Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c056757c-bb27-4ef4-91ff-67b9307d3085.roa
File: c056757c-bb27-4ef4-91ff-67b9307d3085.roa (raw, json)
Hash identifier: D4esaG6X0NIiblCNbEFyAPntgI09DTwkw8WkHftZwT4=
Subject key identifier: A5:95:75:54:74:3E:DC:88:C4:AA:6F:4C:43:F6:64:0D:F0:1C:B3:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45D10C1DEE19C03F0EDEBD379FAF97A4E2E81A13
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c056757c-bb27-4ef4-91ff-67b9307d3085.roa
Signing time: Fri 26 Sep 2025 19:00:06 +0000
ROA not before: Fri 26 Sep 2025 19:00:06 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:50c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:d1:0c:1d:ee:19:c0:3f:0e:de:bd:37:9f:af:97:a4:e2:e8:1a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:00:06 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=2215d582bc94d42348bfc5e31d65b8596d0f5e8c54b4bf774e8835820105948c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:77:20:0a:13:70:e6:02:a1:68:ff:26:0b:e9:
7e:ea:5e:89:69:3b:59:74:f5:ff:f4:63:35:db:ed:
33:ca:58:6d:e2:95:32:9a:b7:ee:ea:f6:5d:63:33:
d0:e0:30:69:05:ac:e2:6f:cf:97:89:f0:eb:cd:00:
a3:7b:4f:03:1c:35:54:0f:b7:e9:73:48:56:ed:1d:
fd:ec:fe:c3:f9:09:ed:df:77:ae:a5:dd:39:c0:88:
07:69:c3:27:57:61:9a:57:0f:fe:dd:d0:42:14:b7:
fd:49:34:aa:eb:10:58:ab:e2:35:22:a9:68:4b:9c:
dd:65:d5:59:f0:2b:5c:75:4f:ba:a4:88:2f:3f:f3:
72:50:da:0b:a1:db:0b:6b:89:51:b2:c5:57:02:1a:
28:71:c3:57:3f:74:0b:a6:8c:02:b5:e7:3f:69:59:
b5:93:24:e8:d5:13:3f:21:05:e1:3f:d5:4a:d1:8f:
2f:46:6a:6d:de:50:c8:9d:91:18:05:4d:bf:e1:73:
dc:28:a3:f2:42:6f:1b:3d:bf:cb:b6:91:10:b0:26:
60:4b:5c:bd:24:df:28:17:5b:a3:35:0d:f2:1b:a2:
82:1e:a9:51:20:4f:70:50:0f:73:7c:b5:1e:f5:ac:
61:b5:23:e6:cf:52:28:d9:b4:b8:32:1a:c4:31:06:
cd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:95:75:54:74:3E:DC:88:C4:AA:6F:4C:43:F6:64:0D:F0:1C:B3:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c056757c-bb27-4ef4-91ff-67b9307d3085.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
5b:93:52:12:49:38:d4:9f:ee:7a:16:44:50:96:01:d3:07:0c:
a6:8d:10:4f:43:29:a3:12:e6:53:83:91:4f:f4:50:53:74:18:
1f:51:e5:3c:f2:80:71:d6:e1:04:29:43:8b:b3:53:5e:14:d5:
80:2e:05:25:2a:ee:49:40:1e:be:7c:f4:3a:69:9c:ef:d1:b4:
e9:64:7e:f9:4d:20:39:c3:a2:7f:71:d1:bb:45:21:f3:48:85:
f4:eb:17:73:22:e9:12:f4:1a:7c:19:ee:67:ad:d8:a2:17:82:
dd:33:db:d0:fb:b2:b0:9b:e2:3b:0e:48:db:ae:65:68:70:cb:
09:58:2b:ed:bc:70:7e:b2:da:08:7d:a6:6d:8e:a8:10:e7:b9:
72:18:de:bd:29:9f:59:9b:e9:53:eb:ec:9f:bc:11:ba:a1:9e:
8d:de:c7:69:62:ac:c1:90:2d:b0:49:c2:87:27:f9:dc:24:ed:
e1:c4:55:d4:bf:74:d8:7d:10:a5:ff:07:7e:e8:f7:70:5f:60:
81:ea:f7:78:dd:51:e8:94:17:a9:14:9a:79:2c:a9:85:f8:fe:
78:a9:16:aa:8b:f9:bc:8b:9b:f8:03:18:b2:6f:ee:7f:78:71:
c5:b1:41:d4:44:b8:d8:e2:5f:ab:a8:89:1e:b8:57:42:a5:e4:
57:39:30:c2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURdEMHe4ZwD8O3r03n6+XpOLoGhMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTAwMDZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyMTVkNTgyYmM5NGQ0MjM0OGJmYzVlMzFkNjViODU5NmQwZjVlOGM1NGI0
YmY3NzRlODgzNTgyMDEwNTk0OGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZ3IAoTcOYCoWj/JgvpfupeiWk7WXT1//RjNdvtM8pYbeKVMpq37ur2XWMz
0OAwaQWs4m/Pl4nw680Ao3tPAxw1VA+36XNIVu0d/ez+w/kJ7d93rqXdOcCIB2nD
J1dhmlcP/t3QQhS3/Uk0qusQWKviNSKpaEuc3WXVWfArXHVPuqSILz/zclDaC6Hb
C2uJUbLFVwIaKHHDVz90C6aMArXnP2lZtZMk6NUTPyEF4T/VStGPL0Zqbd5QyJ2R
GAVNv+Fz3Cij8kJvGz2/y7aRELAmYEtcvSTfKBdbozUN8huigh6pUSBPcFAPc3y1
HvWsYbUj5s9SKNm0uDIaxDEGzc8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSllXVU
dD7ciMSqb0xD9mQN8ByzrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzA1Njc1N2MtYmIyNy00ZWY0LTkxZmYtNjdiOTMwN2QzMDg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAW5NSEkk41J/uehZEUJYB0wcMpo0QT0MpoxLm
U4ORT/RQU3QYH1HlPPKAcdbhBClDi7NTXhTVgC4FJSruSUAevnz0Ommc79G06WR+
+U0gOcOif3HRu0Uh80iF9OsXcyLpEvQafBnuZ63YoheC3TPb0PuysJviOw5I265l
aHDLCVgr7bxwfrLaCH2mbY6oEOe5chjevSmfWZvpU+vsn7wRuqGejd7HaWKswZAt
sEnChyf53CTt4cRV1L902H0Qpf8Hfuj3cF9gger3eN1R6JQXqRSaeSyphfj+eKkW
qov5vIub+AMYsm/uf3hxxbFB1ES42OJfq6iJHrhXQqXkVzkwwg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:46 2025 by rpki-client