Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
File: a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa (raw, json)
Hash identifier: 2r1tdOHZxYNKia0AoLb9qQAdt0NFW5u6KCVWzOof4aw=
Subject key identifier: 07:78:7C:3A:20:1E:46:80:1D:8F:5D:41:7E:78:43:51:F9:1F:7A:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6510A990F725805000FA5A51C7115B1E219BC17D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
Signing time: Fri 10 Oct 2025 17:04:17 +0000
ROA not before: Fri 10 Oct 2025 17:04:17 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:10:a9:90:f7:25:80:50:00:fa:5a:51:c7:11:5b:1e:21:9b:c1:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:04:17 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=4380d83a2d78dc0acbd40fed371fa25996ec96d97164a3dc5c05d14a4f4bab50, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:42:37:1c:64:74:4d:d1:d6:4c:09:12:8c:5b:
51:5d:ea:08:6b:84:00:95:d4:b9:a7:eb:20:96:ca:
f7:a1:7f:9d:30:56:d2:07:f2:9f:6b:71:a1:a9:c9:
f3:70:1e:e4:17:d3:71:30:dc:a5:c3:d6:23:eb:44:
4d:01:29:66:aa:ff:28:ca:41:b1:3c:66:08:b6:41:
0f:04:de:3b:9f:51:bd:14:17:cb:37:eb:af:da:17:
f6:6e:c4:1d:e4:69:b9:ee:57:09:d2:33:86:e8:94:
d9:49:1f:59:1a:23:68:3c:77:9b:6e:87:c4:63:e7:
b9:30:51:73:88:ef:bb:73:d7:66:f1:2a:b9:0a:4c:
4e:65:96:90:2d:b3:c7:f6:ad:9f:68:52:8d:50:c4:
9f:25:63:f8:79:f9:10:f3:e4:5c:df:f5:25:8d:fc:
2e:f6:c4:98:8f:d2:3d:b1:ab:5a:f9:c7:bf:7f:ec:
34:5e:48:e0:93:37:75:50:b7:35:c7:dd:ff:5f:e5:
8a:a2:e5:ad:b2:96:ae:2a:2b:56:1a:66:bf:66:13:
00:d7:5d:0a:d6:05:f6:2d:8c:80:3f:25:b4:b2:83:
72:b3:02:4e:9c:ec:55:b1:46:c7:5f:4a:0c:ac:b6:
a2:f3:15:9a:e2:5a:22:a2:ea:03:ad:a4:1a:14:a8:
5c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:78:7C:3A:20:1E:46:80:1D:8F:5D:41:7E:78:43:51:F9:1F:7A:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:800::/40
Signature Algorithm: sha256WithRSAEncryption
50:da:4a:06:fc:75:79:a5:d9:5e:d4:d5:a2:3a:88:55:41:0f:
f7:21:97:15:bb:cc:6c:46:88:0e:39:25:92:5d:8b:86:ef:95:
4f:5b:e8:f2:e9:20:a4:49:46:95:5a:aa:5b:4d:2c:bb:67:94:
cc:1f:92:da:23:63:2a:7d:78:00:27:b1:dc:05:80:91:78:df:
7b:69:f4:2a:d7:f9:19:e4:59:a4:81:a0:fb:d5:a4:38:ba:2d:
6c:5c:96:89:5e:4f:93:7a:89:c8:c7:ac:ce:8a:69:c1:8a:ed:
90:89:43:cf:eb:b7:38:84:68:5b:d7:9b:40:47:a3:a9:31:f6:
33:0b:f9:d2:8a:02:9f:b4:34:76:4f:10:6b:f8:90:73:9d:c8:
01:ed:81:9a:0a:ee:64:74:f1:ac:fc:c2:35:5e:ac:b3:d3:c6:
d9:41:dd:f2:e9:48:fb:1c:d1:cd:6b:16:85:93:9b:94:cf:21:
8f:2e:0c:c1:ce:77:57:10:75:dd:d6:c0:9c:37:52:37:ff:1a:
82:e5:50:41:36:b2:66:4a:37:0d:b1:81:e1:b2:55:d9:72:d8:
0b:0f:7c:8b:39:fb:b6:d4:cb:6e:d3:8d:9e:5a:1a:64:e6:34:
33:22:45:c7:91:2d:ea:d1:d5:8c:6d:7f:31:67:a2:ab:7d:dd:
cf:e9:ae:d1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZRCpkPclgFAA+lpRxxFbHiGbwX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzA0MTdaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzODBkODNhMmQ3OGRjMGFjYmQ0MGZlZDM3MWZhMjU5OTZlYzk2ZDk3MTY0
YTNkYzVjMDVkMTRhNGY0YmFiNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxCNxxkdE3R1kwJEoxbUV3qCGuEAJXUuafrIJbK96F/nTBW0gfyn2txoanJ
83Ae5BfTcTDcpcPWI+tETQEpZqr/KMpBsTxmCLZBDwTeO59RvRQXyzfrr9oX9m7E
HeRpue5XCdIzhuiU2UkfWRojaDx3m26HxGPnuTBRc4jvu3PXZvEquQpMTmWWkC2z
x/atn2hSjVDEnyVj+Hn5EPPkXN/1JY38LvbEmI/SPbGrWvnHv3/sNF5I4JM3dVC3
Ncfd/1/liqLlrbKWriorVhpmv2YTANddCtYF9i2MgD8ltLKDcrMCTpzsVbFGx19K
DKy2ovMVmuJaIqLqA62kGhSoXKECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQHeHw6
IB5GgB2PXUF+eENR+R96DjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ5ZTIzZGUtNmZjOS00MTJiLTlkMjMtNGYwODMwZDlmYTdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQI
MA0GCSqGSIb3DQEBCwUAA4IBAQBQ2koG/HV5pdle1NWiOohVQQ/3IZcVu8xsRogO
OSWSXYuG75VPW+jy6SCkSUaVWqpbTSy7Z5TMH5LaI2MqfXgAJ7HcBYCReN97afQq
1/kZ5FmkgaD71aQ4ui1sXJaJXk+TeonIx6zOimnBiu2QiUPP67c4hGhb15tAR6Op
MfYzC/nSigKftDR2TxBr+JBzncgB7YGaCu5kdPGs/MI1Xqyz08bZQd3y6Uj7HNHN
axaFk5uUzyGPLgzBzndXEHXd1sCcN1I3/xqC5VBBNrJmSjcNsYHhslXZctgLD3yL
Ofu21Mtu042eWhpk5jQzIkXHkS3q0dWMbX8xZ6Krfd3P6a7R
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:19:06 2025 by rpki-client