Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
File: ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa (raw, json)
Hash identifier: zNqgmeyMyKr4Y3+jLtSm9F8pSTDhiCffx1OlFYJ5ahU=
Subject key identifier: 13:D8:31:C4:06:08:2E:C3:61:FC:74:D1:59:E0:21:4B:CE:27:F3:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15CD90ABCF7905CE6D838CC9D072ED54A1B460B2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
Signing time: Fri 26 Sep 2025 19:38:40 +0000
ROA not before: Fri 26 Sep 2025 19:38:40 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:cd:90:ab:cf:79:05:ce:6d:83:8c:c9:d0:72:ed:54:a1:b4:60:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:38:40 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=34c158b66fa847eb94f31068b9e64cafd3089d51d1c4b979298a04d2af80d495, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5d:9c:be:73:fd:d1:87:48:1e:20:1f:7c:85:
f6:ee:6b:c9:1e:ff:81:d3:65:e7:22:a7:bf:bb:46:
e7:0e:39:03:fe:80:b7:e5:72:cb:04:63:b5:bc:28:
4b:45:1c:71:23:87:ce:48:bb:53:4c:8c:91:5e:6f:
40:7d:36:c3:44:7b:48:f3:5f:dc:bd:ea:e4:fd:78:
fc:7f:1f:ed:6a:8f:c5:20:6a:f8:94:49:9d:8f:bc:
60:4a:3f:08:c2:27:ab:9e:ef:30:16:1c:09:86:93:
04:f0:31:b7:e6:d2:8b:09:e8:cb:4f:f4:7c:af:32:
9f:b3:8c:4e:b6:f0:ac:9d:e1:4e:e6:b1:a9:37:4a:
6e:6c:3f:0e:b4:de:b0:3b:e6:ca:35:0b:2c:9f:c3:
97:be:77:a9:d6:82:79:3c:a2:d4:88:82:9a:0c:7c:
3b:af:63:f6:cb:d0:c3:cb:7c:4f:b6:0e:99:08:5d:
d2:0c:b2:18:71:88:74:bd:da:bd:26:7c:ea:e0:43:
c5:bf:b0:62:71:b0:95:bf:11:b4:01:16:3b:cc:23:
8e:bc:46:2d:19:1b:a8:ea:b8:12:82:43:68:62:04:
c1:6b:10:ec:a4:ad:43:d5:c5:f4:32:76:0d:d7:34:
76:ae:5b:e1:eb:8f:97:bd:a3:c8:a4:93:38:40:f5:
c6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D8:31:C4:06:08:2E:C3:61:FC:74:D1:59:E0:21:4B:CE:27:F3:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:a000::/40
Signature Algorithm: sha256WithRSAEncryption
71:2a:9d:f9:e2:71:b0:ae:9b:ba:1f:01:61:43:55:13:66:ab:
a1:59:91:67:b3:ce:a4:62:de:e7:42:6a:62:03:cb:22:eb:f8:
f8:80:91:bb:3e:ac:54:a9:fd:70:4d:73:c3:e7:00:b3:94:44:
07:52:92:20:6f:81:be:66:34:2c:27:8c:f3:ff:fa:e4:30:0a:
78:8a:5c:6f:c3:a7:a7:88:af:a5:44:f7:48:9b:6c:59:be:78:
db:2d:ef:56:4e:b6:cf:ee:3a:2e:d4:4b:ab:81:97:85:b7:c9:
39:41:fb:21:96:87:68:46:b5:62:dc:69:a8:18:3c:ca:50:ec:
76:cc:d6:ad:8a:b2:d6:1d:43:91:c4:8d:5d:0b:dd:f3:97:82:
d6:a5:7a:92:d7:d4:de:be:27:f9:74:d6:74:07:d9:4d:6f:fe:
cc:8e:33:8a:90:ba:30:d8:65:f6:d6:db:27:37:08:ce:6b:86:
f6:fc:b2:ac:d8:4a:83:5e:10:24:06:6f:2f:60:4f:e8:b6:ee:
75:0a:53:65:59:e9:10:72:be:57:98:b4:94:3b:cb:47:9b:3e:
0b:2e:50:58:4a:c9:77:33:d0:40:9b:68:9a:55:84:09:66:9b:
68:4f:4b:d2:3c:9b:c5:7c:58:89:c8:f8:bf:c3:78:d2:0f:81:
c0:51:90:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFc2Qq895Bc5tg4zJ0HLtVKG0YLIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTM4NDBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0YzE1OGI2NmZhODQ3ZWI5NGYzMTA2OGI5ZTY0Y2FmZDMwODlkNTFkMWM0
Yjk3OTI5OGEwNGQyYWY4MGQ0OTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJdnL5z/dGHSB4gH3yF9u5ryR7/gdNl5yKnv7tG5w45A/6At+VyywRjtbwo
S0UccSOHzki7U0yMkV5vQH02w0R7SPNf3L3q5P14/H8f7WqPxSBq+JRJnY+8YEo/
CMInq57vMBYcCYaTBPAxt+bSiwnoy0/0fK8yn7OMTrbwrJ3hTuaxqTdKbmw/DrTe
sDvmyjULLJ/Dl753qdaCeTyi1IiCmgx8O69j9svQw8t8T7YOmQhd0gyyGHGIdL3a
vSZ86uBDxb+wYnGwlb8RtAEWO8wjjrxGLRkbqOq4EoJDaGIEwWsQ7KStQ9XF9DJ2
Ddc0dq5b4euPl72jyKSTOED1xikCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQT2DHE
Bgguw2H8dNFZ4CFLzifzmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2UyYmMxZDctZTQyOS00MzUwLWI5Y2QtYTQ5MTU4ZDJiMTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dig
MA0GCSqGSIb3DQEBCwUAA4IBAQBxKp354nGwrpu6HwFhQ1UTZquhWZFns86kYt7n
QmpiA8si6/j4gJG7PqxUqf1wTXPD5wCzlEQHUpIgb4G+ZjQsJ4zz//rkMAp4ilxv
w6eniK+lRPdIm2xZvnjbLe9WTrbP7jou1EurgZeFt8k5QfshlodoRrVi3GmoGDzK
UOx2zNatirLWHUORxI1dC93zl4LWpXqS19Tevif5dNZ0B9lNb/7MjjOKkLow2GX2
1tsnNwjOa4b2/LKs2EqDXhAkBm8vYE/otu51ClNlWekQcr5XmLSUO8tHmz4LLlBY
Ssl3M9BAm2iaVYQJZptoT0vSPJvFfFiJyPi/w3jSD4HAUZB2
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:24 2025 by rpki-client