Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
File: e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa (raw, json)
Hash identifier: MF1OLa3edKWfWGPwUIFDys1x7cVk7d9VLAtx+rp8wso=
Subject key identifier: 7C:1D:0D:91:74:39:2F:B0:E7:34:4D:55:CB:72:3B:D2:E9:21:F0:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2943C067131CDF01BC6D4AD15F6601235EC14356
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
Signing time: Fri 17 Oct 2025 21:10:17 +0000
ROA not before: Fri 17 Oct 2025 21:10:17 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:43:c0:67:13:1c:df:01:bc:6d:4a:d1:5f:66:01:23:5e:c1:43:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 17 21:10:17 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=16018a68781b0596d665af1802086be1457aa0cf33b32b41f547873aaecabf86, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d6:0e:7b:5c:18:6d:c1:18:e9:b1:0f:f0:91:
00:40:e9:4d:a5:19:b0:ac:7d:2f:93:87:c7:fa:07:
d3:01:ca:56:e9:14:f6:01:18:2b:8c:51:62:db:ff:
ea:98:fc:2a:cd:40:2c:62:8d:aa:08:fa:0b:39:81:
fb:5f:58:65:87:70:34:bd:44:8a:05:a0:27:8d:9c:
87:6e:89:2f:e0:3f:df:2a:8e:53:a2:11:8e:44:52:
ab:56:67:46:85:25:a0:86:6c:3f:6d:3d:de:04:af:
3d:8b:2a:a1:a5:a6:09:7a:55:37:db:ac:df:29:c1:
7f:5d:8f:3a:af:b6:60:c7:17:88:e2:a4:62:2a:78:
6d:76:b5:39:68:ef:ff:e0:fd:2e:b6:bb:1c:b6:a3:
38:c7:3c:93:1f:53:cf:18:46:7f:f1:83:aa:f3:35:
47:d5:5b:e9:4c:c3:a1:6c:2c:35:3f:ac:e7:f9:bf:
9f:5c:25:d7:d4:9a:19:2a:ea:a8:89:b9:f4:17:db:
cf:e5:6f:f6:58:cd:b8:a2:4a:fe:5d:64:07:84:3e:
d9:b0:5e:f2:96:a5:5d:da:a0:c2:39:4d:58:0c:7a:
23:e5:31:ec:5f:62:96:53:87:a3:32:a9:1f:6c:09:
e6:1a:cd:8b:a6:fb:e5:29:ad:81:6b:5f:b3:3a:4d:
bd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:1D:0D:91:74:39:2F:B0:E7:34:4D:55:CB:72:3B:D2:E9:21:F0:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/40
Signature Algorithm: sha256WithRSAEncryption
a4:76:62:69:13:e5:0f:e7:d8:fb:18:25:ab:13:a7:82:74:eb:
44:b0:65:80:ba:c4:7d:86:7f:55:a8:a3:4a:1f:ec:e0:a6:92:
e6:69:db:c9:cf:2f:05:9a:20:28:c4:7e:29:25:2e:0a:69:f6:
7c:22:e1:4e:fa:06:16:a0:0f:8f:e2:99:d9:0b:8f:51:cb:a5:
44:0d:33:1e:01:43:33:d7:c0:c4:af:d1:8a:9f:e4:3e:35:ad:
df:70:32:e8:2a:54:f0:38:bb:44:7e:2c:ff:67:c9:77:8a:75:
76:7e:a5:37:8f:e1:21:5d:25:ff:b1:9e:c3:82:67:2e:0b:b6:
e0:fe:57:4c:15:2e:ca:32:82:d9:9c:af:0e:07:fd:c1:ff:48:
59:be:6f:38:57:fd:88:c2:fb:63:66:50:61:b1:98:b2:0b:0f:
e6:05:f2:41:d5:7b:33:f1:1e:df:8f:30:f5:97:84:73:59:8b:
6d:e3:73:cf:94:1f:b5:62:cc:88:aa:2e:f4:fa:74:d6:80:33:
39:31:8f:67:60:73:f4:f5:70:68:94:51:32:49:e6:b9:ba:cf:
b4:a7:2c:39:c0:a5:64:f6:c8:03:de:e1:42:71:c2:56:8e:a2:
0b:37:f2:6f:10:16:78:37:25:65:b9:f9:ad:c3:27:d0:b3:99:
87:22:df:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKUPAZxMc3wG8bUrRX2YBI17BQ1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTcyMTEwMTdaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MDE4YTY4NzgxYjA1OTZkNjY1YWYxODAyMDg2YmUxNDU3YWEwY2YzM2Iz
MmI0MWY1NDc4NzNhYWVjYWJmODYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/WDntcGG3BGOmxD/CRAEDpTaUZsKx9L5OHx/oH0wHKVukU9gEYK4xRYtv/
6pj8Ks1ALGKNqgj6CzmB+19YZYdwNL1EigWgJ42ch26JL+A/3yqOU6IRjkRSq1Zn
RoUloIZsP2093gSvPYsqoaWmCXpVN9us3ynBf12POq+2YMcXiOKkYip4bXa1OWjv
/+D9Lra7HLajOMc8kx9TzxhGf/GDqvM1R9Vb6UzDoWwsNT+s5/m/n1wl19SaGSrq
qIm59Bfbz+Vv9ljNuKJK/l1kB4Q+2bBe8palXdqgwjlNWAx6I+Ux7F9illOHozKp
H2wJ5hrNi6b75SmtgWtfszpNvXUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR8HQ2R
dDkvsOc0TVXLcjvS6SHw4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTYxNWZlYTMtMzgyNi00YzU5LTk1NzQtNzJmYjZjYzhmMmVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hag
MA0GCSqGSIb3DQEBCwUAA4IBAQCkdmJpE+UP59j7GCWrE6eCdOtEsGWAusR9hn9V
qKNKH+zgppLmadvJzy8FmiAoxH4pJS4KafZ8IuFO+gYWoA+P4pnZC49Ry6VEDTMe
AUMz18DEr9GKn+Q+Na3fcDLoKlTwOLtEfiz/Z8l3inV2fqU3j+EhXSX/sZ7Dgmcu
C7bg/ldMFS7KMoLZnK8OB/3B/0hZvm84V/2IwvtjZlBhsZiyCw/mBfJB1Xsz8R7f
jzD1l4RzWYtt43PPlB+1YsyIqi70+nTWgDM5MY9nYHP09XBolFEySea5us+0pyw5
wKVk9sgD3uFCccJWjqILN/JvEBZ4NyVlufmtwyfQs5mHIt/n
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:40 2025 by rpki-client