Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa
File: a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa (raw, json)
Hash identifier: IcpgjYnnbBjGtHu9/3hmYSg7VUxHKzYuJ46lNpIvKvw=
Subject key identifier: 70:CD:E7:CB:8B:39:5A:A3:B5:47:ED:58:01:4C:6D:43:C5:01:8C:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4911850682AA03B68B9E96B30C52BAC4647B6883
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa
Signing time: Mon 29 Sep 2025 15:24:36 +0000
ROA not before: Mon 29 Sep 2025 15:24:36 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:80c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:11:85:06:82:aa:03:b6:8b:9e:96:b3:0c:52:ba:c4:64:7b:68:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 29 15:24:36 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=b81b795a9aa87e79932de17498499c65c94edd0a0eb57427de09eff89744af2c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ca:a2:ec:b9:48:44:7e:cf:f5:ca:16:e1:31:
73:c9:30:fd:da:be:b2:5c:94:32:16:4b:71:6c:aa:
30:12:7a:93:74:4d:18:b9:91:5e:f2:e0:fe:22:cd:
e1:dd:2b:84:97:a8:b8:97:ba:25:1c:5c:c7:55:d6:
e9:5b:b4:47:9c:ac:b4:aa:b7:6d:52:9a:ab:2e:42:
4c:81:27:90:d3:ef:40:3c:00:fd:ed:df:8b:e6:7a:
eb:9b:19:cc:1b:1e:bc:59:73:7b:95:bf:11:b7:0e:
aa:3b:c1:42:db:7f:5f:18:9d:33:dc:e3:e6:81:33:
05:17:8d:82:8c:b8:40:4a:b6:a5:f6:b9:49:5a:ab:
5f:a1:27:36:ac:ae:6d:1e:9a:ee:a4:f1:db:a3:eb:
0d:f4:e7:30:c5:80:2c:6f:43:e4:a5:78:0f:19:f3:
f2:2a:0e:56:88:8d:f5:7b:82:98:6d:3e:d9:05:85:
fa:57:ff:95:8d:f6:4f:59:f7:20:d9:82:2e:d8:12:
aa:27:57:a5:e2:f7:dc:10:84:ff:bd:10:38:02:c7:
a0:63:ac:89:a2:1f:b6:80:80:19:15:5e:90:f6:f3:
de:26:41:73:ca:ec:d7:15:47:b6:fe:d3:36:d2:7e:
33:6e:96:6e:cd:44:dc:f9:3d:8f:66:83:42:f3:83:
51:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:CD:E7:CB:8B:39:5A:A3:B5:47:ED:58:01:4C:6D:43:C5:01:8C:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
22:c5:37:e3:15:e7:03:0c:85:0f:d0:3a:3d:5e:6a:0a:90:c2:
58:79:d2:48:15:3d:b4:b6:7e:9b:86:44:22:9c:94:2c:57:9d:
5a:5e:a1:92:d8:30:40:a0:95:5e:ab:3a:70:9c:a0:e4:26:cd:
9f:28:4f:20:2b:b4:d5:71:82:55:5a:50:a5:6b:7f:7c:d9:15:
8b:ec:fd:86:d2:25:37:39:28:41:9b:7a:10:7e:7b:41:2d:de:
f2:85:51:c7:af:e3:2c:c9:0d:5c:6f:94:15:4d:24:ae:10:e0:
17:2f:49:05:89:25:2a:84:34:36:5f:48:03:a9:29:c7:80:35:
5c:30:e6:95:fd:c5:a1:47:33:2f:9a:1c:ff:c3:2c:5c:a8:79:
31:0f:6d:3e:e3:e1:7f:08:ed:05:59:c1:e3:9b:6f:b9:3f:11:
99:f6:cb:8c:ce:46:43:b8:eb:a1:de:a5:5f:e5:a7:1c:0b:c0:
31:ca:02:cf:b6:45:e2:29:eb:06:f5:79:f1:75:a1:62:7c:2a:
7a:19:d3:ff:1b:0b:a7:fc:a5:73:34:5a:34:aa:61:c2:58:29:
10:ab:ed:f1:fb:0e:e1:81:80:60:0a:1b:0d:01:65:d9:12:e8:
52:c3:29:18:f1:54:8f:b5:c3:5a:63:c2:15:ca:d8:07:57:13:
dc:a8:27:7d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSRGFBoKqA7aLnpazDFK6xGR7aIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjkxNTI0MzZaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4MWI3OTVhOWFhODdlNzk5MzJkZTE3NDk4NDk5YzY1Yzk0ZWRkMGEwZWI1
NzQyN2RlMDllZmY4OTc0NGFmMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrKouy5SER+z/XKFuExc8kw/dq+slyUMhZLcWyqMBJ6k3RNGLmRXvLg/iLN
4d0rhJeouJe6JRxcx1XW6Vu0R5ystKq3bVKaqy5CTIEnkNPvQDwA/e3fi+Z665sZ
zBsevFlze5W/EbcOqjvBQtt/XxidM9zj5oEzBReNgoy4QEq2pfa5SVqrX6EnNqyu
bR6a7qTx26PrDfTnMMWALG9D5KV4Dxnz8ioOVoiN9XuCmG0+2QWF+lf/lY32T1n3
INmCLtgSqidXpeL33BCE/70QOALHoGOsiaIftoCAGRVekPbz3iZBc8rs1xVHtv7T
NtJ+M26Wbs1E3Pk9j2aDQvODUYsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRwzefL
izlao7VH7VgBTG1DxQGMXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTJhZTAxZjEtYWQyMC00ZTkyLTliYzYtZjAzZWRlOTdlMTZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DSA
wDANBgkqhkiG9w0BAQsFAAOCAQEAIsU34xXnAwyFD9A6PV5qCpDCWHnSSBU9tLZ+
m4ZEIpyULFedWl6hktgwQKCVXqs6cJyg5CbNnyhPICu01XGCVVpQpWt/fNkVi+z9
htIlNzkoQZt6EH57QS3e8oVRx6/jLMkNXG+UFU0krhDgFy9JBYklKoQ0Nl9IA6kp
x4A1XDDmlf3FoUczL5oc/8MsXKh5MQ9tPuPhfwjtBVnB45tvuT8RmfbLjM5GQ7jr
od6lX+WnHAvAMcoCz7ZF4inrBvV58XWhYnwqehnT/xsLp/ylczRaNKphwlgpEKvt
8fsO4YGAYAobDQFl2RLoUsMpGPFUj7XDWmPCFcrYB1cT3KgnfQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:38 2025 by rpki-client