Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
File: ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa (raw, json)
Hash identifier: OcjNWrQ+Z7vroGDNt2RLU9LkSFsxSsWltYx6PjGuqAo=
Subject key identifier: 1E:77:15:19:A4:DB:B1:C7:07:FC:2C:AB:37:F4:8F:64:8A:27:F7:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71B64EEDF007D727E08D305AC6D29FB62660ADB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
Signing time: Fri 26 Sep 2025 19:40:55 +0000
ROA not before: Fri 26 Sep 2025 19:40:55 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:b6:4e:ed:f0:07:d7:27:e0:8d:30:5a:c6:d2:9f:b6:26:60:ad:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:40:55 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=78eae4577ccea2927aab1ce4cbe0cc6d7b24c58de844e1f6dc3b18b055b0c782, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:95:ce:1c:af:e2:e8:d7:5a:8f:42:6f:43:0f:
8f:3d:56:52:92:5c:ba:b5:83:6f:42:b0:e8:a1:5b:
51:6d:67:bb:61:08:f9:04:5e:20:ab:d0:5f:b5:6f:
1a:26:69:e0:b2:cb:63:79:46:1b:18:64:c9:4e:e9:
fd:a1:14:91:a7:2f:6d:b4:ac:2a:7f:a4:df:19:79:
7a:23:35:a8:2c:2e:c9:e6:ac:3d:42:20:4a:b5:d8:
18:c4:7f:30:ba:54:b9:b9:7e:e1:f2:60:46:fa:7d:
64:38:96:26:0e:59:29:27:35:5b:45:e0:9c:a9:9b:
6c:37:0f:96:a9:bc:39:ec:d3:5d:d9:5c:d0:13:34:
d8:51:01:05:0a:17:b5:f9:1b:3f:59:c6:4e:9c:8f:
29:6b:9c:f1:ea:aa:b0:f0:67:e9:d2:32:84:6c:b6:
18:21:96:d2:3a:0f:fd:4f:f6:d0:9b:85:0b:94:03:
22:93:10:2a:23:26:ec:1e:e8:7b:1c:1a:c1:27:75:
f3:21:ff:3a:82:bc:0b:5e:5e:1e:03:3e:96:82:ee:
b6:24:f7:f5:a4:86:c6:e3:bf:6f:3d:ac:e5:0d:c9:
e8:24:12:1c:ec:9a:42:92:8e:b4:5b:0b:c8:6d:a8:
3b:18:a8:9c:e2:21:89:6c:1c:da:55:7f:2c:88:b6:
a9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:77:15:19:A4:DB:B1:C7:07:FC:2C:AB:37:F4:8F:64:8A:27:F7:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:5000::/40
Signature Algorithm: sha256WithRSAEncryption
60:3f:13:18:84:74:56:2c:07:c2:47:41:62:dc:40:f9:36:93:
45:0e:8f:47:f8:35:cf:2c:77:61:d7:45:2e:c6:07:c6:fb:12:
89:fb:f7:3c:fc:c6:11:47:c3:54:ce:23:7b:5f:6b:67:b0:4c:
0b:11:70:bd:10:d6:b7:2b:16:e7:b5:90:b1:f8:3e:8b:58:89:
83:5e:f9:3a:c5:64:e6:7c:51:05:68:72:6b:cf:96:55:96:89:
39:f7:97:c3:5d:0b:ed:80:c8:55:69:5f:db:52:16:62:02:5d:
87:0d:95:43:8a:c5:b0:42:66:3f:f4:03:61:56:d2:f9:93:d2:
70:28:32:5d:5e:72:5d:45:85:57:61:dd:e8:29:18:38:2d:97:
20:d2:29:f4:97:72:4f:4d:fa:42:57:9a:b6:ca:62:17:0a:55:
32:4b:d5:df:c8:aa:f8:fa:d2:e8:4b:52:e2:fd:0b:ef:8e:b9:
8c:2c:62:b1:dd:40:c1:50:ec:ff:07:78:ab:31:29:b3:f7:5b:
ef:cf:3e:dd:2f:79:d2:95:3c:c7:0c:0f:e2:f4:ac:8b:bf:d1:
1f:4f:09:ae:b9:de:a2:44:5f:bd:ba:f5:1d:73:fe:be:d5:4c:
db:8c:48:3f:3d:78:8a:ef:64:4c:6b:b9:f9:d2:80:67:6a:3b:
d5:ef:8c:15
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcbZO7fAH1yfgjTBaxtKftiZgrbcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQwNTVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4ZWFlNDU3N2NjZWEyOTI3YWFiMWNlNGNiZTBjYzZkN2IyNGM1OGRlODQ0
ZTFmNmRjM2IxOGIwNTViMGM3ODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJSVzhyv4ujXWo9Cb0MPjz1WUpJcurWDb0Kw6KFbUW1nu2EI+QReIKvQX7Vv
GiZp4LLLY3lGGxhkyU7p/aEUkacvbbSsKn+k3xl5eiM1qCwuyeasPUIgSrXYGMR/
MLpUubl+4fJgRvp9ZDiWJg5ZKSc1W0XgnKmbbDcPlqm8OezTXdlc0BM02FEBBQoX
tfkbP1nGTpyPKWuc8eqqsPBn6dIyhGy2GCGW0joP/U/20JuFC5QDIpMQKiMm7B7o
exwawSd18yH/OoK8C15eHgM+loLutiT39aSGxuO/bz2s5Q3J6CQSHOyaQpKOtFsL
yG2oOxionOIhiWwc2lV/LIi2qRMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQedxUZ
pNuxxwf8LKs39I9kiif3pjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWExMGRhYzUtMzJjZS00YWFmLTgyOTctZmZkMWRiYzg1MjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBgPxMYhHRWLAfCR0Fi3ED5NpNFDo9H+DXPLHdh
10UuxgfG+xKJ+/c8/MYRR8NUziN7X2tnsEwLEXC9ENa3KxbntZCx+D6LWImDXvk6
xWTmfFEFaHJrz5ZVlok595fDXQvtgMhVaV/bUhZiAl2HDZVDisWwQmY/9ANhVtL5
k9JwKDJdXnJdRYVXYd3oKRg4LZcg0in0l3JPTfpCV5q2ymIXClUyS9XfyKr4+tLo
S1Li/QvvjrmMLGKx3UDBUOz/B3irMSmz91vvzz7dL3nSlTzHDA/i9KyLv9EfTwmu
ud6iRF+9uvUdc/6+1UzbjEg/PXiK72RMa7n50oBnajvV74wV
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:57 2025 by rpki-client