Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
File: cd129ecb-5978-40fd-ada8-5ab27adcb622.roa (raw, json)
Hash identifier: YMfijJcAk+oPPCqtlgcNfSS4q3OfhmQgTV+PvVwkgpA=
Subject key identifier: 16:60:72:07:E0:DB:F4:F6:8D:1B:64:FD:CD:33:A9:BE:FF:99:91:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 157D268B2E9C9F3F1D3937884CC7752933D63C29
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
Signing time: Fri 26 Sep 2025 19:01:35 +0000
ROA not before: Fri 26 Sep 2025 19:01:35 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:7d:26:8b:2e:9c:9f:3f:1d:39:37:88:4c:c7:75:29:33:d6:3c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:01:35 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=14b73b462ad228dbe1dd38f703c2d90a4bc4bb14d81cc020c0f9ad252ca1d675, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:6b:8b:11:5d:ff:9c:92:2e:33:ee:c6:5f:b1:
64:ed:68:16:07:09:94:fb:aa:d3:aa:d3:ae:52:e6:
f9:31:8d:76:6a:e1:60:ad:25:f1:4f:99:77:ad:db:
a7:f7:1e:e3:d4:db:dc:51:47:fa:04:a0:45:2b:f1:
c2:1c:10:8a:a6:2e:49:d2:89:f5:3f:e9:5d:72:9f:
bd:2c:f5:d9:10:cb:34:a7:ac:4f:ba:0e:31:f0:72:
05:45:b6:4c:f4:33:63:47:e4:af:d8:11:cf:9b:97:
b9:c4:4b:19:43:26:f0:33:f2:b8:1d:ed:7f:01:b0:
b1:d7:85:18:6e:b9:5b:f6:7d:fe:62:ae:e2:8c:f7:
d4:50:55:9a:07:f4:0b:3d:bb:be:47:3e:30:de:30:
51:1b:92:4d:ec:ef:7c:25:e8:97:68:95:4b:ec:38:
15:9d:f9:83:28:69:c3:ca:24:31:ef:1c:71:8c:1a:
d7:aa:b8:a7:85:ec:fa:12:5c:39:e1:87:a4:d8:8a:
35:a5:fa:75:0e:30:44:c5:c2:a4:30:f4:77:7f:28:
85:24:1b:94:1d:f9:aa:00:71:59:c4:a2:07:60:77:
e2:1c:0b:f5:b9:f0:0a:ac:cc:23:7e:60:f9:0a:71:
3e:57:30:fd:da:1d:de:22:e5:98:3c:a8:a9:1d:cd:
bd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:60:72:07:E0:DB:F4:F6:8D:1B:64:FD:CD:33:A9:BE:FF:99:91:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
ad:cd:fc:64:11:81:49:7f:82:20:2f:af:d1:21:2e:8a:76:6b:
6d:83:bc:fa:16:2c:de:77:64:34:87:9c:1a:b5:95:a7:99:bb:
79:ae:8b:f2:57:73:5c:31:06:7b:b8:18:1c:73:af:90:42:a3:
15:67:33:65:75:66:1b:db:7e:11:3b:d9:1e:e8:ec:56:f9:0c:
fb:ec:1b:54:af:0d:d9:e3:94:1c:70:ea:67:71:13:53:74:bc:
19:27:6f:62:26:c9:9b:26:1c:29:16:ee:c2:12:d6:50:69:78:
77:ce:2d:ae:53:03:83:3a:d7:89:47:09:23:38:3e:79:5f:76:
26:b4:a6:ae:5f:d0:7c:25:15:69:62:02:0d:24:58:2c:ae:c6:
52:db:41:8f:f8:92:57:c7:dd:93:6a:13:8f:d2:1a:74:cb:3d:
8d:9f:a2:12:fb:1c:64:19:3a:83:b8:8b:4f:4e:fd:41:ae:fb:
10:a9:77:9a:bd:c9:01:67:95:34:a2:7d:35:ac:d6:cd:f1:6d:
ee:b4:95:2b:c0:42:00:34:33:17:6f:65:05:f6:eb:b4:0e:81:
e2:12:d8:f6:e2:5c:ee:9e:7b:d6:d6:55:53:4d:0e:5e:07:fd:
d4:b7:77:7a:83:ec:af:96:bd:19:7c:6c:ac:ae:37:d4:88:09:
3f:62:ae:6e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFX0miy6cnz8dOTeITMd1KTPWPCkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTAxMzVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0YjczYjQ2MmFkMjI4ZGJlMWRkMzhmNzAzYzJkOTBhNGJjNGJiMTRkODFj
YzAyMGMwZjlhZDI1MmNhMWQ2NzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOxrixFd/5ySLjPuxl+xZO1oFgcJlPuq06rTrlLm+TGNdmrhYK0l8U+Zd63b
p/ce49Tb3FFH+gSgRSvxwhwQiqYuSdKJ9T/pXXKfvSz12RDLNKesT7oOMfByBUW2
TPQzY0fkr9gRz5uXucRLGUMm8DPyuB3tfwGwsdeFGG65W/Z9/mKu4oz31FBVmgf0
Cz27vkc+MN4wURuSTezvfCXol2iVS+w4FZ35gyhpw8okMe8ccYwa16q4p4Xs+hJc
OeGHpNiKNaX6dQ4wRMXCpDD0d38ohSQblB35qgBxWcSiB2B34hwL9bnwCqzMI35g
+QpxPlcw/dod3iLlmDyoqR3Nvc8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQWYHIH
4Nv09o0bZP3NM6m+/5mRPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2QxMjllY2ItNTk3OC00MGZkLWFkYTgtNWFiMjdhZGNiNjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
wDANBgkqhkiG9w0BAQsFAAOCAQEArc38ZBGBSX+CIC+v0SEuinZrbYO8+hYs3ndk
NIecGrWVp5m7ea6L8ldzXDEGe7gYHHOvkEKjFWczZXVmG9t+ETvZHujsVvkM++wb
VK8N2eOUHHDqZ3ETU3S8GSdvYibJmyYcKRbuwhLWUGl4d84trlMDgzrXiUcJIzg+
eV92JrSmrl/QfCUVaWICDSRYLK7GUttBj/iSV8fdk2oTj9IadMs9jZ+iEvscZBk6
g7iLT079Qa77EKl3mr3JAWeVNKJ9NazWzfFt7rSVK8BCADQzF29lBfbrtA6B4hLY
9uJc7p571tZVU00OXgf91Ld3eoPsr5a9GXxsrK431IgJP2Kubg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:11 2025 by rpki-client