Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
File: e279c5e7-6144-440a-9f1d-2013fb96d06a.roa (raw, json)
Hash identifier: k6s8Oy+oItMN47qwgnNlDAsAYKaCT3iIuPK8DVOuIro=
Subject key identifier: EB:ED:4D:85:1E:7A:16:1B:A5:FC:F5:CA:38:63:33:23:BF:61:CC:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58EF83A6B8AD5BC79BF9EC4FA3E395BBA3AC63E0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
Signing time: Fri 26 Sep 2025 19:40:18 +0000
ROA not before: Fri 26 Sep 2025 19:40:18 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:ef:83:a6:b8:ad:5b:c7:9b:f9:ec:4f:a3:e3:95:bb:a3:ac:63:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:40:18 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=7840007a7b4c1293b74249b00d5e5a9c122e919c612cfca90042556d781fb705, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f9:8f:7b:88:4d:88:dd:7b:6d:b7:94:db:1e:
cc:5d:33:da:77:79:2c:0d:24:52:81:e1:4c:4a:98:
20:fb:c1:cb:00:9f:8e:d0:4e:aa:cf:e6:7d:e8:aa:
7b:7b:a4:82:92:7b:c0:42:29:02:a4:f2:ab:3a:e3:
af:89:dd:4b:2e:41:71:11:70:a5:44:69:f6:42:ae:
83:2a:5a:e6:ab:3a:27:50:56:f8:bb:87:39:c9:ba:
3e:eb:4f:b3:6a:7a:5e:14:b8:a8:11:7d:6e:f5:48:
84:00:79:a2:17:11:85:bd:19:43:d7:e2:ad:49:1b:
c4:4b:0a:0d:12:32:57:27:8a:e8:17:2e:cd:28:3b:
09:10:56:18:af:82:18:86:37:ce:0c:35:36:c9:ff:
fb:6d:8d:c0:d2:b3:ae:62:b4:5a:3e:a3:f7:56:08:
b4:f0:e3:f8:6f:a4:52:af:da:60:47:8a:d1:0f:60:
3c:27:ee:55:2a:3d:bf:c2:b3:16:d1:24:79:ba:a5:
fb:2a:16:57:79:8e:2e:7f:bb:30:8f:fe:6c:1b:1e:
75:dd:4a:ca:3f:bd:6c:18:42:ed:ba:ad:74:81:c6:
b4:40:de:fc:c2:8b:b6:7d:d1:c7:30:d8:14:53:01:
22:ae:a0:38:9d:a6:bc:9f:9e:36:85:fb:89:c8:00:
52:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:ED:4D:85:1E:7A:16:1B:A5:FC:F5:CA:38:63:33:23:BF:61:CC:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:2000::/40
Signature Algorithm: sha256WithRSAEncryption
77:6f:1f:97:4c:77:c0:2b:23:05:88:4d:73:10:4e:7a:e3:ca:
7c:2a:b8:5d:59:c4:5d:99:0f:a1:d2:3d:bd:67:c7:20:82:8d:
73:19:9f:73:7d:45:bb:81:ad:ef:31:9c:31:6f:ce:34:19:07:
00:90:f9:f0:fc:5e:71:1f:c6:88:1d:8c:2b:ba:74:08:9a:70:
f3:52:30:8d:ca:86:58:f4:98:d5:7f:b9:2b:46:86:e0:0d:dc:
8f:2b:d5:98:0d:69:4c:38:b1:55:5d:b5:bb:41:ba:da:92:8e:
ef:31:c3:36:bd:40:f3:cd:e0:aa:4f:df:03:a5:3e:77:32:8c:
ea:3c:a4:28:69:c3:97:fb:dc:4c:0c:bc:d0:f2:ea:e2:74:ee:
3a:c7:08:38:8f:d5:66:16:96:b4:e5:05:35:ba:7f:ba:ca:1f:
4e:74:8f:ca:85:ae:2d:06:06:a3:81:e7:6a:3d:7f:15:86:3c:
1f:64:4e:67:84:74:48:55:b5:44:05:3e:c5:e3:f6:1d:e1:e6:
59:13:be:2e:49:64:1c:0b:e4:85:71:72:c1:eb:1a:49:06:fd:
5f:97:ac:14:b8:00:36:f8:35:c1:55:8a:1d:24:f5:13:0b:bc:
42:94:24:cd:d6:12:44:57:13:50:17:fe:b7:71:57:c6:52:a8:
79:b7:77:0f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWO+DpritW8eb+exPo+OVu6OsY+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQwMThaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4NDAwMDdhN2I0YzEyOTNiNzQyNDliMDBkNWU1YTljMTIyZTkxOWM2MTJj
ZmNhOTAwNDI1NTZkNzgxZmI3MDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALf5j3uITYjde223lNsezF0z2nd5LA0kUoHhTEqYIPvBywCfjtBOqs/mfeiq
e3ukgpJ7wEIpAqTyqzrjr4ndSy5BcRFwpURp9kKugypa5qs6J1BW+LuHOcm6PutP
s2p6XhS4qBF9bvVIhAB5ohcRhb0ZQ9firUkbxEsKDRIyVyeK6BcuzSg7CRBWGK+C
GIY3zgw1Nsn/+22NwNKzrmK0Wj6j91YItPDj+G+kUq/aYEeK0Q9gPCfuVSo9v8Kz
FtEkebql+yoWV3mOLn+7MI/+bBsedd1Kyj+9bBhC7bqtdIHGtEDe/MKLtn3RxzDY
FFMBIq6gOJ2mvJ+eNoX7icgAUlMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTr7U2F
HnoWG6X89co4YzMjv2HMZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTI3OWM1ZTctNjE0NC00NDBhLTlmMWQtMjAxM2ZiOTZkMDZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIg
MA0GCSqGSIb3DQEBCwUAA4IBAQB3bx+XTHfAKyMFiE1zEE5648p8KrhdWcRdmQ+h
0j29Z8cggo1zGZ9zfUW7ga3vMZwxb840GQcAkPnw/F5xH8aIHYwrunQImnDzUjCN
yoZY9JjVf7krRobgDdyPK9WYDWlMOLFVXbW7Qbrako7vMcM2vUDzzeCqT98DpT53
MozqPKQoacOX+9xMDLzQ8uridO46xwg4j9VmFpa05QU1un+6yh9OdI/Kha4tBgaj
gedqPX8VhjwfZE5nhHRIVbVEBT7F4/Yd4eZZE74uSWQcC+SFcXLB6xpJBv1fl6wU
uAA2+DXBVYodJPUTC7xClCTN1hJEVxNQF/63cVfGUqh5t3cP
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:38 2025 by rpki-client