Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
File: e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa (raw, json)
Hash identifier: 0ZrAnf3cPQxAVs9v6Tr0kiJpn/ZMCZ0r0DVIMRn7zdg=
Subject key identifier: C5:45:5D:DB:96:4B:71:6A:DF:43:32:EE:B2:EA:34:54:AA:53:B2:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C90C2259CA7E2085A1976F6C3347A9B86C63FBF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
Signing time: Fri 26 Sep 2025 19:21:16 +0000
ROA not before: Fri 26 Sep 2025 19:21:16 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:90:c2:25:9c:a7:e2:08:5a:19:76:f6:c3:34:7a:9b:86:c6:3f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:21:16 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=4758771a4d81db8500e989243dabf2bd52e361c522a0cdb3bf83ff77f86a2da3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f5:c8:8a:51:6d:bb:9f:d8:6e:97:ac:63:29:
66:f8:72:38:cf:93:e4:3f:4a:a8:d0:77:e5:f1:3c:
9f:8a:c4:2f:35:e1:4e:45:48:79:73:cd:a6:01:ec:
92:17:08:84:00:2b:92:2a:6f:af:65:43:99:06:4f:
11:7d:40:c6:8d:7d:8c:87:a2:ef:15:a7:60:84:95:
ac:6e:dd:d2:d9:91:fe:0f:91:36:a9:f4:b0:cf:86:
89:90:30:55:8a:9b:ed:62:85:0a:57:8c:16:ca:2a:
bb:a1:9c:a2:b9:55:08:46:a1:d6:69:56:64:62:ac:
a1:71:01:5e:73:64:c6:4f:93:cd:0f:f3:0c:41:36:
6f:3f:2d:ee:10:d0:07:17:b7:85:13:80:96:3e:3d:
e4:4f:36:37:5d:c4:a9:45:8b:b2:81:f2:2a:b0:a3:
e2:43:73:fb:90:6b:13:18:cc:b2:47:24:e6:09:e4:
58:39:80:b0:51:40:c7:94:ee:b5:3f:f8:87:04:63:
84:7a:62:ef:53:26:e2:7e:0a:b6:da:32:c5:0c:35:
9f:e3:f8:2f:e9:0a:a2:fd:37:38:6b:27:88:e4:a8:
c8:d1:f4:37:a4:ba:c7:66:0c:f3:da:1c:62:09:41:
06:2b:73:02:a6:00:e7:fb:72:df:0e:c3:51:f5:a9:
ec:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:45:5D:DB:96:4B:71:6A:DF:43:32:EE:B2:EA:34:54:AA:53:B2:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:c000::/40
Signature Algorithm: sha256WithRSAEncryption
96:3e:61:f3:8c:88:d3:09:09:5d:cb:c6:9a:75:a8:ac:5c:52:
4f:2e:46:b6:34:37:cc:3e:4d:fd:3c:88:a3:8d:6e:76:7f:20:
48:ec:d6:bc:56:ad:10:50:4f:8f:2b:08:e4:8e:a4:9d:f2:25:
b7:7a:ad:74:96:26:a3:57:9c:a5:60:56:71:66:d3:be:4f:bb:
10:e3:76:ee:5f:ef:06:6d:99:37:31:ba:fc:71:a9:02:35:2a:
3d:5a:1b:43:8c:5e:2a:17:d6:18:ab:77:ec:b2:56:6a:ac:27:
eb:ef:d9:44:a2:03:f1:0c:9d:af:94:e3:87:73:e4:99:6f:8f:
6f:0b:9f:5a:83:91:49:c1:fa:16:d0:df:e0:74:fe:16:8b:27:
b8:40:49:6b:83:97:8b:12:1c:cb:fe:6b:23:dc:48:30:36:43:
66:9b:ad:9f:8f:cd:f8:ae:62:f9:02:e6:32:c6:c7:e9:8c:01:
4a:57:7f:5b:b7:50:7a:00:02:1c:31:9c:df:fd:d4:43:77:a5:
fd:ea:a7:06:8f:0f:9d:67:e5:05:27:a8:f8:79:22:17:ac:b5:
8e:2e:3e:b1:35:8c:d7:ee:c8:88:c0:92:be:39:a5:c7:8d:f5:
35:a0:51:62:94:c1:64:1b:64:03:8c:b4:39:30:83:ed:d5:d1:
40:fb:b2:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULJDCJZyn4ghaGXb2wzR6m4bGP78wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTIxMTZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3NTg3NzFhNGQ4MWRiODUwMGU5ODkyNDNkYWJmMmJkNTJlMzYxYzUyMmEw
Y2RiM2JmODNmZjc3Zjg2YTJkYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALf1yIpRbbuf2G6XrGMpZvhyOM+T5D9KqNB35fE8n4rELzXhTkVIeXPNpgHs
khcIhAArkipvr2VDmQZPEX1Axo19jIei7xWnYISVrG7d0tmR/g+RNqn0sM+GiZAw
VYqb7WKFCleMFsoqu6GcorlVCEah1mlWZGKsoXEBXnNkxk+TzQ/zDEE2bz8t7hDQ
Bxe3hROAlj495E82N13EqUWLsoHyKrCj4kNz+5BrExjMskck5gnkWDmAsFFAx5Tu
tT/4hwRjhHpi71Mm4n4KttoyxQw1n+P4L+kKov03OGsniOSoyNH0N6S6x2YM89oc
YglBBitzAqYA5/ty3w7DUfWp7GkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFRV3b
lktxat9DMu6y6jRUqlOyzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTZhYzBkZWYtODMzZi00ZTFiLWE3NWQtMmQxZmIzYjhjM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7A
MA0GCSqGSIb3DQEBCwUAA4IBAQCWPmHzjIjTCQldy8aadaisXFJPLka2NDfMPk39
PIijjW52fyBI7Na8Vq0QUE+PKwjkjqSd8iW3eq10liajV5ylYFZxZtO+T7sQ43bu
X+8GbZk3Mbr8cakCNSo9WhtDjF4qF9YYq3fsslZqrCfr79lEogPxDJ2vlOOHc+SZ
b49vC59ag5FJwfoW0N/gdP4Wiye4QElrg5eLEhzL/msj3EgwNkNmm62fj834rmL5
AuYyxsfpjAFKV39bt1B6AAIcMZzf/dRDd6X96qcGjw+dZ+UFJ6j4eSIXrLWOLj6x
NYzX7siIwJK+OaXHjfU1oFFilMFkG2QDjLQ5MIPt1dFA+7KZ
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:21 2025 by rpki-client