Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
File: cead5bc0-2620-45bc-b97b-adb00020a426.roa (raw, json)
Hash identifier: Z3wctuZiql9yLkFThQM00KpD48n2SgpfdZXXoljDttQ=
Subject key identifier: 41:91:4E:0E:B7:C0:8A:64:AA:D8:3D:4B:4F:77:A4:ED:91:DA:4C:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6ABB262546E5BAEFFD6CAE3C58603395144D1676
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
Signing time: Fri 26 Sep 2025 19:11:42 +0000
ROA not before: Fri 26 Sep 2025 19:11:42 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:bb:26:25:46:e5:ba:ef:fd:6c:ae:3c:58:60:33:95:14:4d:16:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:11:42 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=9a889fb99d10d26972bf47a6f7bf49875ec940411530b66fd6d07a6414467f77, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:75:89:7b:f3:a5:43:d7:3a:6a:d5:2e:b7:56:
fa:cf:2b:ee:01:7f:f5:bc:01:e7:ce:95:01:4b:60:
6a:aa:6c:63:bb:6e:b9:55:43:8e:9e:ca:79:c7:fd:
12:28:45:d5:c6:e6:cc:0b:02:58:6a:c9:0d:f8:69:
b1:86:d3:74:2a:fb:79:5a:e2:de:78:3c:f8:fb:b7:
d7:51:a3:f9:72:fe:4c:82:12:38:bc:65:a7:7f:9d:
48:67:44:f5:62:bd:c2:74:e3:0c:b1:23:ea:56:26:
4b:87:ce:79:db:f8:0c:84:d3:4e:5a:a5:f2:fb:53:
ba:8b:c0:11:ba:02:6f:93:8c:a1:aa:b5:ef:b0:af:
b8:52:b4:e3:61:07:2e:e4:f8:5e:d3:59:4f:1d:66:
7b:a2:e9:6c:24:8c:86:96:3d:e3:e3:e1:59:d7:00:
a0:85:06:44:a6:3e:f7:cc:9c:3c:00:ea:07:27:e9:
d9:65:c3:87:21:2a:36:97:69:3e:73:f5:94:c7:7f:
b5:21:51:07:2f:49:ab:ec:57:f1:bd:f6:b4:5e:3f:
94:0a:2e:11:56:05:c0:68:7d:37:7e:b4:14:b1:30:
63:99:e8:a8:55:18:92:79:86:2e:4d:1f:29:c0:8d:
82:ef:8c:ec:ad:2d:be:86:ab:19:d5:c6:60:3d:b1:
a0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:91:4E:0E:B7:C0:8A:64:AA:D8:3D:4B:4F:77:A4:ED:91:DA:4C:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e080::/48
Signature Algorithm: sha256WithRSAEncryption
72:a2:80:7d:a5:f7:08:6c:02:f1:a8:db:b4:62:8b:f2:f3:70:
89:30:41:f1:4d:27:3d:e8:ca:a0:4f:5e:f8:dd:b1:9c:47:d4:
1b:87:47:fd:cb:3a:14:f8:6f:88:7c:c6:bc:46:7b:dc:50:b3:
04:f8:ea:29:73:52:96:91:d6:7c:99:3c:73:68:52:aa:12:0a:
f1:b2:34:f7:b9:d8:fe:ec:ff:97:85:93:97:3d:03:d5:75:47:
b7:2f:95:ab:9f:ac:71:66:1a:8a:06:17:1c:ed:1c:61:05:68:
be:6e:4b:cb:c0:52:3b:5a:6f:a8:8b:46:d4:c3:04:0c:2b:4f:
36:6c:34:cc:8a:bd:35:8a:14:5f:9d:ef:fd:60:21:4f:6e:73:
7d:5b:2a:c6:49:68:b8:ed:a8:29:3d:52:ca:ba:69:28:90:d6:
05:f8:c6:d1:8e:f9:14:0a:b5:ed:31:b7:1e:09:11:da:1f:e1:
b6:03:ea:f5:ea:15:03:d6:81:5c:4c:b8:3d:19:84:0d:08:44:
bd:bd:46:49:97:99:1f:7a:32:68:54:61:d9:94:fe:cd:e3:ad:
8c:f3:47:6a:02:fa:c5:3c:80:b8:12:45:ce:64:d0:bc:f5:f9:
67:1f:23:40:aa:16:e2:1c:fb:41:7e:6f:30:5c:d4:ba:b6:ee:
23:01:c5:db
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUarsmJUbluu/9bK48WGAzlRRNFnYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTExNDJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhODg5ZmI5OWQxMGQyNjk3MmJmNDdhNmY3YmY0OTg3NWVjOTQwNDExNTMw
YjY2ZmQ2ZDA3YTY0MTQ0NjdmNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANN1iXvzpUPXOmrVLrdW+s8r7gF/9bwB586VAUtgaqpsY7tuuVVDjp7Kecf9
EihF1cbmzAsCWGrJDfhpsYbTdCr7eVri3ng8+Pu311Gj+XL+TIISOLxlp3+dSGdE
9WK9wnTjDLEj6lYmS4fOedv4DITTTlql8vtTuovAEboCb5OMoaq177CvuFK042EH
LuT4XtNZTx1me6LpbCSMhpY94+PhWdcAoIUGRKY+98ycPADqByfp2WXDhyEqNpdp
PnP1lMd/tSFRBy9Jq+xX8b32tF4/lAouEVYFwGh9N360FLEwY5noqFUYknmGLk0f
KcCNgu+M7K0tvoarGdXGYD2xoE0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRBkU4O
t8CKZKrYPUtPd6TtkdpMKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2VhZDViYzAtMjYyMC00NWJjLWI5N2ItYWRiMDAwMjBhNDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
gDANBgkqhkiG9w0BAQsFAAOCAQEAcqKAfaX3CGwC8ajbtGKL8vNwiTBB8U0nPejK
oE9e+N2xnEfUG4dH/cs6FPhviHzGvEZ73FCzBPjqKXNSlpHWfJk8c2hSqhIK8bI0
97nY/uz/l4WTlz0D1XVHty+Vq5+scWYaigYXHO0cYQVovm5Ly8BSO1pvqItG1MME
DCtPNmw0zIq9NYoUX53v/WAhT25zfVsqxklouO2oKT1SyrppKJDWBfjG0Y75FAq1
7TG3HgkR2h/htgPq9eoVA9aBXEy4PRmEDQhEvb1GSZeZH3oyaFRh2ZT+zeOtjPNH
agL6xTyAuBJFzmTQvPX5Zx8jQKoW4hz7QX5vMFzUurbuIwHF2w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:43 2025 by rpki-client