Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa
File: cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa (raw, json)
Hash identifier: gCVC3YFs2nNzbzxyV/yot3pvxEGwQ19jCh9B+aLIFWw=
Subject key identifier: 07:AA:B8:2D:DF:FC:1C:ED:16:BF:23:87:7D:2E:98:63:ED:EC:27:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2AC97E051831955733E9518A623000BC511534BE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa
Signing time: Fri 17 Oct 2025 21:40:11 +0000
ROA not before: Fri 17 Oct 2025 21:40:11 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:f000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:c9:7e:05:18:31:95:57:33:e9:51:8a:62:30:00:bc:51:15:34:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 17 21:40:11 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=cb92a28e3fc7370109608f2be6e22487ee7c24dee195c72b5ba4ffb452e2ec7e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:77:a0:f3:51:5d:d9:4e:54:de:6e:be:64:c7:
97:98:55:02:b8:06:be:a9:10:00:67:cb:85:84:c2:
8e:8e:56:12:89:34:52:37:02:d4:2c:f3:e3:17:f8:
df:70:2f:61:12:48:b6:fa:56:55:30:a9:39:ae:e0:
40:cf:4b:f9:0c:6c:e8:cb:7f:1b:b3:26:a8:ef:aa:
33:ee:cd:eb:fb:47:44:1d:b7:fe:f6:7e:f0:17:a8:
33:fc:cb:4c:1e:15:21:36:63:8b:26:58:50:f7:e9:
e4:db:56:f5:84:c7:d8:49:29:6a:43:cc:59:f1:c9:
c6:67:21:00:b5:43:06:aa:2b:84:7a:57:6d:44:d5:
37:06:e7:97:9a:43:f6:d1:6e:ea:7e:98:ef:31:e8:
d5:3a:69:a4:a4:bc:a0:81:2e:44:32:4f:fa:37:25:
d6:1e:2c:a4:d7:3e:54:aa:9a:b3:a6:a8:08:a5:e4:
25:50:af:43:aa:7e:2a:70:b0:36:73:23:f3:06:c9:
61:18:de:23:fb:50:4c:4d:cf:9b:e1:02:47:05:5c:
9f:6c:12:75:51:13:f6:74:d9:cd:c3:e1:1f:0a:06:
8b:ff:06:a4:bd:6b:c9:d0:4e:d9:bf:b5:ec:6b:f6:
f7:5c:9f:32:05:99:70:d1:bb:66:00:5c:3f:62:ac:
38:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:AA:B8:2D:DF:FC:1C:ED:16:BF:23:87:7D:2E:98:63:ED:EC:27:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:f000::/40
Signature Algorithm: sha256WithRSAEncryption
1f:ba:28:25:8e:10:aa:ce:b5:01:23:5a:5b:10:4b:e4:bd:34:
b0:d1:94:0f:51:93:f0:4b:69:67:d2:b9:d2:99:b0:87:47:3e:
93:61:7f:19:7d:33:17:fa:1f:32:fd:ee:bc:8e:aa:76:d3:d7:
2f:4e:80:0f:31:7a:44:9b:13:2f:45:32:1a:30:d4:ce:78:ce:
cb:1c:b8:27:3e:5e:11:57:ef:b4:ae:7d:9e:fe:62:8b:f2:45:
11:84:63:b6:9c:79:4f:59:70:92:9d:76:3f:cb:e0:27:2b:e7:
09:f7:00:dd:ae:07:1d:5b:8f:1f:a1:2a:99:f3:46:39:9c:7e:
b8:46:94:52:04:9c:f1:eb:9f:cb:cb:7b:a0:a7:74:8f:02:d4:
5f:97:13:87:01:5a:a4:f8:d2:82:d7:7b:f8:3a:2f:69:a0:5e:
63:b8:92:84:a1:04:f7:27:fe:38:ab:7c:cd:56:2b:9d:cb:bb:
39:2e:38:11:fe:a1:ff:f7:5a:5b:80:1f:99:68:d0:0a:86:44:
71:a7:81:e9:8a:4d:b1:5a:9f:fc:0d:b3:a7:21:9f:d9:dd:8d:
bb:70:9d:50:08:cf:31:bd:bf:a7:1f:77:0b:82:9c:a5:73:a1:
05:76:99:d0:2a:ac:54:3e:53:a6:b7:15:32:a0:d8:d3:81:b0:
6a:62:dd:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKsl+BRgxlVcz6VGKYjAAvFEVNL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTcyMTQwMTFaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiOTJhMjhlM2ZjNzM3MDEwOTYwOGYyYmU2ZTIyNDg3ZWU3YzI0ZGVlMTk1
YzcyYjViYTRmZmI0NTJlMmVjN2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALR3oPNRXdlOVN5uvmTHl5hVArgGvqkQAGfLhYTCjo5WEok0UjcC1Czz4xf4
33AvYRJItvpWVTCpOa7gQM9L+Qxs6Mt/G7MmqO+qM+7N6/tHRB23/vZ+8BeoM/zL
TB4VITZjiyZYUPfp5NtW9YTH2EkpakPMWfHJxmchALVDBqorhHpXbUTVNwbnl5pD
9tFu6n6Y7zHo1TpppKS8oIEuRDJP+jcl1h4spNc+VKqas6aoCKXkJVCvQ6p+KnCw
NnMj8wbJYRjeI/tQTE3Pm+ECRwVcn2wSdVET9nTZzcPhHwoGi/8GpL1rydBO2b+1
7Gv291yfMgWZcNG7ZgBcP2KsOKkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQHqrgt
3/wc7Ra/I4d9Lphj7ewngDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I3NWU1M2UtNGU0NC00MWI3LTk1ZGQtZTNkNTRmZjM2Mzg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADw
MA0GCSqGSIb3DQEBCwUAA4IBAQAfuigljhCqzrUBI1pbEEvkvTSw0ZQPUZPwS2ln
0rnSmbCHRz6TYX8ZfTMX+h8y/e68jqp209cvToAPMXpEmxMvRTIaMNTOeM7LHLgn
Pl4RV++0rn2e/mKL8kURhGO2nHlPWXCSnXY/y+AnK+cJ9wDdrgcdW48foSqZ80Y5
nH64RpRSBJzx65/Ly3ugp3SPAtRflxOHAVqk+NKC13v4Oi9poF5juJKEoQT3J/44
q3zNViudy7s5LjgR/qH/91pbgB+ZaNAKhkRxp4Hpik2xWp/8DbOnIZ/Z3Y27cJ1Q
CM8xvb+nH3cLgpylc6EFdpnQKqxUPlOmtxUyoNjTgbBqYt09
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:32 2025 by rpki-client