Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de8b1a9f-0a06-4e9e-a49e-a5abeb7a4707.roa
File: de8b1a9f-0a06-4e9e-a49e-a5abeb7a4707.roa (raw, json)
Hash identifier: TXncQivqp301/MjbKjoN07nZIrTO57y1OuUwc4ruPac=
Subject key identifier: F6:92:E9:84:2D:C2:94:17:38:97:33:72:C4:D1:B5:97:95:7B:66:16
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D8F9FC4C84B03E203FA63E9D2031759C0F198DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de8b1a9f-0a06-4e9e-a49e-a5abeb7a4707.roa
Signing time: Mon 06 Oct 2025 18:00:33 +0000
ROA not before: Mon 06 Oct 2025 18:00:33 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:e080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:8f:9f:c4:c8:4b:03:e2:03:fa:63:e9:d2:03:17:59:c0:f1:98:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:00:33 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=bd623183c205a0f4ae9e8c36623e3de9336fa0fa42f36a829ea4aae35b90d643, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2a:1d:05:75:7d:7f:d2:86:e5:52:7e:1f:7e:
1b:af:be:8a:cb:79:e1:ae:3e:5c:fb:ce:4e:c3:d2:
c7:f1:a2:3a:ff:ce:31:ae:f6:59:98:f9:36:e2:c2:
dc:1d:5c:fe:e5:c1:37:57:2a:22:00:81:c3:e8:22:
aa:3c:4d:79:c5:50:e1:23:41:6e:74:4d:f7:be:65:
8b:05:42:4c:dd:93:6a:d4:dc:fb:22:4b:d5:d6:6e:
0c:15:3a:d6:31:0c:97:07:c7:04:64:ed:df:a1:39:
ae:ad:7a:cf:1f:03:5b:73:79:9f:4f:a1:bd:ee:73:
fd:b7:80:10:11:f6:dc:ce:07:f4:8f:52:b2:62:a2:
6c:9b:6d:2e:df:09:45:65:7a:81:fb:53:4a:65:30:
1a:63:72:88:0a:3d:e7:dc:32:5a:6a:66:33:fe:38:
48:9b:6c:4b:f9:cd:fe:55:a6:26:57:3e:4c:c7:9a:
88:f2:14:09:d7:54:f4:f2:1d:ee:9d:b4:55:0d:e4:
21:71:f7:1a:72:b1:7b:e5:c0:5e:a8:95:78:4d:ae:
df:d7:98:aa:e7:19:67:3c:f0:03:d4:96:12:1d:d9:
22:94:d7:9b:d7:76:4b:a8:e4:f0:6a:fe:79:af:8a:
dd:49:55:a7:45:63:10:ad:9f:73:34:eb:c4:5f:99:
b1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:92:E9:84:2D:C2:94:17:38:97:33:72:C4:D1:B5:97:95:7B:66:16
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de8b1a9f-0a06-4e9e-a49e-a5abeb7a4707.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:e080::/46
Signature Algorithm: sha256WithRSAEncryption
10:0a:e7:25:40:b5:33:96:b0:d8:4f:08:24:38:b9:d4:4c:08:
66:f5:77:dd:6d:6d:4b:ad:7f:f3:9b:e8:ae:9e:94:f4:8c:ba:
84:f8:2f:0c:ea:ed:2c:1e:47:78:96:0a:50:73:a0:d0:b4:74:
e1:9a:db:b5:d3:8b:ac:90:12:7f:ec:5c:90:12:bb:07:54:29:
1b:91:58:f5:10:48:be:8e:e2:29:94:30:77:4f:47:4d:38:b7:
ed:56:0a:fc:81:18:0b:76:24:df:3c:9e:dd:fa:28:5e:86:9d:
5d:e1:02:cd:24:e6:ae:f3:a9:3a:da:f4:9d:0e:3e:02:83:3e:
d7:2f:c6:49:cd:60:d5:a9:db:6b:d9:0f:97:fa:93:1f:7f:68:
b1:22:0a:9d:43:66:67:95:63:da:fd:f9:44:be:b4:80:3b:68:
83:d5:40:5c:4e:ff:68:99:10:d6:9c:62:c4:30:dc:c9:ee:4b:
6b:92:db:21:41:b7:49:8e:ef:14:d1:04:79:16:09:8a:42:6d:
1c:29:38:dd:f5:cd:e4:06:97:be:1a:95:13:b8:cd:67:83:64:
d9:c7:9b:e2:a3:bc:be:bb:a2:2b:e7:ea:4d:69:b0:6c:a1:81:
37:1c:2f:9d:b1:3a:85:cd:d3:5e:e1:6d:3f:40:d2:7b:8a:b9:
5e:31:6f:cb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXY+fxMhLA+ID+mPp0gMXWcDxmN0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAwMzNaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkNjIzMTgzYzIwNWEwZjRhZTllOGMzNjYyM2UzZGU5MzM2ZmEwZmE0MmYz
NmE4MjllYTRhYWUzNWI5MGQ2NDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwqHQV1fX/ShuVSfh9+G6++ist54a4+XPvOTsPSx/GiOv/OMa72WZj5NuLC
3B1c/uXBN1cqIgCBw+giqjxNecVQ4SNBbnRN975liwVCTN2TatTc+yJL1dZuDBU6
1jEMlwfHBGTt36E5rq16zx8DW3N5n0+hve5z/beAEBH23M4H9I9SsmKibJttLt8J
RWV6gftTSmUwGmNyiAo959wyWmpmM/44SJtsS/nN/lWmJlc+TMeaiPIUCddU9PId
7p20VQ3kIXH3GnKxe+XAXqiVeE2u39eYqucZZzzwA9SWEh3ZIpTXm9d2S6jk8Gr+
ea+K3UlVp0VjEK2fczTrxF+ZsXkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT2kumE
LcKUFziXM3LE0bWXlXtmFjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGU4YjFhOWYtMGEwNi00ZTllLWE0OWUtYTVhYmViN2E0NzA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPg
gDANBgkqhkiG9w0BAQsFAAOCAQEAEArnJUC1M5aw2E8IJDi51EwIZvV33W1tS61/
85vorp6U9Iy6hPgvDOrtLB5HeJYKUHOg0LR04ZrbtdOLrJASf+xckBK7B1QpG5FY
9RBIvo7iKZQwd09HTTi37VYK/IEYC3Yk3zye3fooXoadXeECzSTmrvOpOtr0nQ4+
AoM+1y/GSc1g1anba9kPl/qTH39osSIKnUNmZ5Vj2v35RL60gDtog9VAXE7/aJkQ
1pxixDDcye5La5LbIUG3SY7vFNEEeRYJikJtHCk43fXN5AaXvhqVE7jNZ4Nk2ceb
4qO8vruiK+fqTWmwbKGBNxwvnbE6hc3TXuFtP0DSe4q5XjFvyw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:10 2025 by rpki-client