Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa
File: c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa (raw, json)
Hash identifier: 0YqGuU/GC2lFmVzoU/F3n/Ro8WGfwqbVWTpW9XfuRiU=
Subject key identifier: AA:D8:35:1E:31:D6:53:2E:EB:3B:BB:0C:2E:CC:50:77:FA:AA:87:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69065125406013F794F88E01B772189BEF2238BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa
Signing time: Fri 26 Sep 2025 20:00:55 +0000
ROA not before: Fri 26 Sep 2025 20:00:55 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:06:51:25:40:60:13:f7:94:f8:8e:01:b7:72:18:9b:ef:22:38:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:00:55 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=4d14e783216be9d43b4aa3741f86b02390f0e578ac2bfcf10fc5e24cbb5e8c13, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:bf:79:ef:86:ee:0a:61:c6:94:4a:8d:77:a9:
e1:d1:01:e8:7e:84:aa:38:a7:ce:fe:e6:a6:3d:54:
a2:54:2a:01:a9:46:13:d8:ab:59:86:d6:c0:3b:d2:
42:6f:a5:88:94:2e:36:1c:ca:8c:c7:b5:b9:95:ff:
fe:d6:fe:56:c4:84:93:8d:7b:b3:c6:d2:b3:ef:fe:
70:22:54:f0:25:67:d1:db:34:98:c0:bf:35:8d:66:
16:4c:89:8b:75:3d:9f:01:ec:05:0f:cd:b9:f9:64:
71:41:7a:ca:87:67:ea:42:ee:14:88:8a:7b:09:01:
8b:aa:60:00:24:1f:17:8b:ca:a6:ba:d4:10:d5:c9:
df:48:75:ce:79:e2:d3:b2:2f:2d:a4:ec:8c:02:0a:
ee:91:fe:a3:ef:2a:0f:55:c1:33:c6:80:99:13:86:
b8:59:27:a8:ea:5a:6c:3f:f2:b6:5a:64:96:f9:54:
a8:34:b8:05:b7:7c:e8:53:05:13:37:aa:a9:ff:80:
89:a0:b7:a8:80:36:21:eb:b2:6c:d7:ee:20:85:bb:
23:97:3b:22:c8:55:72:16:4e:48:41:be:cf:47:10:
44:58:94:1b:8e:7e:6b:7e:51:53:02:96:3c:c0:d3:
d2:b6:3d:ab:db:96:27:40:f1:f7:dc:56:ab:1c:9a:
cd:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D8:35:1E:31:D6:53:2E:EB:3B:BB:0C:2E:CC:50:77:FA:AA:87:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/38
Signature Algorithm: sha256WithRSAEncryption
66:ab:95:26:a7:1a:cd:58:20:f1:da:57:58:6e:fe:ad:29:c2:
66:43:c9:d3:a8:43:4b:0f:f5:84:dd:7b:f9:61:74:67:7f:aa:
48:1e:3b:d1:64:73:bc:af:e4:02:ea:df:a1:63:0c:a0:6b:44:
43:a7:2e:c8:74:e3:3e:7b:03:aa:d7:57:22:4c:38:01:0e:16:
f6:9c:31:52:ba:64:3f:31:08:e5:4b:8f:be:7b:c1:3d:37:69:
d9:fc:65:41:05:4c:d9:42:de:70:65:06:e5:7d:fb:c2:3e:c6:
71:70:96:13:2c:09:f6:51:c6:fc:e3:d0:ca:af:f7:ba:4c:1b:
65:dd:22:32:22:1f:bc:d6:e7:99:8d:72:ea:8e:c8:c3:be:df:
62:c7:a9:f6:bb:7f:1b:73:f6:6e:ed:fd:b3:29:cf:6d:62:b5:
4d:ae:eb:d1:02:42:ea:fc:4c:b6:76:66:b6:ae:78:d5:3b:8c:
91:35:35:3f:0d:06:77:46:24:70:e5:d5:a7:ca:a7:4c:83:c5:
67:76:2d:fd:55:db:fe:d6:ab:e3:53:5b:b6:4b:3a:87:57:0b:
9f:fb:ba:dc:53:74:35:d1:09:cf:6e:fd:ab:bf:25:77:3a:8e:
fb:40:fd:bf:cd:25:d2:cc:f1:e6:5a:48:59:84:3f:0d:58:1d:
25:87:4b:96
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaQZRJUBgE/eU+I4Bt3IYm+8iOL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAwNTVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkMTRlNzgzMjE2YmU5ZDQzYjRhYTM3NDFmODZiMDIzOTBmMGU1NzhhYzJi
ZmNmMTBmYzVlMjRjYmI1ZThjMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOy/ee+G7gphxpRKjXep4dEB6H6Eqjinzv7mpj1UolQqAalGE9irWYbWwDvS
Qm+liJQuNhzKjMe1uZX//tb+VsSEk417s8bSs+/+cCJU8CVn0ds0mMC/NY1mFkyJ
i3U9nwHsBQ/NuflkcUF6yodn6kLuFIiKewkBi6pgACQfF4vKprrUENXJ30h1znni
07IvLaTsjAIK7pH+o+8qD1XBM8aAmROGuFknqOpabD/ytlpklvlUqDS4Bbd86FMF
Ezeqqf+AiaC3qIA2IeuybNfuIIW7I5c7IshVchZOSEG+z0cQRFiUG45+a35RUwKW
PMDT0rY9q9uWJ0Dx99xWqxyazZsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSq2DUe
MdZTLus7uwwuzFB3+qqHYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZjZTk2YTQtZWI2Yi00YmVkLWIxNWItYjFlM2NkY2FjNDE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQBmq5UmpxrNWCDx2ldYbv6tKcJmQ8nTqENLD/WE
3Xv5YXRnf6pIHjvRZHO8r+QC6t+hYwyga0RDpy7IdOM+ewOq11ciTDgBDhb2nDFS
umQ/MQjlS4++e8E9N2nZ/GVBBUzZQt5wZQblffvCPsZxcJYTLAn2Ucb849DKr/e6
TBtl3SIyIh+81ueZjXLqjsjDvt9ix6n2u38bc/Zu7f2zKc9tYrVNruvRAkLq/Ey2
dma2rnjVO4yRNTU/DQZ3RiRw5dWnyqdMg8Vndi39Vdv+1qvjU1u2SzqHVwuf+7rc
U3Q10QnPbv2rvyV3Oo77QP2/zSXSzPHmWkhZhD8NWB0lh0uW
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:14 2025 by rpki-client