Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
File: ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa (raw, json)
Hash identifier: 3Px7ubog3/0mDkt27am72eygXHZ+Yqf79QVnZNk+fy8=
Subject key identifier: DB:A5:7D:D1:06:FB:E3:99:88:B2:F2:D7:AB:1C:70:8A:AE:5E:25:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 62855AD82C96A86719A4F84BC7BCF9C491FD5FB2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
Signing time: Fri 26 Sep 2025 18:51:33 +0000
ROA not before: Fri 26 Sep 2025 18:51:33 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:85:5a:d8:2c:96:a8:67:19:a4:f8:4b:c7:bc:f9:c4:91:fd:5f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:51:33 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=43af4dbd07b64ecfa5d64995af162c6d7b42f1f5fdf6fafde4f55778e06ce3f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:af:3e:46:41:ba:5d:e2:cf:77:56:77:da:31:
fd:bf:38:0c:d1:85:a2:69:27:f1:f6:50:bc:27:24:
26:00:b2:20:35:80:34:65:45:3e:7a:f1:ed:cf:9d:
8c:4e:08:a5:a9:3c:aa:a4:40:6f:ce:dc:e8:c0:77:
c3:e6:dc:17:7a:d2:a1:4b:1e:40:75:0c:45:76:40:
69:72:ed:ff:24:bd:7d:6f:0c:f9:56:f5:21:55:01:
0b:7c:d1:ff:b5:05:53:3c:39:35:7c:02:f0:74:04:
ca:8c:f6:e7:85:ab:f6:82:df:50:32:44:25:a9:ee:
95:5f:01:b5:4d:31:bd:bc:50:59:61:e1:60:39:cb:
1f:78:6e:f6:cb:5f:6d:0c:81:20:c2:4c:80:2e:5a:
af:5b:2f:7d:19:df:a0:bf:9c:52:f2:13:7a:3f:9f:
f8:00:08:a0:87:7a:87:b3:ae:0d:a4:cb:8e:21:4c:
65:1f:63:97:6e:8b:72:1a:df:aa:b7:d3:45:19:ea:
a5:c5:5c:a4:50:77:3d:3d:39:20:07:e0:1f:e2:69:
2d:c0:67:be:de:8b:81:b1:88:04:f8:88:8f:d1:d4:
69:e8:07:8b:1e:93:66:31:42:a3:1c:a4:01:e0:d8:
a6:3c:b9:6d:ea:dd:da:7a:be:cc:fb:42:8a:72:3d:
ea:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:A5:7D:D1:06:FB:E3:99:88:B2:F2:D7:AB:1C:70:8A:AE:5E:25:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
15:cc:24:4a:14:ab:68:dd:a8:3e:48:e4:33:bf:c6:56:ad:e3:
5f:28:c2:92:eb:a5:2f:dc:0a:fe:c0:a2:ef:00:f1:bd:8a:c2:
21:67:42:f6:d0:ff:2d:5a:fc:bb:6e:53:62:8f:4b:5d:1a:39:
ae:47:71:1b:99:ca:98:54:05:97:6b:82:28:00:bb:b8:ab:09:
47:09:1a:c7:fa:69:1e:00:62:e0:c5:97:51:71:f3:83:fa:d4:
81:97:d0:b4:33:dd:8d:d4:2d:ea:bb:0f:e4:f0:cf:a0:5f:83:
b3:09:e4:fe:2f:93:95:22:c4:23:16:5a:0b:6a:26:99:01:d3:
8d:b8:c0:7b:83:25:a9:f8:75:66:3a:50:d3:77:c0:0b:5a:ad:
6f:46:58:f7:89:9c:50:5c:48:90:3d:c0:c6:99:66:f7:f3:92:
89:dc:74:e1:4b:0f:57:ff:b8:a5:8d:c8:28:3e:4e:99:2b:56:
75:ce:3b:cd:99:a0:f6:1c:5e:0d:13:d0:77:67:ed:8c:d8:f7:
23:59:f2:dd:2b:9b:25:63:da:f9:3c:a1:76:71:92:c4:61:8a:
28:57:7b:83:c6:31:fb:dd:43:f9:63:a4:57:02:c1:19:4a:c8:
d4:d5:c8:d4:6b:03:8a:72:72:e3:32:10:e5:ca:6c:ef:39:ef:
33:f0:37:e4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYoVa2CyWqGcZpPhLx7z5xJH9X7IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODUxMzNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzYWY0ZGJkMDdiNjRlY2ZhNWQ2NDk5NWFmMTYyYzZkN2I0MmYxZjVmZGY2
ZmFmZGU0ZjU1Nzc4ZTA2Y2UzZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSvPkZBul3iz3dWd9ox/b84DNGFomkn8fZQvCckJgCyIDWANGVFPnrx7c+d
jE4Ipak8qqRAb87c6MB3w+bcF3rSoUseQHUMRXZAaXLt/yS9fW8M+Vb1IVUBC3zR
/7UFUzw5NXwC8HQEyoz254Wr9oLfUDJEJanulV8BtU0xvbxQWWHhYDnLH3hu9stf
bQyBIMJMgC5ar1svfRnfoL+cUvITej+f+AAIoId6h7OuDaTLjiFMZR9jl26Lchrf
qrfTRRnqpcVcpFB3PT05IAfgH+JpLcBnvt6LgbGIBPiIj9HUaegHix6TZjFCoxyk
AeDYpjy5berd2nq+zPtCinI96scCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTbpX3R
BvvjmYiy8terHHCKrl4l9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIyMzJiODYtOWJkNi00MDljLThkZTUtOTJiZmZmMmE4YjVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
wDANBgkqhkiG9w0BAQsFAAOCAQEAFcwkShSraN2oPkjkM7/GVq3jXyjCkuulL9wK
/sCi7wDxvYrCIWdC9tD/LVr8u25TYo9LXRo5rkdxG5nKmFQFl2uCKAC7uKsJRwka
x/ppHgBi4MWXUXHzg/rUgZfQtDPdjdQt6rsP5PDPoF+Dswnk/i+TlSLEIxZaC2om
mQHTjbjAe4Mlqfh1ZjpQ03fAC1qtb0ZY94mcUFxIkD3Axplm9/OSidx04UsPV/+4
pY3IKD5OmStWdc47zZmg9hxeDRPQd2ftjNj3I1ny3SubJWPa+TyhdnGSxGGKKFd7
g8Yx+91D+WOkVwLBGUrI1NXI1GsDinJy4zIQ5cps7znvM/A35A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:11 2025 by rpki-client