Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5441596-15c4-4d01-8bbb-98276f83e0ac.roa
File: e5441596-15c4-4d01-8bbb-98276f83e0ac.roa (raw, json)
Hash identifier: rPi22ivupmyWRUlVgYwmLHXFAPGSNipGM+M+tT8gLA0=
Subject key identifier: DE:1D:B4:8C:52:3F:74:A2:0B:AE:E9:7C:52:23:35:52:E9:BA:0D:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6064173ABD9C5B0B8F5855B94EC1D7620A8CF65A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5441596-15c4-4d01-8bbb-98276f83e0ac.roa
Signing time: Mon 06 Oct 2025 17:50:36 +0000
ROA not before: Mon 06 Oct 2025 17:50:36 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:64:17:3a:bd:9c:5b:0b:8f:58:55:b9:4e:c1:d7:62:0a:8c:f6:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:36 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=21e37f33c49e9c98d10776abfbabbf5e7981a36b518301522bc930b760ccc542, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5c:ad:b0:a4:d7:fe:e1:f9:95:d3:ca:78:3a:
95:f2:97:08:6d:f0:d2:1a:28:1e:81:d8:49:29:5f:
bd:58:08:bd:41:b6:a4:76:3d:4e:43:a4:72:7d:b3:
76:7f:22:0d:78:a7:30:2e:1f:ee:55:59:be:6d:13:
06:0e:cf:7a:ee:9d:08:79:70:5f:3e:63:db:a3:6a:
c2:75:4d:75:f5:26:a5:06:ad:34:69:a3:dc:51:2d:
fe:3c:c9:09:11:1b:e1:86:57:33:33:e2:59:3f:3c:
bd:44:34:ad:49:bd:df:19:9b:eb:9a:69:12:8d:59:
12:46:94:f8:a6:3a:5a:b8:63:bd:07:d5:e6:4c:1a:
cb:1c:4c:b9:80:8c:a1:de:9b:d3:b8:5c:0d:0d:ad:
5d:08:f0:e6:8c:9b:d1:a7:c7:72:92:b8:85:2c:39:
ca:9c:e2:36:ee:93:41:cb:26:2d:6f:9d:7c:cf:1b:
b0:01:af:ed:d0:a8:4e:4c:c0:2c:87:49:3f:43:df:
d8:ae:a0:ec:a5:5a:28:19:57:b8:ed:b4:53:8a:32:
da:46:61:f4:95:95:c7:02:25:21:95:63:b4:77:ba:
c0:a3:26:3c:d9:a8:70:2f:9d:59:a6:ab:9b:38:b9:
10:74:47:e6:01:3d:5e:c7:bc:80:4c:29:73:ae:6b:
b2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:1D:B4:8C:52:3F:74:A2:0B:AE:E9:7C:52:23:35:52:E9:BA:0D:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5441596-15c4-4d01-8bbb-98276f83e0ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
32:16:72:88:ea:8d:81:b8:24:33:64:9a:13:d6:24:0a:2f:8f:
ee:11:69:49:ff:1d:59:6f:d8:65:90:18:86:3a:d3:cd:47:21:
f0:44:f5:61:6d:4e:48:79:0d:85:ad:f3:8a:ba:98:d3:59:c1:
86:62:f8:1f:59:94:34:37:1e:b0:b7:db:a0:23:88:02:77:09:
df:b2:54:03:8c:c5:82:db:3b:86:ba:74:ec:29:ac:36:30:4b:
ed:33:2f:b4:6b:a6:e6:67:11:38:3c:70:e4:5e:57:a9:60:fa:
c1:03:ad:e4:7b:df:63:79:3c:fa:58:24:ce:ab:92:0b:e4:5b:
0b:2c:50:f8:3f:43:d8:31:3f:d4:96:56:db:9d:fa:ef:79:1a:
96:40:87:10:4e:97:f3:24:72:77:51:6e:db:e4:bb:07:c5:3c:
dd:a8:98:0e:c8:82:1f:59:df:7f:1f:a4:d9:30:79:a3:44:11:
1e:0b:9f:bc:45:57:84:79:04:95:f4:1f:b1:51:ee:19:ca:f2:
ae:b2:cf:c9:9a:3c:d8:72:b3:1f:cf:25:90:00:12:58:30:69:
c6:e3:9b:ba:5f:42:e4:80:96:71:20:41:82:ea:38:3c:95:c3:
85:af:46:80:63:d1:13:79:32:a6:f9:9c:04:42:01:e4:31:94:
5d:d7:99:17
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYGQXOr2cWwuPWFW5TsHXYgqM9lowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwMzZaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxZTM3ZjMzYzQ5ZTljOThkMTA3NzZhYmZiYWJiZjVlNzk4MWEzNmI1MTgz
MDE1MjJiYzkzMGI3NjBjY2M1NDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1crbCk1/7h+ZXTyng6lfKXCG3w0hooHoHYSSlfvVgIvUG2pHY9TkOkcn2z
dn8iDXinMC4f7lVZvm0TBg7Peu6dCHlwXz5j26NqwnVNdfUmpQatNGmj3FEt/jzJ
CREb4YZXMzPiWT88vUQ0rUm93xmb65ppEo1ZEkaU+KY6WrhjvQfV5kwayxxMuYCM
od6b07hcDQ2tXQjw5oyb0afHcpK4hSw5ypziNu6TQcsmLW+dfM8bsAGv7dCoTkzA
LIdJP0Pf2K6g7KVaKBlXuO20U4oy2kZh9JWVxwIlIZVjtHe6wKMmPNmocC+dWaar
mzi5EHRH5gE9Xse8gEwpc65rsokCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTeHbSM
Uj90oguu6XxSIzVS6boNzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTU0NDE1OTYtMTVjNC00ZDAxLThiYmItOTgyNzZmODNlMGFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H3A
wDANBgkqhkiG9w0BAQsFAAOCAQEAMhZyiOqNgbgkM2SaE9YkCi+P7hFpSf8dWW/Y
ZZAYhjrTzUch8ET1YW1OSHkNha3zirqY01nBhmL4H1mUNDcesLfboCOIAncJ37JU
A4zFgts7hrp07CmsNjBL7TMvtGum5mcRODxw5F5XqWD6wQOt5HvfY3k8+lgkzquS
C+RbCyxQ+D9D2DE/1JZW253673kalkCHEE6X8yRyd1Fu2+S7B8U83aiYDsiCH1nf
fx+k2TB5o0QRHgufvEVXhHkElfQfsVHuGcryrrLPyZo82HKzH88lkAASWDBpxuOb
ul9C5ICWcSBBguo4PJXDha9GgGPRE3kypvmcBEIB5DGUXdeZFw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:59:11 2025 by rpki-client