Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
File: bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa (raw, json)
Hash identifier: XOEMZ9D9DUXy76QeoyM3nGtBU9xUv4x9KgPOxgCJzxU=
Subject key identifier: 39:FD:8D:C2:B8:9C:A1:8B:FF:32:2D:71:78:C8:BC:EB:9B:E5:F6:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F3956657C6DF29B39F6E53322E5C045D46A4140
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
Signing time: Mon 13 Oct 2025 18:00:01 +0000
ROA not before: Mon 13 Oct 2025 18:00:01 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:39:56:65:7c:6d:f2:9b:39:f6:e5:33:22:e5:c0:45:d4:6a:41:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 18:00:01 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=c9afa283287f78fb94a360fea88e97d6ecd5ed256098563619140a97cfc4c5e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ee:d8:4e:77:70:35:14:45:01:d4:33:51:43:
0c:46:eb:ab:a6:e5:a3:70:de:e6:03:4d:18:99:41:
fa:c5:5b:4e:f7:30:3d:93:cd:04:29:15:fa:dc:d7:
c4:37:7f:60:a1:52:0d:4d:02:6a:c5:32:97:20:d0:
4f:d0:e1:6d:eb:06:26:f9:5a:74:cd:c3:fd:b6:64:
da:3e:f0:94:7b:58:7a:a6:e1:88:77:e8:81:e6:1f:
8d:00:ad:68:82:f7:14:e8:96:f8:19:38:83:76:02:
54:5b:d0:c9:b7:9b:94:2c:ad:51:0a:e6:2f:78:7e:
44:3e:3d:57:3d:92:9d:a7:ce:c5:e5:8b:59:db:23:
80:f7:28:33:08:04:e1:43:66:d5:e9:38:fb:e6:75:
60:4c:bf:bf:f6:c5:64:b3:84:e0:d8:2c:18:22:5e:
78:da:d2:c2:9a:d3:72:25:f3:d7:fa:15:55:d6:bf:
78:bb:fc:6c:80:fc:58:a3:11:97:2d:b5:6f:4e:8a:
1a:8c:ab:d2:09:d9:ba:c5:ed:4b:60:57:64:1a:72:
71:df:d4:93:6f:25:12:45:21:49:9d:67:bf:56:a2:
88:ba:db:a1:a0:7c:6e:fe:47:98:41:6a:a7:e1:b5:
c0:0a:ae:b1:ca:a9:c2:b3:c9:c3:92:77:0b:dc:c1:
0e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:FD:8D:C2:B8:9C:A1:8B:FF:32:2D:71:78:C8:BC:EB:9B:E5:F6:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2000::/40
Signature Algorithm: sha256WithRSAEncryption
61:1c:06:c6:80:6e:72:01:d7:a8:da:a1:ba:9c:ea:a0:c7:f4:
c9:2c:5a:76:7f:06:db:45:b7:b6:91:b2:70:31:9f:53:2b:81:
27:94:69:d2:3e:c9:30:bd:9a:0a:9c:94:96:b9:44:f0:8a:21:
9e:56:80:17:44:96:dc:97:3e:67:8d:29:93:0e:90:0e:40:c6:
99:b5:f1:ae:4a:29:5e:e0:e7:62:5f:39:8c:ea:3d:91:fd:d5:
9f:c8:74:a7:61:12:6e:06:55:cc:9a:ec:ef:a0:f1:28:94:f3:
ac:ec:aa:af:20:78:45:e6:3d:36:84:e4:6f:24:f7:22:d6:61:
a7:2b:e8:03:bc:48:ca:09:e2:e3:7b:ed:d0:aa:be:e9:2c:7c:
39:c9:6b:0e:40:8b:d7:29:53:d5:3c:70:9d:d1:67:c7:c6:18:
99:68:ff:16:25:d4:d7:30:55:64:72:99:7d:54:30:d4:65:8c:
db:09:0b:08:cc:98:7d:d1:73:75:27:c3:d3:ea:08:7d:29:c2:
a8:7a:b1:c9:08:ef:7a:ec:03:13:8c:f2:39:08:a3:1c:47:27:
12:8e:84:6e:7c:24:18:c2:30:c0:d4:16:38:81:3a:f7:04:53:
97:09:ed:91:f5:6f:d4:24:69:b7:c9:0c:e0:35:40:1a:9c:6d:
2d:6c:08:af
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXzlWZXxt8ps59uUzIuXARdRqQUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxODAwMDFaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5YWZhMjgzMjg3Zjc4ZmI5NGEzNjBmZWE4OGU5N2Q2ZWNkNWVkMjU2MDk4
NTYzNjE5MTQwYTk3Y2ZjNGM1ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXu2E53cDUURQHUM1FDDEbrq6blo3De5gNNGJlB+sVbTvcwPZPNBCkV+tzX
xDd/YKFSDU0CasUylyDQT9DhbesGJvladM3D/bZk2j7wlHtYeqbhiHfogeYfjQCt
aIL3FOiW+Bk4g3YCVFvQybeblCytUQrmL3h+RD49Vz2SnafOxeWLWdsjgPcoMwgE
4UNm1ek4++Z1YEy/v/bFZLOE4NgsGCJeeNrSwprTciXz1/oVVda/eLv8bID8WKMR
ly21b06KGoyr0gnZusXtS2BXZBpycd/Uk28lEkUhSZ1nv1aiiLrboaB8bv5HmEFq
p+G1wAquscqpwrPJw5J3C9zBDgcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ5/Y3C
uJyhi/8yLXF4yLzrm+X2ijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM1OWU0MjEtYmExZC00ZjZhLWFlYmEtOWQ1YzY3M2E3MDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg
MA0GCSqGSIb3DQEBCwUAA4IBAQBhHAbGgG5yAdeo2qG6nOqgx/TJLFp2fwbbRbe2
kbJwMZ9TK4EnlGnSPskwvZoKnJSWuUTwiiGeVoAXRJbclz5njSmTDpAOQMaZtfGu
Sile4OdiXzmM6j2R/dWfyHSnYRJuBlXMmuzvoPEolPOs7KqvIHhF5j02hORvJPci
1mGnK+gDvEjKCeLje+3Qqr7pLHw5yWsOQIvXKVPVPHCd0WfHxhiZaP8WJdTXMFVk
cpl9VDDUZYzbCQsIzJh90XN1J8PT6gh9KcKoerHJCO967AMTjPI5CKMcRycSjoRu
fCQYwjDA1BY4gTr3BFOXCe2R9W/UJGm3yQzgNUAanG0tbAiv
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:34 2025 by rpki-client