Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
File: b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa (raw, json)
Hash identifier: o+qI8J6mUl9WRI2ewOqdXydO0Bx2PYx3BGZpVyMfzjw=
Subject key identifier: 17:55:0E:78:C9:34:5F:76:FE:8E:0F:5F:C1:4A:0F:2A:59:06:34:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F2747B75FD78FE30083C25CB153D2962F50B44F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
Signing time: Fri 26 Sep 2025 19:11:08 +0000
ROA not before: Fri 26 Sep 2025 19:11:08 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:27:47:b7:5f:d7:8f:e3:00:83:c2:5c:b1:53:d2:96:2f:50:b4:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:11:08 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=cbdb7f2ff52da9ff04c895adc0019061d3850767f6e73c9f64f8515dea73d46c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c8:dc:64:10:69:a8:0b:29:44:3c:79:99:fb:
26:2b:56:1d:93:eb:ba:5d:ed:04:a8:ea:d1:02:9a:
de:9f:4a:09:90:4f:b3:5a:4a:17:0a:24:4a:e1:65:
67:08:c8:22:5b:49:5c:19:ac:37:86:22:fd:88:c2:
e2:5e:5a:52:a9:e3:56:3e:27:3f:16:e5:89:63:d9:
d8:e0:f7:16:4f:c1:77:e9:2d:16:cb:0c:9a:44:e4:
53:d7:44:18:f3:bd:71:57:15:52:25:08:c0:40:d8:
f8:07:24:c7:4b:ba:5e:04:31:b3:30:44:c1:95:03:
da:25:bc:05:71:29:59:a6:ff:98:cb:7e:e2:fa:e4:
a9:a9:5f:ba:3e:2b:c1:e9:b1:79:4f:c5:6e:f8:ff:
b2:82:a7:a0:62:73:fb:8e:e7:be:73:ef:ec:e8:a6:
27:69:1f:80:76:1b:58:09:fc:c8:fa:28:ac:c4:62:
d5:a4:c9:e8:b1:a8:21:3f:f1:00:4d:9b:c7:0d:bb:
18:f4:6a:b2:95:40:9c:3a:53:08:6d:97:16:cc:51:
1e:31:e7:74:7b:ed:44:59:8a:af:3f:e2:35:48:2b:
ac:82:bb:e3:27:c4:e9:e7:e0:eb:36:25:c2:24:83:
65:14:43:5d:dd:b7:65:76:b3:32:5c:60:b0:b6:25:
d9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:55:0E:78:C9:34:5F:76:FE:8E:0F:5F:C1:4A:0F:2A:59:06:34:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
61:b1:01:43:c0:b3:1e:70:e7:2d:1d:c6:2c:4c:84:4a:77:5e:
28:4b:30:d5:0d:5f:bc:a2:36:0f:f3:a1:09:b4:6b:86:e3:7e:
70:b1:40:ad:0c:7a:a3:fc:db:2a:83:24:82:d4:b5:14:23:22:
5b:3d:3f:a6:a0:f4:22:f2:07:1d:1d:41:6c:cb:78:51:19:62:
fb:18:b1:70:9d:04:71:f9:be:64:36:59:ef:71:cd:aa:08:74:
63:42:6a:a6:57:fd:a8:c1:07:8e:68:e6:f7:e6:ad:5a:d4:40:
16:3d:c0:36:2d:d9:e9:2d:6a:94:d5:e1:0d:52:d9:f8:c9:7a:
42:55:81:b7:e1:77:a3:c4:27:15:29:d9:00:be:78:38:b0:c5:
90:d7:48:45:79:36:1e:e1:5a:e7:b9:42:63:1e:64:e1:2f:74:
e0:7a:57:85:46:6f:e2:47:f8:fc:18:65:2e:f9:f8:57:03:b9:
a6:68:11:83:a9:58:ab:23:f3:ac:45:04:b0:d6:36:cb:b8:1d:
a9:00:34:d8:62:57:54:1a:63:42:1e:ee:99:86:63:8b:25:a0:
53:ae:ca:a4:e1:4f:9e:22:35:0d:35:e0:55:30:e9:6e:3b:11:
43:3d:b9:9f:2a:b6:3c:84:81:ea:13:93:26:f3:cc:ab:e9:ee:
c5:08:9f:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHydHt1/Xj+MAg8JcsVPSli9QtE8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTExMDhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiZGI3ZjJmZjUyZGE5ZmYwNGM4OTVhZGMwMDE5MDYxZDM4NTA3NjdmNmU3
M2M5ZjY0Zjg1MTVkZWE3M2Q0NmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDI3GQQaagLKUQ8eZn7JitWHZPrul3tBKjq0QKa3p9KCZBPs1pKFwokSuFl
ZwjIIltJXBmsN4Yi/YjC4l5aUqnjVj4nPxbliWPZ2OD3Fk/Bd+ktFssMmkTkU9dE
GPO9cVcVUiUIwEDY+Ackx0u6XgQxszBEwZUD2iW8BXEpWab/mMt+4vrkqalfuj4r
wemxeU/Fbvj/soKnoGJz+47nvnPv7OimJ2kfgHYbWAn8yPoorMRi1aTJ6LGoIT/x
AE2bxw27GPRqspVAnDpTCG2XFsxRHjHndHvtRFmKrz/iNUgrrIK74yfE6efg6zYl
wiSDZRRDXd23ZXazMlxgsLYl2bkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQXVQ54
yTRfdv6OD1/BSg8qWQY03DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjYxZjg1OGEtMzFiMS00ODVhLThjZWQtMGMzMjhjZTljNGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9A
MA0GCSqGSIb3DQEBCwUAA4IBAQBhsQFDwLMecOctHcYsTIRKd14oSzDVDV+8ojYP
86EJtGuG435wsUCtDHqj/NsqgySC1LUUIyJbPT+moPQi8gcdHUFsy3hRGWL7GLFw
nQRx+b5kNlnvcc2qCHRjQmqmV/2owQeOaOb35q1a1EAWPcA2LdnpLWqU1eENUtn4
yXpCVYG34XejxCcVKdkAvng4sMWQ10hFeTYe4VrnuUJjHmThL3TgeleFRm/iR/j8
GGUu+fhXA7mmaBGDqVirI/OsRQSw1jbLuB2pADTYYldUGmNCHu6ZhmOLJaBTrsqk
4U+eIjUNNeBVMOluOxFDPbmfKrY8hIHqE5Mm88yr6e7FCJ9W
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:22 2025 by rpki-client