Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa
File: c46a0827-1052-46e2-ad52-4a27d9a65f24.roa (raw, json)
Hash identifier: 2XYshlk/YKD6f7r0S7CoQr++ZT94leD0MtMkq8UI1yw=
Subject key identifier: 47:01:3C:74:6A:35:19:00:E2:56:B3:F9:44:84:AD:BF:DE:2B:92:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 220C5C2B77F54E594B4EE72EFC93B7C00C0C2AF2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa
Signing time: Fri 26 Sep 2025 20:01:34 +0000
ROA not before: Fri 26 Sep 2025 20:01:34 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:0c:5c:2b:77:f5:4e:59:4b:4e:e7:2e:fc:93:b7:c0:0c:0c:2a:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:01:34 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a9bc9bae1f9fe224a43bd00f2eea6d1dd9d9cbab4e681836dcdc6acc9370dc75, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4c:39:58:5a:13:7f:14:97:76:1d:36:8e:e3:
90:9e:42:f4:1c:21:9d:13:a9:48:81:70:8d:ae:b2:
10:04:e1:e7:5b:e4:20:c2:86:33:bb:45:72:3a:99:
ed:33:86:3d:ab:8e:e4:0b:f3:84:5b:90:49:ce:d5:
27:90:ed:5a:64:69:ca:ad:13:e2:38:e8:70:8f:53:
2f:54:a3:d1:74:77:cc:5e:4c:e7:d2:c8:25:6a:73:
e0:ab:e3:67:7c:5e:de:80:93:65:71:05:ab:cf:01:
c1:24:61:1c:9b:fe:3a:60:28:d0:75:72:e1:09:7d:
88:9d:06:a1:38:4a:ed:0c:4d:3c:f4:66:91:5e:98:
20:40:29:2a:b6:59:18:0a:ea:10:d5:88:bf:6e:2b:
d6:2c:a9:8a:be:e6:cc:04:7f:11:65:f2:d1:e5:b4:
cd:7a:7e:a4:b7:8a:fe:47:c4:ad:72:85:83:bc:2f:
80:bd:ec:f6:27:56:9b:c3:25:55:c8:38:0a:ac:24:
87:21:13:c3:60:22:35:18:be:47:de:d7:d1:d1:c0:
18:89:cf:54:d7:67:f8:07:06:ec:b8:ce:c6:e4:d5:
97:c2:fa:42:76:d9:a8:1d:9f:80:90:fa:4f:ba:06:
46:f9:16:1a:da:a4:2e:da:e4:ae:36:f4:ee:58:ec:
42:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:01:3C:74:6A:35:19:00:E2:56:B3:F9:44:84:AD:BF:DE:2B:92:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/36
Signature Algorithm: sha256WithRSAEncryption
75:0b:b4:cf:af:a4:af:39:68:19:e1:b1:11:52:73:dc:a4:27:
82:69:97:5c:49:35:7b:eb:c3:6a:01:20:7e:d5:18:b3:b1:40:
20:3d:ae:4f:f1:79:f5:56:f4:81:12:c9:5a:4a:ef:f5:16:1e:
fe:6b:a3:a4:b7:8a:de:05:0e:63:5f:76:8d:a2:cb:68:fb:b7:
fb:98:82:6b:0f:02:ab:e1:a7:ae:f8:25:ae:3f:e8:93:c3:d5:
1b:d9:e9:ec:a3:4a:ce:0b:a1:de:15:b1:9f:23:75:2d:72:0a:
e6:1f:8e:e9:19:a9:ae:17:8f:0f:bc:07:c0:bb:e4:93:b0:83:
5f:0d:e3:2b:af:82:5f:f0:c2:f6:ab:59:2f:36:67:0c:78:0b:
11:a7:57:35:5f:7e:e0:42:f3:95:16:ae:2c:ac:3e:36:69:45:
81:0f:4d:fa:f8:df:f3:77:ff:4f:77:ba:28:f0:e9:0d:85:f4:
7f:c7:a7:f5:71:26:56:77:bb:93:5a:63:fb:fa:e0:73:0d:36:
f1:57:d9:07:36:9d:86:2f:bf:f4:1f:c7:aa:5f:f8:6e:9f:e6:
63:3f:6c:fc:c8:3f:3a:0e:03:98:a7:49:7c:7b:17:e5:c6:ca:
d1:3f:f4:f2:c7:32:e5:7f:99:6d:d0:33:7a:ce:de:f0:a4:f5:
d5:40:0b:aa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIgxcK3f1TllLTucu/JO3wAwMKvIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAxMzRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5YmM5YmFlMWY5ZmUyMjRhNDNiZDAwZjJlZWE2ZDFkZDlkOWNiYWI0ZTY4
MTgzNmRjZGM2YWNjOTM3MGRjNzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1MOVhaE38Ul3YdNo7jkJ5C9BwhnROpSIFwja6yEATh51vkIMKGM7tFcjqZ
7TOGPauO5AvzhFuQSc7VJ5DtWmRpyq0T4jjocI9TL1Sj0XR3zF5M59LIJWpz4Kvj
Z3xe3oCTZXEFq88BwSRhHJv+OmAo0HVy4Ql9iJ0GoThK7QxNPPRmkV6YIEApKrZZ
GArqENWIv24r1iypir7mzAR/EWXy0eW0zXp+pLeK/kfErXKFg7wvgL3s9idWm8Ml
Vcg4CqwkhyETw2AiNRi+R97X0dHAGInPVNdn+AcG7LjOxuTVl8L6QnbZqB2fgJD6
T7oGRvkWGtqkLtrkrjb07ljsQscCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHATx0
ajUZAOJWs/lEhK2/3iuSbjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQ2YTA4MjctMTA1Mi00NmUyLWFkNTItNGEyN2Q5YTY1ZjI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQB1C7TPr6SvOWgZ4bERUnPcpCeCaZdcSTV768Nq
ASB+1RizsUAgPa5P8Xn1VvSBEslaSu/1Fh7+a6Okt4reBQ5jX3aNosto+7f7mIJr
DwKr4aeu+CWuP+iTw9Ub2enso0rOC6HeFbGfI3UtcgrmH47pGamuF48PvAfAu+ST
sINfDeMrr4Jf8ML2q1kvNmcMeAsRp1c1X37gQvOVFq4srD42aUWBD036+N/zd/9P
d7oo8OkNhfR/x6f1cSZWd7uTWmP7+uBzDTbxV9kHNp2GL7/0H8eqX/hun+ZjP2z8
yD86DgOYp0l8exflxsrRP/TyxzLlf5lt0DN6zt7wpPXVQAuq
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:39 2025 by rpki-client