Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
File: d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa (raw, json)
Hash identifier: mkbwsvhKeoz7dRfvLm7xE7whLqppbZg7pBUW0Z2FFBs=
Subject key identifier: C7:D5:3A:FC:3F:89:5B:E4:74:DB:53:71:74:66:9D:21:CF:F2:F5:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 466C06D72759960FF8CB5D40342029014C1FCFA3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
Signing time: Fri 26 Sep 2025 19:41:17 +0000
ROA not before: Fri 26 Sep 2025 19:41:17 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:6c:06:d7:27:59:96:0f:f8:cb:5d:40:34:20:29:01:4c:1f:cf:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:41:17 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=c2484e2d39d44872ff50388844fc9f7aebf66f4635f960cc96320818941c4337, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3f:9e:9a:65:5b:11:86:00:2e:ac:bd:fd:e6:
d4:4a:ef:92:cf:75:59:88:2e:d5:70:6a:55:31:10:
97:6a:4d:7c:9d:68:3d:a4:b4:47:eb:29:55:b7:ad:
35:5a:69:41:57:23:89:e7:76:9f:91:0f:f4:f8:3a:
d7:09:f2:2a:b8:8f:9d:a1:c9:4f:fa:c1:4f:af:8d:
7e:00:0b:c1:84:09:c5:bb:2a:e4:6b:07:34:08:9c:
52:54:cd:99:56:23:f8:f3:b3:65:31:d3:e3:1b:b0:
36:9c:51:db:22:c0:15:51:f2:45:4b:ea:15:59:b0:
1d:05:f2:b2:c1:e8:e5:b6:c8:d4:f7:ab:1f:d8:7d:
37:bb:8d:ab:89:49:8f:d7:17:9f:40:03:95:ab:35:
99:56:ed:b0:58:df:44:5e:ea:b6:98:db:b3:d8:e6:
52:1a:d5:cf:a6:8c:26:fa:81:b1:53:aa:ef:96:23:
5a:df:e0:93:dd:a9:68:d8:8a:8b:e8:3e:47:8a:29:
e7:be:b8:f0:eb:ed:96:7d:51:52:39:55:d9:00:4c:
4f:ae:70:56:d8:1b:8b:01:a9:fa:ce:17:ed:4d:c0:
a5:54:ac:dc:16:6f:2d:bb:38:a8:01:37:9a:b8:5c:
2f:db:7c:7b:79:28:14:96:05:72:ff:e9:ea:c6:13:
ec:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D5:3A:FC:3F:89:5B:E4:74:DB:53:71:74:66:9D:21:CF:F2:F5:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:1000::/40
Signature Algorithm: sha256WithRSAEncryption
34:23:5a:ac:ce:cf:b6:51:b9:b4:4a:be:72:9f:c0:d1:06:ae:
26:01:62:fe:ef:a8:8e:24:08:1d:42:d4:d9:b7:ae:9b:f3:0a:
c4:c7:63:92:02:8d:85:e1:11:e7:5d:f6:e9:2c:14:5c:77:65:
7c:a0:30:76:c3:3c:8d:90:18:b5:b0:7c:16:a3:06:aa:21:dd:
49:19:01:79:01:3c:11:f0:a1:47:47:5a:c4:a2:d5:3b:f0:48:
2c:d3:0c:22:8d:af:97:d5:25:99:fe:cf:87:9a:89:11:08:c2:
c8:36:00:41:ac:0a:3c:b1:b7:ca:e3:20:fd:c3:5d:90:94:a1:
b7:e7:d0:1f:10:99:87:01:20:ac:54:87:d6:a1:41:c5:cb:55:
d0:b6:d4:d6:46:08:4a:66:69:02:94:26:0d:d6:77:d3:49:d3:
85:fe:88:a6:ba:f6:16:a1:da:bb:90:7d:c0:8d:ac:c2:ae:b9:
4b:c9:58:a7:0f:ca:14:4d:cd:b0:3a:3d:54:72:b1:2a:e8:74:
1e:85:6e:5b:66:34:cf:74:b2:31:9f:12:20:23:24:03:6f:d6:
a0:3c:95:e3:64:ed:29:16:80:16:dd:af:72:39:85:50:c1:92:
f2:6c:b9:7d:6a:61:a0:49:84:52:af:5e:8b:92:42:17:c1:6c:
d4:02:09:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURmwG1ydZlg/4y11ANCApAUwfz6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQxMTdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyNDg0ZTJkMzlkNDQ4NzJmZjUwMzg4ODQ0ZmM5ZjdhZWJmNjZmNDYzNWY5
NjBjYzk2MzIwODE4OTQxYzQzMzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALE/npplWxGGAC6svf3m1Ervks91WYgu1XBqVTEQl2pNfJ1oPaS0R+spVbet
NVppQVcjied2n5EP9Pg61wnyKriPnaHJT/rBT6+NfgALwYQJxbsq5GsHNAicUlTN
mVYj+POzZTHT4xuwNpxR2yLAFVHyRUvqFVmwHQXyssHo5bbI1PerH9h9N7uNq4lJ
j9cXn0ADlas1mVbtsFjfRF7qtpjbs9jmUhrVz6aMJvqBsVOq75YjWt/gk92paNiK
i+g+R4op57648Ovtln1RUjlV2QBMT65wVtgbiwGp+s4X7U3ApVSs3BZvLbs4qAE3
mrhcL9t8e3koFJYFcv/p6sYT7KECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTH1Tr8
P4lb5HTbU3F0Zp0hz/L17DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDM4NWZmNGItN2Y4ZS00NWQyLThmOGItZmNkZTE0MjZhMDUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA0I1qszs+2Ubm0Sr5yn8DRBq4mAWL+76iOJAgd
QtTZt66b8wrEx2OSAo2F4RHnXfbpLBRcd2V8oDB2wzyNkBi1sHwWowaqId1JGQF5
ATwR8KFHR1rEotU78Egs0wwija+X1SWZ/s+HmokRCMLINgBBrAo8sbfK4yD9w12Q
lKG359AfEJmHASCsVIfWoUHFy1XQttTWRghKZmkClCYN1nfTSdOF/oimuvYWodq7
kH3AjazCrrlLyVinD8oUTc2wOj1UcrEq6HQehW5bZjTPdLIxnxIgIyQDb9agPJXj
ZO0pFoAW3a9yOYVQwZLybLl9amGgSYRSr16LkkIXwWzUAgni
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:26 2025 by rpki-client