Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa
File: adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa (raw, json)
Hash identifier: 8X7L7uHxcW2iWbdyzdajmOtAF6+AlTAfLqQovoULwUE=
Subject key identifier: 0B:E9:BC:8F:7B:4A:B9:8D:86:7F:EE:69:EA:1B:43:1D:1D:8D:9B:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48620E209E0E9E5D8BEC9B49CEE0D987A5BDD4C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa
Signing time: Mon 06 Oct 2025 18:00:10 +0000
ROA not before: Mon 06 Oct 2025 18:00:10 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:1080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:62:0e:20:9e:0e:9e:5d:8b:ec:9b:49:ce:e0:d9:87:a5:bd:d4:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:00:10 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=1a9e8156f796786e2d577675a306a60caa083bbebee853d6183acc1ef3b3973d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:53:ba:c6:9c:b4:bc:bd:c5:e5:74:53:be:88:
e6:5f:e8:34:6c:90:38:89:8d:1d:fb:fa:4f:04:09:
c6:3d:bc:45:1c:c0:79:dd:61:17:f3:33:bb:fd:46:
e3:af:ed:a3:ea:92:f2:79:8b:7e:61:63:57:cd:64:
9b:06:c1:25:72:a5:d9:46:94:4b:23:46:61:db:66:
be:84:81:0c:e4:b2:c4:d7:3d:cf:82:75:d9:8e:60:
29:ef:65:86:e1:dd:47:a9:9d:61:d4:aa:81:9d:16:
fc:9d:49:8b:a0:c0:91:68:16:fb:21:a7:12:7d:e5:
e3:8a:54:9e:87:c5:89:54:a1:ed:bc:53:5d:05:fa:
4e:c3:88:79:aa:09:5f:b9:73:0c:25:a2:37:92:40:
26:c8:2f:1b:2f:18:aa:32:f1:d4:01:97:82:14:4c:
06:15:b1:07:04:56:73:19:6f:f1:94:84:2d:ab:58:
22:13:1a:b2:67:03:b3:82:41:d6:bb:39:05:ff:ba:
ce:67:fb:26:73:f1:92:74:82:67:6b:ea:25:90:86:
a3:97:07:32:8d:57:e6:fb:cb:fe:cf:ff:8a:50:41:
92:04:5f:ae:56:57:5e:be:d8:1a:86:6c:fc:7f:ec:
e8:09:ab:24:c3:42:2c:a5:a1:10:2b:64:b4:ba:90:
44:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E9:BC:8F:7B:4A:B9:8D:86:7F:EE:69:EA:1B:43:1D:1D:8D:9B:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:1080::/46
Signature Algorithm: sha256WithRSAEncryption
69:b2:c0:b6:2d:23:cd:aa:2e:b2:04:22:36:59:48:a1:2a:da:
be:cb:7c:28:e2:d3:a9:d9:6d:7b:f6:9c:b1:e9:4b:e9:6a:fb:
26:be:a2:75:ac:96:83:67:de:09:fe:86:18:39:6c:6b:c5:0a:
07:3a:2f:4a:3a:20:37:58:93:c9:17:61:c0:3a:8f:9e:67:31:
5c:3b:27:90:77:cd:9c:b7:54:8a:3a:c1:48:38:9c:a6:e0:1d:
cd:89:61:d4:82:9d:d2:88:4b:49:f9:04:c3:0a:9d:49:13:69:
07:dc:40:19:61:27:fe:5d:d7:41:1d:45:d1:52:85:4f:bb:e5:
b4:69:1c:5c:07:ba:29:2f:ff:14:82:58:46:d2:c0:4b:87:d1:
42:e2:fe:68:03:35:d8:3c:75:63:fb:58:f9:14:a4:85:78:04:
57:b7:20:47:bd:92:ed:b6:8a:49:a7:76:6f:15:72:09:3b:42:
c1:ac:ae:69:7f:87:93:bf:97:aa:9c:a9:25:bd:9e:37:1e:1d:
4b:e3:94:4a:27:53:84:3c:e9:d5:5b:ea:8b:e2:ff:94:56:42:
08:d0:d8:40:97:52:6a:82:4f:cc:76:14:0f:2e:ad:d3:5d:ba:
4a:27:a5:a4:8a:90:49:62:30:39:2b:1d:17:2a:e6:e4:03:06:
25:78:cd:74
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSGIOIJ4Onl2L7JtJzuDZh6W91MgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAwMTBaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhOWU4MTU2Zjc5Njc4NmUyZDU3NzY3NWEzMDZhNjBjYWEwODNiYmViZWU4
NTNkNjE4M2FjYzFlZjNiMzk3M2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlTusactLy9xeV0U76I5l/oNGyQOImNHfv6TwQJxj28RRzAed1hF/Mzu/1G
46/to+qS8nmLfmFjV81kmwbBJXKl2UaUSyNGYdtmvoSBDOSyxNc9z4J12Y5gKe9l
huHdR6mdYdSqgZ0W/J1Ji6DAkWgW+yGnEn3l44pUnofFiVSh7bxTXQX6TsOIeaoJ
X7lzDCWiN5JAJsgvGy8YqjLx1AGXghRMBhWxBwRWcxlv8ZSELatYIhMasmcDs4JB
1rs5Bf+6zmf7JnPxknSCZ2vqJZCGo5cHMo1X5vvL/s//ilBBkgRfrlZXXr7YGoZs
/H/s6AmrJMNCLKWhECtktLqQRI0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQL6byP
e0q5jYZ/7mnqG0MdHY2bLTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWRiMTM1MWYtM2RkNS00ZTRmLTg5NTUtMTUxNGY0MmU0OGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAabLAti0jzaousgQiNllIoSravst8KOLTqdlt
e/acselL6Wr7Jr6idayWg2feCf6GGDlsa8UKBzovSjogN1iTyRdhwDqPnmcxXDsn
kHfNnLdUijrBSDicpuAdzYlh1IKd0ohLSfkEwwqdSRNpB9xAGWEn/l3XQR1F0VKF
T7vltGkcXAe6KS//FIJYRtLAS4fRQuL+aAM12Dx1Y/tY+RSkhXgEV7cgR72S7baK
Sad2bxVyCTtCwayuaX+Hk7+XqpypJb2eNx4dS+OUSidThDzp1Vvqi+L/lFZCCNDY
QJdSaoJPzHYUDy6t0126SielpIqQSWIwOSsdFyrm5AMGJXjNdA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:02 2025 by rpki-client