Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
File: dc148af9-68cc-4a7f-b7fd-6ac691016888.roa (raw, json)
Hash identifier: IK/7TYS5hKlzuPlbaq81S74E0/agPx2mW7cpE1RWa3E=
Subject key identifier: 9A:6F:A5:79:4E:14:BF:93:87:D1:10:53:3F:D8:C1:37:50:AB:DD:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18ABD06E171B25D0C3C0C441A51BD9D63F988999
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
Signing time: Fri 26 Sep 2025 20:11:26 +0000
ROA not before: Fri 26 Sep 2025 20:11:26 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:ab:d0:6e:17:1b:25:d0:c3:c0:c4:41:a5:1b:d9:d6:3f:98:89:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:11:26 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=08297169a3f97eb9e3ffe7721414af8d8bab3e9e2abe78303f18a1cf23c4bafc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:59:0c:24:f7:3a:4e:20:55:be:17:7f:a5:d6:
78:a0:f3:f0:91:a1:aa:4d:06:90:a6:88:b6:3c:9c:
2a:4a:50:75:e6:5b:c0:d8:77:e1:70:6d:47:64:42:
d4:ea:ef:e9:6a:ea:9f:ee:43:2b:c1:78:b1:3a:50:
af:aa:e8:9a:21:6e:e7:31:e8:5f:d0:44:ad:40:a9:
df:71:4a:19:b1:0c:19:88:c7:26:e6:c5:31:be:7c:
ed:57:0c:fc:37:62:fb:af:5a:70:1b:49:04:27:dd:
0c:46:bd:87:0d:f4:bb:9f:61:9e:9f:4f:65:44:35:
1e:1c:6a:19:5c:42:44:90:9c:d7:cb:1d:ea:d3:5e:
b7:d8:ef:2c:55:b0:d5:66:23:0e:b9:de:d2:70:c0:
7e:40:7e:b0:4b:81:af:12:b0:ed:4c:fc:dc:69:20:
7c:4e:32:52:ef:36:63:18:db:ea:39:c7:1c:39:0a:
21:ec:12:0b:bf:e6:8f:0a:bf:de:f4:03:37:46:1f:
90:b8:b4:d4:14:0d:f7:f9:e3:68:6c:08:33:a6:f5:
97:82:5c:52:31:5c:5e:b2:3e:bf:0f:6b:a9:4f:ea:
26:01:ca:25:3f:3c:94:cb:bf:23:e5:b8:f6:e9:fb:
99:d7:50:3e:a6:be:4d:92:ab:dd:15:4c:a8:79:85:
1f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:6F:A5:79:4E:14:BF:93:87:D1:10:53:3F:D8:C1:37:50:AB:DD:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025::/36
Signature Algorithm: sha256WithRSAEncryption
43:9f:f7:5e:f7:cf:ce:0e:e4:14:d1:3b:55:39:19:39:d3:f1:
f8:55:60:b2:80:46:4c:0e:de:ec:00:81:8a:14:90:c7:df:c1:
bd:66:0a:d8:82:9b:75:d4:ee:a8:da:f1:8b:2b:e6:70:10:e7:
89:a7:35:cf:06:2f:c5:39:83:c8:b7:0e:55:ac:f3:92:db:5b:
61:bc:cf:93:e1:27:2d:55:ad:b5:3e:da:5f:37:74:99:d8:9e:
5b:29:0e:2c:61:2a:6c:43:dd:d0:8c:58:f2:80:9c:67:63:41:
48:98:44:16:80:89:d0:e8:19:dd:4b:16:cc:27:aa:0c:d8:53:
68:54:39:bf:fc:18:74:15:c3:f6:67:e0:92:d5:7c:0c:e6:c4:
1a:4f:c2:27:41:78:c9:b4:6e:dc:49:21:42:18:c5:ed:85:5f:
c1:28:54:5e:32:4b:4c:17:a4:61:74:52:15:d5:fb:c7:13:6d:
af:1e:dc:e2:5a:ae:d0:3e:ea:50:d1:a9:66:a5:4c:c1:26:6d:
06:ca:30:db:49:a0:61:12:f8:84:ff:11:8f:02:b4:2e:7f:f8:
cf:cc:1d:ef:8d:86:c3:b6:55:1f:db:93:cd:ef:54:21:10:93:
94:0c:9f:70:10:e2:6f:42:f5:bd:6b:92:2f:2e:70:b3:18:4a:
c3:ce:85:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGKvQbhcbJdDDwMRBpRvZ1j+YiZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDExMjZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4Mjk3MTY5YTNmOTdlYjllM2ZmZTc3MjE0MTRhZjhkOGJhYjNlOWUyYWJl
NzgzMDNmMThhMWNmMjNjNGJhZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpZDCT3Ok4gVb4Xf6XWeKDz8JGhqk0GkKaItjycKkpQdeZbwNh34XBtR2RC
1Orv6Wrqn+5DK8F4sTpQr6romiFu5zHoX9BErUCp33FKGbEMGYjHJubFMb587VcM
/Ddi+69acBtJBCfdDEa9hw30u59hnp9PZUQ1HhxqGVxCRJCc18sd6tNet9jvLFWw
1WYjDrne0nDAfkB+sEuBrxKw7Uz83GkgfE4yUu82Yxjb6jnHHDkKIewSC7/mjwq/
3vQDN0YfkLi01BQN9/njaGwIM6b1l4JcUjFcXrI+vw9rqU/qJgHKJT88lMu/I+W4
9un7mddQPqa+TZKr3RVMqHmFH9MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSab6V5
ThS/k4fREFM/2ME3UKvdITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGMxNDhhZjktNjhjYy00YTdmLWI3ZmQtNmFjNjkxMDE2ODg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUA
MA0GCSqGSIb3DQEBCwUAA4IBAQBDn/de98/ODuQU0TtVORk50/H4VWCygEZMDt7s
AIGKFJDH38G9ZgrYgpt11O6o2vGLK+ZwEOeJpzXPBi/FOYPItw5VrPOS21thvM+T
4SctVa21PtpfN3SZ2J5bKQ4sYSpsQ93QjFjygJxnY0FImEQWgInQ6BndSxbMJ6oM
2FNoVDm//Bh0FcP2Z+CS1XwM5sQaT8InQXjJtG7cSSFCGMXthV/BKFReMktMF6Rh
dFIV1fvHE22vHtziWq7QPupQ0almpUzBJm0GyjDbSaBhEviE/xGPArQuf/jPzB3v
jYbDtlUf25PN71QhEJOUDJ9wEOJvQvW9a5IvLnCzGErDzoVW
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:21 2025 by rpki-client