BAQsFAAOCAQEACQTjFyrQ/SgiU9W35evypUa/h7t1mRwRCzCK
LUlwxXF4sf+0+psEepHQu49ovnPqgPgM612RrZCzA4L8SKGeKzMsTwZWBQ62izzn
8Eu2RsSU1l+KiiBOwozfzlL/Mxpc9p+Fzhjw8HyxqmYA5LwnO/KGU93b3iiErzeV
haST/qmy0nKRkIw+bC1oCTkj/uCGBeI2l29R5ZaKnWbbH8cLEnmg2VakBI8yS0hd
KfZEagD3nlzxylm7+8GWP59XPsjvoJ3FC/e4brNnLzyvzJuNFJiAPJensijV2wxY
unKcoPucDjWIW/L0XVRG1yMo3TfPiosRZG4L+eIT0IDlYvdOBQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:28 2025 by rpki-client