Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa
File: d6265269-370a-4e3b-983b-9bec3a5c535a.roa (raw, json)
Hash identifier: 0sv/MyJP1p7X3FhSMOS/AfsBhu+PB2XIt6+v8+AqaXg=
Subject key identifier: C2:3A:3D:AC:72:A9:9E:C2:C3:78:0C:CC:78:35:CC:DA:16:6A:86:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7192FF67C5D506509F24D6A8674DE5F26F75E3F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa
Signing time: Mon 06 Oct 2025 18:00:57 +0000
ROA not before: Mon 06 Oct 2025 18:00:57 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:92:ff:67:c5:d5:06:50:9f:24:d6:a8:67:4d:e5:f2:6f:75:e3:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:00:57 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=9dc1547bd49a1379a7f0a7dbd611a5fe717ed731b596bd3e94f926d82e3cccb7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6f:3f:08:df:10:f3:34:39:a9:ba:07:d3:e4:
be:49:5d:22:9d:5c:bc:67:78:e9:37:c1:3e:91:ff:
66:be:7f:d1:0c:15:81:ab:15:fb:c6:da:cc:26:e8:
16:03:91:32:a9:5f:f4:1e:cd:53:cc:b3:31:aa:77:
66:cc:02:2b:4a:3d:e6:24:45:6e:c8:6a:b5:f8:7e:
5d:ee:18:c1:8b:8d:68:3e:f3:22:54:09:51:82:a9:
1d:4e:ce:45:70:c8:39:62:d1:8e:42:fa:cc:4b:de:
a1:69:0a:67:7f:b3:bb:9b:f5:11:f5:a6:56:68:a5:
90:4b:97:f7:50:4a:b1:02:0f:de:53:af:ac:f0:eb:
3a:0e:60:7c:1d:75:75:0b:53:f9:47:fb:63:f1:fd:
9c:95:14:4c:32:d2:08:de:21:6d:65:7f:95:1e:3b:
a2:86:2e:ec:da:27:0c:ef:cc:74:ed:1e:d1:5c:a0:
0c:8f:43:54:a8:5d:6b:e4:d6:ce:8b:27:5c:69:3b:
3e:2c:e2:d3:1c:6b:c1:83:c7:10:2a:93:24:18:bb:
1e:f3:71:8a:16:f3:6d:f7:49:f7:50:1f:ea:76:1e:
65:54:e8:cc:f1:b0:52:c2:35:c6:55:96:a4:89:ea:
4c:a7:99:7d:cc:fc:8e:d2:06:94:20:43:74:f5:bf:
47:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:3A:3D:AC:72:A9:9E:C2:C3:78:0C:CC:78:35:CC:DA:16:6A:86:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:e000::/40
Signature Algorithm: sha256WithRSAEncryption
61:cf:83:eb:82:2f:69:71:04:13:d6:0f:d5:25:07:15:f3:1f:
3f:19:14:68:10:48:78:71:0c:36:c2:ca:9c:9c:10:61:ae:78:
7d:05:84:5a:a4:26:bf:80:3c:65:44:22:38:dc:d7:72:02:53:
ae:47:9f:1e:21:84:cb:e8:57:e4:56:f4:5a:ac:51:13:b4:d1:
8c:d6:0e:f8:6d:22:a9:33:5d:4b:45:43:c0:33:12:af:ed:34:
f4:ff:ec:6c:e7:d1:29:56:2a:f1:bc:2d:bd:8e:d2:80:11:e2:
f9:2c:2f:83:6e:6c:09:d1:92:2b:b4:ea:e0:c5:01:48:d8:3f:
69:f2:73:d6:01:56:77:45:c1:3c:9f:88:15:3f:e4:17:93:76:
63:c1:c3:20:1c:2d:03:b5:ed:32:e7:f8:06:af:42:58:72:36:
3b:9a:bd:55:2e:93:d9:71:90:e8:5f:bf:1f:64:ef:6f:81:ac:
b3:49:21:8f:01:e1:0e:93:97:39:83:a6:70:cf:d2:dc:91:79:
4e:a1:d1:3c:70:c0:c7:08:78:c5:0b:e4:1c:9a:7c:21:80:13:
73:f3:ba:a6:3b:05:8d:b2:31:af:77:20:e3:35:5f:b4:e3:17:
d7:4c:0e:ed:1f:f9:2e:0c:40:0b:45:3e:af:e2:8e:cd:5d:45:
f5:32:fc:d1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcZL/Z8XVBlCfJNaoZ03l8m914/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAwNTdaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkYzE1NDdiZDQ5YTEzNzlhN2YwYTdkYmQ2MTFhNWZlNzE3ZWQ3MzFiNTk2
YmQzZTk0ZjkyNmQ4MmUzY2NjYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhvPwjfEPM0Oam6B9PkvkldIp1cvGd46TfBPpH/Zr5/0QwVgasV+8bazCbo
FgORMqlf9B7NU8yzMap3ZswCK0o95iRFbshqtfh+Xe4YwYuNaD7zIlQJUYKpHU7O
RXDIOWLRjkL6zEveoWkKZ3+zu5v1EfWmVmilkEuX91BKsQIP3lOvrPDrOg5gfB11
dQtT+Uf7Y/H9nJUUTDLSCN4hbWV/lR47ooYu7NonDO/MdO0e0VygDI9DVKhda+TW
zosnXGk7Pizi0xxrwYPHECqTJBi7HvNxihbzbfdJ91Af6nYeZVTozPGwUsI1xlWW
pInqTKeZfcz8jtIGlCBDdPW/R2cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTCOj2s
cqmewsN4DMx4NczaFmqG5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDYyNjUyNjktMzcwYS00ZTNiLTk4M2ItOWJlYzNhNWM1MzVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HPg
MA0GCSqGSIb3DQEBCwUAA4IBAQBhz4Prgi9pcQQT1g/VJQcV8x8/GRRoEEh4cQw2
wsqcnBBhrnh9BYRapCa/gDxlRCI43NdyAlOuR58eIYTL6FfkVvRarFETtNGM1g74
bSKpM11LRUPAMxKv7TT0/+xs59EpVirxvC29jtKAEeL5LC+DbmwJ0ZIrtOrgxQFI
2D9p8nPWAVZ3RcE8n4gVP+QXk3ZjwcMgHC0Dte0y5/gGr0JYcjY7mr1VLpPZcZDo
X78fZO9vgayzSSGPAeEOk5c5g6Zwz9LckXlOodE8cMDHCHjFC+QcmnwhgBNz87qm
OwWNsjGvdyDjNV+04xfXTA7tH/kuDEALRT6v4o7NXUX1MvzR
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:07 2025 by rpki-client