Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
File: d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa (raw, json)
Hash identifier: 5VGWb7WoSfQrl5yZXq+EqWVFjlFjNdzybiT8Q9pDY2E=
Subject key identifier: DD:36:E8:21:2C:87:37:ED:A4:9E:BA:62:36:AA:2D:1F:21:5A:30:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DEDF380AE772A777D1B84925980B134AB4C6C14
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
Signing time: Mon 06 Oct 2025 18:00:11 +0000
ROA not before: Mon 06 Oct 2025 18:00:11 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:ed:f3:80:ae:77:2a:77:7d:1b:84:92:59:80:b1:34:ab:4c:6c:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:00:11 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=330787de56c4e562010c16d858bb4253273382ee952474f97daf3a00c57b4f5a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5b:ae:6c:6c:b3:63:c7:22:6f:92:bb:2f:19:
27:0d:36:a3:d8:96:58:a2:12:06:17:77:4d:0c:d7:
8d:f5:50:7f:da:68:c0:3a:9c:c0:f6:05:93:10:a6:
b0:9e:4b:b6:be:fe:cc:39:b0:61:d7:4e:02:cf:f7:
ad:bc:7f:42:68:aa:70:eb:0d:7e:bd:6f:0d:b8:2f:
bd:41:ab:7f:88:29:cf:68:49:06:fc:60:6c:ee:ec:
94:df:04:18:e4:00:91:1e:6a:24:15:81:e1:c3:03:
0a:9e:0a:3e:0e:72:1b:ff:74:56:45:54:0a:bc:a2:
bd:05:eb:14:75:39:f7:a8:2e:17:f6:df:15:ff:1d:
0c:3d:58:ae:2d:b2:a1:83:64:ab:98:d7:17:5d:25:
17:8d:63:ea:0f:c7:c7:d1:f3:59:25:e4:24:e0:15:
4a:93:47:bf:a7:d8:1f:58:c0:bc:25:6c:be:5a:d4:
5f:b4:30:cd:87:f5:46:d5:d9:79:0c:5c:eb:56:91:
ce:f4:06:86:c4:38:f6:fb:97:be:0a:25:ea:09:3d:
b8:75:12:1f:3a:d5:55:53:0f:60:36:7b:5d:8e:fd:
68:f0:69:e4:dc:f3:12:8f:09:e9:55:fd:54:bc:ac:
8f:8f:ef:79:14:73:59:a3:39:d9:79:14:05:58:13:
f1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:36:E8:21:2C:87:37:ED:A4:9E:BA:62:36:AA:2D:1F:21:5A:30:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:840::/46
Signature Algorithm: sha256WithRSAEncryption
8f:cb:7e:88:bc:20:6f:07:f0:f5:61:dd:fe:9b:49:fa:25:52:
d6:f5:38:6e:02:29:ef:1c:52:5b:34:d0:7a:c8:8a:bd:09:ff:
4b:d5:88:c8:37:b2:f2:6d:c5:ff:80:c2:47:33:02:57:7b:85:
4b:cb:9a:b6:60:be:f8:fd:60:03:30:1e:f8:4e:78:e1:74:0e:
3e:76:c7:da:98:9e:61:6e:07:9c:19:aa:f4:5f:3f:40:55:02:
b9:79:a4:7f:8d:e0:1d:2b:59:95:3d:5e:f1:c6:5f:e3:28:65:
1c:c7:be:6a:83:45:cd:f3:fd:37:df:b6:d1:39:b6:65:e8:6c:
19:6a:9b:b8:21:9d:6e:69:20:e1:b4:87:a7:6f:f7:5f:06:d7:
40:33:a3:e3:81:00:d7:73:a7:f8:e4:46:4c:6d:b7:a8:97:17:
0c:99:b4:f5:6b:a0:f5:b1:24:5e:fc:5a:5e:d9:cb:e0:4a:5b:
92:84:01:8e:c8:07:a8:43:48:d9:03:0a:ba:6b:c2:15:fd:3b:
16:08:07:ea:09:93:ac:36:20:c4:d3:2d:22:f7:ee:86:12:4a:
85:0e:73:5e:4c:1f:50:e0:db:9f:32:6b:8c:92:04:ad:78:14:
2b:cb:df:ad:2c:c5:d3:23:b1:7d:87:72:d8:d4:5b:01:62:ac:
93:22:13:c2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULe3zgK53Knd9G4SSWYCxNKtMbBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAwMTFaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzMDc4N2RlNTZjNGU1NjIwMTBjMTZkODU4YmI0MjUzMjczMzgyZWU5NTI0
NzRmOTdkYWYzYTAwYzU3YjRmNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxbrmxss2PHIm+Suy8ZJw02o9iWWKISBhd3TQzXjfVQf9powDqcwPYFkxCm
sJ5Ltr7+zDmwYddOAs/3rbx/QmiqcOsNfr1vDbgvvUGrf4gpz2hJBvxgbO7slN8E
GOQAkR5qJBWB4cMDCp4KPg5yG/90VkVUCryivQXrFHU596guF/bfFf8dDD1Yri2y
oYNkq5jXF10lF41j6g/Hx9HzWSXkJOAVSpNHv6fYH1jAvCVsvlrUX7QwzYf1RtXZ
eQxc61aRzvQGhsQ49vuXvgol6gk9uHUSHzrVVVMPYDZ7XY79aPBp5NzzEo8J6VX9
VLysj4/veRRzWaM52XkUBVgT8W8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTdNugh
LIc37aSeumI2qi0fIVowGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDMxZTRiMWItMGZhOS00NTQ5LWE2ZmEtM2E2ZWI5NGVlZjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMI
QDANBgkqhkiG9w0BAQsFAAOCAQEAj8t+iLwgbwfw9WHd/ptJ+iVS1vU4bgIp7xxS
WzTQesiKvQn/S9WIyDey8m3F/4DCRzMCV3uFS8uatmC++P1gAzAe+E544XQOPnbH
2pieYW4HnBmq9F8/QFUCuXmkf43gHStZlT1e8cZf4yhlHMe+aoNFzfP9N9+20Tm2
ZehsGWqbuCGdbmkg4bSHp2/3XwbXQDOj44EA13On+ORGTG23qJcXDJm09Wug9bEk
XvxaXtnL4EpbkoQBjsgHqENI2QMKumvCFf07FggH6gmTrDYgxNMtIvfuhhJKhQ5z
XkwfUODbnzJrjJIErXgUK8vfrSzF0yOxfYdy2NRbAWKskyITwg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:43 2025 by rpki-client