Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
File: ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa (raw, json)
Hash identifier: ZSkL3narZbXzd8XVLFfecvwka9ZVdtJr3ZbcYybscdU=
Subject key identifier: B5:FD:AF:40:14:98:08:3B:35:D5:BC:4D:2A:21:70:E4:E9:88:14:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3E97BDBEABD9F7B3D08A32BDA9C4D9DA7B47AAD8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
Signing time: Fri 26 Sep 2025 19:20:22 +0000
ROA not before: Fri 26 Sep 2025 19:20:22 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:97:bd:be:ab:d9:f7:b3:d0:8a:32:bd:a9:c4:d9:da:7b:47:aa:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:20:22 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=035806230d3d01ab5f12320e542b50bb6a10076e8f621b062e777a17c2d6f4f4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ea:6c:7a:f2:8a:0d:e0:28:3a:30:b8:82:c4:
80:cf:fa:43:0a:4d:17:39:20:48:c2:8c:ad:3c:75:
d0:48:c3:7a:25:d7:0c:34:89:b6:db:1e:ab:af:b7:
15:53:72:f8:24:02:5d:f0:4b:3b:10:41:fc:94:ea:
0a:41:80:8e:a4:a3:28:5d:e9:af:45:52:57:fe:f6:
58:3c:42:d6:bc:a3:8b:fc:b1:f5:69:70:7f:e5:52:
40:ba:7f:5a:cc:d9:71:8a:5f:e0:62:56:68:32:7c:
34:07:ff:28:fb:58:0a:66:b2:fd:d6:16:e6:96:30:
bc:05:41:4f:28:b1:be:3a:cb:b9:35:d8:06:06:f1:
8d:86:f9:78:3a:3d:5b:9c:d6:16:18:06:d7:b1:1b:
98:5f:bb:0e:c8:bc:cd:21:86:93:92:8d:8f:04:10:
05:a4:69:c6:68:67:51:1e:86:7d:17:f2:05:8b:dc:
f4:49:86:44:a3:8c:e8:2f:c0:a0:18:b8:3b:b5:99:
56:af:52:05:8d:f3:1e:d0:5a:e7:68:aa:f2:e8:c7:
9f:e4:84:d5:96:f9:ab:71:b5:e9:e5:10:5d:bc:d9:
02:b5:bb:cf:96:28:7f:e5:96:61:39:c3:a6:6f:5f:
7c:6f:88:c8:ea:de:8f:7a:a8:b8:65:85:c0:71:e6:
6c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:FD:AF:40:14:98:08:3B:35:D5:BC:4D:2A:21:70:E4:E9:88:14:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:be:0c:78:cb:41:f0:5d:12:47:16:0e:73:5a:eb:f2:da:51:
41:75:70:17:87:7b:4f:8b:e3:0c:e5:0b:c7:85:a9:8c:1a:6f:
c3:b3:e9:55:23:39:6b:9b:57:c7:25:fa:0e:8d:49:8b:b8:ec:
f1:c2:21:2a:ff:07:4e:15:24:6d:8f:ee:9c:4e:c2:78:2f:2e:
70:57:56:af:be:6a:34:5a:2f:86:be:15:07:37:0e:2d:50:07:
01:60:13:94:d8:c6:06:e1:05:7c:16:06:65:06:11:c7:2f:97:
df:29:de:f0:09:c1:18:63:5f:99:80:b2:21:e3:d3:ca:70:f9:
e0:91:12:1e:0f:fc:49:b6:81:f7:bd:95:76:aa:d5:64:fb:c9:
d7:0f:c1:c5:03:d7:e6:55:03:79:ef:9b:e2:04:0b:3d:d3:e4:
f2:78:69:d4:a1:85:e1:21:49:71:ae:10:53:81:8c:fa:cc:74:
8a:ca:66:61:4e:40:a7:11:7c:01:10:f5:55:60:26:bc:d4:b9:
c6:16:5a:6d:93:9d:5f:d7:a3:a2:30:5f:ed:b9:9a:30:07:20:
f7:81:53:70:1e:cd:d3:b7:d0:d2:98:74:43:9a:39:36:57:4b:
0e:88:5f:52:c0:a5:1b:8b:33:94:fb:76:e4:18:52:91:ce:b3:
bd:ad:ad:2e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPpe9vqvZ97PQijK9qcTZ2ntHqtgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTIwMjJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzNTgwNjIzMGQzZDAxYWI1ZjEyMzIwZTU0MmI1MGJiNmExMDA3NmU4ZjYy
MWIwNjJlNzc3YTE3YzJkNmY0ZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnqbHryig3gKDowuILEgM/6QwpNFzkgSMKMrTx10EjDeiXXDDSJttseq6+3
FVNy+CQCXfBLOxBB/JTqCkGAjqSjKF3pr0VSV/72WDxC1ryji/yx9Wlwf+VSQLp/
WszZcYpf4GJWaDJ8NAf/KPtYCmay/dYW5pYwvAVBTyixvjrLuTXYBgbxjYb5eDo9
W5zWFhgG17EbmF+7Dsi8zSGGk5KNjwQQBaRpxmhnUR6GfRfyBYvc9EmGRKOM6C/A
oBi4O7WZVq9SBY3zHtBa52iq8ujHn+SE1Zb5q3G16eUQXbzZArW7z5Yof+WWYTnD
pm9ffG+IyOrej3qouGWFwHHmbGkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS1/a9A
FJgIOzXVvE0qIXDk6YgURDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2U1NzdiYTItZDJhYy00ZTJhLWE0ZjktZWEzN2U5ZDU2OTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0g
MA0GCSqGSIb3DQEBCwUAA4IBAQB9vgx4y0HwXRJHFg5zWuvy2lFBdXAXh3tPi+MM
5QvHhamMGm/Ds+lVIzlrm1fHJfoOjUmLuOzxwiEq/wdOFSRtj+6cTsJ4Ly5wV1av
vmo0Wi+GvhUHNw4tUAcBYBOU2MYG4QV8FgZlBhHHL5ffKd7wCcEYY1+ZgLIh49PK
cPngkRIeD/xJtoH3vZV2qtVk+8nXD8HFA9fmVQN575viBAs90+TyeGnUoYXhIUlx
rhBTgYz6zHSKymZhTkCnEXwBEPVVYCa81LnGFlptk51f16OiMF/tuZowByD3gVNw
Hs3Tt9DSmHRDmjk2V0sOiF9SwKUbizOU+3bkGFKRzrO9ra0u
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:17 2025 by rpki-client