Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
File: e2d9776f-9750-4d76-93f4-210836f1105b.roa (raw, json)
Hash identifier: vfvWxqeOIbuz1nVOQ6dEEu+W5tKjjH+ekZ0qwlojAMU=
Subject key identifier: C5:16:B6:2C:47:DB:AD:E8:1E:E6:96:0C:59:A4:3A:C0:5E:05:7F:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A905DB41BF5C38F66D921D437310871871030F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
Signing time: Mon 06 Oct 2025 18:00:38 +0000
ROA not before: Mon 06 Oct 2025 18:00:38 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:90:5d:b4:1b:f5:c3:8f:66:d9:21:d4:37:31:08:71:87:10:30:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:00:38 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=b36aee40ea501ef0a04d174f573536211213b0e64c470414e864b3eb97a5c40b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7e:63:99:41:36:50:a0:62:8c:ef:da:d2:8c:
f5:c8:3d:cc:07:07:52:f1:16:68:a9:56:7a:93:78:
0b:9d:a5:42:a3:bd:41:d0:4c:8f:e4:bd:43:8f:0d:
74:b1:71:2c:10:45:94:21:85:39:f8:e2:a0:a4:29:
90:6f:cd:b1:a7:e6:80:7a:eb:3a:ec:1a:aa:bd:ba:
13:13:9b:67:90:25:ca:6c:ff:5f:74:1b:4b:22:17:
9a:c5:bd:60:9d:fc:96:8c:9d:6e:df:67:83:44:cd:
bd:60:02:37:39:65:f9:02:50:c3:57:9e:dc:d9:1b:
35:b2:16:b8:56:77:df:76:18:a1:07:50:b3:fa:d5:
2e:04:a4:8e:72:9f:0b:88:4d:8b:b6:b4:9d:b9:11:
38:8a:eb:c8:87:f0:77:cd:80:1e:96:63:63:bb:d4:
c4:1e:95:d8:6f:44:56:82:b5:28:a6:4a:2a:33:fa:
ab:9c:e1:19:09:9e:b3:0e:d8:88:1a:6d:57:66:74:
0a:ad:66:ac:5b:95:13:b9:94:bc:78:37:54:7e:c9:
e0:bb:b3:55:01:a0:76:46:7d:4a:fd:5e:16:ce:49:
02:16:6c:15:7a:3e:63:f0:7a:fd:c4:70:0b:1c:71:
80:01:92:bf:ca:b7:be:3c:40:5c:87:8b:3f:e3:65:
47:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:16:B6:2C:47:DB:AD:E8:1E:E6:96:0C:59:A4:3A:C0:5E:05:7F:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c020::/46
Signature Algorithm: sha256WithRSAEncryption
1f:87:34:52:bd:0a:e3:9b:5d:e9:65:0e:2d:2e:e2:63:bd:f1:
39:31:a0:77:2d:d0:00:71:0b:71:46:c7:5d:11:49:27:95:6b:
72:fa:70:86:81:48:61:a4:bf:e2:ac:6a:b7:f5:3c:12:d5:5b:
0b:56:7b:fe:b8:df:a0:2d:3f:e3:3d:d1:2f:76:8c:af:9f:b0:
37:68:42:26:18:f3:d7:90:45:46:83:c3:1a:3b:ab:93:f4:59:
d8:e2:de:4b:fd:02:2c:b1:88:ea:ce:d2:24:1f:4f:5a:71:c9:
41:80:c1:07:22:6d:a9:ee:d2:6c:3d:ab:f8:ec:78:48:87:46:
cd:a5:d5:3f:86:96:59:db:56:f4:48:6a:17:37:26:4b:be:b2:
bf:bf:99:0c:a2:05:8b:12:0e:8b:33:bb:97:2f:8f:3d:4d:71:
2a:29:0c:2e:3e:ef:ec:25:d7:3a:76:e0:59:c7:dc:a2:c1:ac:
00:dc:07:7e:02:e7:a0:e5:11:85:41:a2:f6:97:5d:4b:4c:ca:
5f:da:b4:b3:94:6c:8a:77:01:77:74:d5:24:19:0b:20:db:80:
c7:be:3a:dd:bf:39:9d:59:42:9d:77:89:8d:8c:e9:e6:54:7b:
17:1d:a6:01:bc:03:bd:53:05:1b:35:11:20:57:aa:ac:55:47:
49:18:64:ce
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWpBdtBv1w49m2SHUNzEIcYcQMPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAwMzhaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzNmFlZTQwZWE1MDFlZjBhMDRkMTc0ZjU3MzUzNjIxMTIxM2IwZTY0YzQ3
MDQxNGU4NjRiM2ViOTdhNWM0MGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIx+Y5lBNlCgYozv2tKM9cg9zAcHUvEWaKlWepN4C52lQqO9QdBMj+S9Q48N
dLFxLBBFlCGFOfjioKQpkG/NsafmgHrrOuwaqr26ExObZ5Alymz/X3QbSyIXmsW9
YJ38loydbt9ng0TNvWACNzll+QJQw1ee3NkbNbIWuFZ333YYoQdQs/rVLgSkjnKf
C4hNi7a0nbkROIrryIfwd82AHpZjY7vUxB6V2G9EVoK1KKZKKjP6q5zhGQmesw7Y
iBptV2Z0Cq1mrFuVE7mUvHg3VH7J4LuzVQGgdkZ9Sv1eFs5JAhZsFXo+Y/B6/cRw
CxxxgAGSv8q3vjxAXIeLP+NlRxsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTFFrYs
R9ut6B7mlgxZpDrAXgV/wTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTJkOTc3NmYtOTc1MC00ZDc2LTkzZjQtMjEwODM2ZjExMDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPA
IDANBgkqhkiG9w0BAQsFAAOCAQEAH4c0Ur0K45td6WUOLS7iY73xOTGgdy3QAHEL
cUbHXRFJJ5VrcvpwhoFIYaS/4qxqt/U8EtVbC1Z7/rjfoC0/4z3RL3aMr5+wN2hC
Jhjz15BFRoPDGjurk/RZ2OLeS/0CLLGI6s7SJB9PWnHJQYDBByJtqe7SbD2r+Ox4
SIdGzaXVP4aWWdtW9EhqFzcmS76yv7+ZDKIFixIOizO7ly+PPU1xKikMLj7v7CXX
OnbgWcfcosGsANwHfgLnoOURhUGi9pddS0zKX9q0s5RsincBd3TVJBkLINuAx746
3b85nVlCnXeJjYzp5lR7Fx2mAbwDvVMFGzURIFeqrFVHSRhkzg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:36 2025 by rpki-client