Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
File: c02bd597-170b-4eec-b8d1-18d678b065fa.roa (raw, json)
Hash identifier: ybK/riZ2Tq1xdqoi/45+wHfwghDxJc9gUkgZiZWPizA=
Subject key identifier: 14:F4:E3:4C:10:EB:7B:D9:25:E4:2F:1E:54:90:47:5D:56:9B:BE:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F59EDEC8D936B006C06A79A87DF83AF72458222
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
Signing time: Fri 26 Sep 2025 18:50:23 +0000
ROA not before: Fri 26 Sep 2025 18:50:23 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:59:ed:ec:8d:93:6b:00:6c:06:a7:9a:87:df:83:af:72:45:82:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:50:23 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=dab784623cbe7ab649556e409bac7c149fbdbbecfb4563f9a1eaab5a69938944, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:29:0e:55:ca:b5:43:de:77:7e:cd:00:be:e0:
ca:6b:df:ca:d8:5d:3b:99:b8:b4:f6:1c:a5:50:aa:
d3:98:d5:25:32:f1:13:d0:fa:c4:ef:51:78:cc:14:
28:0f:a4:fc:89:02:40:c2:94:91:32:74:99:66:98:
eb:0f:9a:a9:f0:bc:f9:e0:15:dc:24:bb:98:2a:7a:
36:18:9c:2d:13:bb:cb:65:bf:18:d5:ae:a0:8b:13:
c2:ec:7b:6f:a3:14:86:58:57:ac:fa:8d:ca:00:e4:
55:97:0b:c6:62:b8:f4:48:02:b7:ed:39:7e:41:5b:
09:c5:20:d3:f9:47:d2:5b:21:67:5e:2a:88:85:d5:
13:f5:ab:12:24:ef:75:e4:87:40:01:94:e1:bb:f9:
63:4a:01:4e:0e:91:8b:fe:8b:c6:0c:a9:b5:c4:f1:
c0:1d:cb:6c:60:eb:81:41:c9:48:af:cd:c6:11:86:
9d:fa:f5:83:0a:dc:67:26:48:63:34:11:8b:8a:3f:
2b:c1:7b:e0:85:50:c7:78:15:e7:fd:da:ea:da:8f:
04:de:36:a1:c0:a6:17:8b:7c:b3:6a:2b:61:62:67:
2f:8f:be:3c:47:35:d4:d1:5c:63:3e:33:fe:b2:2e:
56:a1:e9:e5:da:54:4d:e1:70:36:86:a1:16:f4:01:
62:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:F4:E3:4C:10:EB:7B:D9:25:E4:2F:1E:54:90:47:5D:56:9B:BE:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8010::/48
Signature Algorithm: sha256WithRSAEncryption
49:80:18:8a:4f:68:f6:33:6f:74:f8:bc:f6:ca:cb:9a:c7:a5:
04:bf:21:3c:16:49:23:88:2e:cd:55:88:b4:d0:58:c7:2b:71:
0c:e6:44:bc:89:19:b4:56:b1:df:3e:5c:ef:2b:ae:4e:b7:e3:
55:5a:32:21:8d:5c:b1:64:79:8e:60:d7:91:3a:96:6d:13:2d:
83:a2:90:2b:e2:35:c3:27:75:cd:41:6c:c8:1d:2b:26:2f:74:
27:6b:dc:4b:b4:26:24:56:11:ec:8e:6e:9f:58:25:4c:2a:fa:
df:dc:72:f4:ae:da:09:ef:d0:94:81:be:78:b8:aa:da:a1:a2:
92:d8:71:c0:47:59:33:c7:79:b5:2c:30:dd:16:db:a1:04:35:
63:bf:8d:44:dd:e9:ea:37:1b:6c:c9:c4:64:1e:f9:79:de:3b:
0c:19:a6:50:79:83:f4:44:8a:88:40:05:93:de:99:46:b7:3c:
aa:a3:10:5e:aa:5b:82:cc:ee:c3:8a:a3:5e:79:30:82:22:c0:
22:c1:5a:94:a9:c7:1e:ac:9f:08:6c:72:ef:87:d3:5e:19:75:
29:c6:cd:31:61:7d:25:ec:1b:12:11:43:66:e4:88:c4:8e:ac:
d9:6c:95:0a:07:3d:96:2a:a4:46:20:6f:c0:05:80:3f:24:c4:
4d:5f:e1:15
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUT1nt7I2TawBsBqeah9+Dr3JFgiIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODUwMjNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhYjc4NDYyM2NiZTdhYjY0OTU1NmU0MDliYWM3YzE0OWZiZGJiZWNmYjQ1
NjNmOWExZWFhYjVhNjk5Mzg5NDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIpDlXKtUPed37NAL7gymvfythdO5m4tPYcpVCq05jVJTLxE9D6xO9ReMwU
KA+k/IkCQMKUkTJ0mWaY6w+aqfC8+eAV3CS7mCp6NhicLRO7y2W/GNWuoIsTwux7
b6MUhlhXrPqNygDkVZcLxmK49EgCt+05fkFbCcUg0/lH0lshZ14qiIXVE/WrEiTv
deSHQAGU4bv5Y0oBTg6Ri/6LxgyptcTxwB3LbGDrgUHJSK/NxhGGnfr1gwrcZyZI
YzQRi4o/K8F74IVQx3gV5/3a6tqPBN42ocCmF4t8s2orYWJnL4++PEc11NFcYz4z
/rIuVqHp5dpUTeFwNoahFvQBYoMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQU9ONM
EOt72SXkLx5UkEddVpu+xTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzAyYmQ1OTctMTcwYi00ZWVjLWI4ZDEtMThkNjc4YjA2NWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
EDANBgkqhkiG9w0BAQsFAAOCAQEASYAYik9o9jNvdPi89srLmselBL8hPBZJI4gu
zVWItNBYxytxDOZEvIkZtFax3z5c7yuuTrfjVVoyIY1csWR5jmDXkTqWbRMtg6KQ
K+I1wyd1zUFsyB0rJi90J2vcS7QmJFYR7I5un1glTCr639xy9K7aCe/QlIG+eLiq
2qGikthxwEdZM8d5tSww3RbboQQ1Y7+NRN3p6jcbbMnEZB75ed47DBmmUHmD9ESK
iEAFk96ZRrc8qqMQXqpbgszuw4qjXnkwgiLAIsFalKnHHqyfCGxy74fTXhl1KcbN
MWF9JewbEhFDZuSIxI6s2WyVCgc9liqkRiBvwAWAPyTETV/hFQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:15 2025 by rpki-client