Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea558c9c-d0cf-4cf0-99cc-884d490bd330.roa
File: ea558c9c-d0cf-4cf0-99cc-884d490bd330.roa (raw, json)
Hash identifier: 8F6YU7umNSeupaYfRCbvKdwf6mBe02lXJYMeeTaWgcw=
Subject key identifier: F3:1C:F5:16:35:3A:1C:30:17:95:B3:37:DC:AE:B2:9F:7E:E2:F7:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17DA13D4AB936B10528721C1DC96AF4495859271
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea558c9c-d0cf-4cf0-99cc-884d490bd330.roa
Signing time: Mon 06 Oct 2025 18:10:01 +0000
ROA not before: Mon 06 Oct 2025 18:10:01 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:1040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:da:13:d4:ab:93:6b:10:52:87:21:c1:dc:96:af:44:95:85:92:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:10:01 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=cdc359e262d37a6e091e9e84617dcddfaf9c96de2ee9a1c97190876a605b7d34, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:af:bd:74:f9:91:48:23:a5:9c:4f:5e:4b:72:
1e:5f:15:55:a9:f8:4e:08:c1:d9:f9:2a:4e:21:57:
6e:d8:e4:6e:15:bb:6c:bc:a8:c6:90:48:8e:3c:9f:
08:47:29:bb:69:cf:9d:36:6c:fb:bd:b1:67:7c:c0:
b9:29:3d:14:3e:e6:65:c9:37:35:fe:aa:20:3e:0b:
63:9f:07:01:a6:21:78:cf:87:14:cd:46:7e:bc:ab:
0f:9c:7e:1f:b2:8e:bf:29:26:7a:86:d7:55:9a:3c:
14:0c:75:b6:ca:27:53:3a:27:82:e0:10:2b:c5:94:
9d:15:0d:ec:67:49:2b:1d:d7:4e:47:d7:12:74:7c:
ef:df:65:77:3f:9c:0b:f5:52:ed:00:77:56:31:97:
c7:f9:a4:cc:1c:32:42:f4:01:2c:28:67:43:9f:d9:
e5:51:09:8f:ec:81:f5:57:ee:83:eb:0e:41:4b:95:
5b:22:27:3a:e2:52:84:9d:cd:0c:f3:24:12:f9:2d:
4b:74:11:08:14:6c:79:53:0f:c9:84:7c:12:cb:43:
a3:5f:74:12:70:97:2c:ba:d6:58:fe:7f:7d:87:0e:
3a:54:8e:9b:0b:65:82:24:fd:70:38:18:dc:7a:14:
73:42:4e:84:44:b0:72:42:95:5d:05:20:5e:1e:4f:
61:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:1C:F5:16:35:3A:1C:30:17:95:B3:37:DC:AE:B2:9F:7E:E2:F7:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea558c9c-d0cf-4cf0-99cc-884d490bd330.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:1040::/46
Signature Algorithm: sha256WithRSAEncryption
73:7f:9e:48:e4:d8:87:4e:52:5f:a7:f6:ea:be:6e:3d:3b:98:
f7:28:0c:a9:5d:db:2f:1c:e4:0d:62:93:48:42:8f:bd:34:11:
56:16:b9:b1:78:0f:09:5c:d0:ce:96:b3:0a:70:dc:f3:05:18:
c3:5a:82:2f:f2:aa:1c:63:94:70:84:5e:3a:5e:d9:ce:15:a6:
e3:2a:1f:d8:9e:8c:89:c6:34:51:15:a1:7c:df:da:e0:c8:a7:
84:9b:c5:9b:52:e7:f8:bf:5f:27:c7:7d:c6:25:75:4c:e2:47:
9d:c2:65:90:2c:b7:58:41:3f:7e:4b:45:e6:3e:49:4b:b8:ed:
d2:7f:61:1b:fa:65:fd:2f:9c:b1:16:5e:d1:ff:af:81:ac:0c:
93:14:93:f1:c0:44:ff:2d:b7:7f:85:2b:85:47:68:52:30:d0:
aa:2e:0b:4b:21:8a:5f:6b:d2:91:11:b1:2a:b2:c0:c6:6e:19:
83:d6:9c:ea:91:83:52:a7:81:12:cf:b8:d7:5c:66:a5:db:40:
9b:dd:d8:ca:1c:1c:a3:09:0b:d2:46:63:41:fc:25:f0:46:ad:
d5:07:63:4d:ee:68:d4:48:03:bc:22:dd:56:8e:b1:4a:be:bc:
09:2e:02:fd:f4:52:0b:d5:da:f0:14:90:27:ec:3f:3c:1a:8b:
d0:da:02:e2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUF9oT1KuTaxBShyHB3JavRJWFknEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODEwMDFaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkYzM1OWUyNjJkMzdhNmUwOTFlOWU4NDYxN2RjZGRmYWY5Yzk2ZGUyZWU5
YTFjOTcxOTA4NzZhNjA1YjdkMzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWvvXT5kUgjpZxPXktyHl8VVan4TgjB2fkqTiFXbtjkbhW7bLyoxpBIjjyf
CEcpu2nPnTZs+72xZ3zAuSk9FD7mZck3Nf6qID4LY58HAaYheM+HFM1GfryrD5x+
H7KOvykmeobXVZo8FAx1tsonUzonguAQK8WUnRUN7GdJKx3XTkfXEnR8799ldz+c
C/VS7QB3VjGXx/mkzBwyQvQBLChnQ5/Z5VEJj+yB9Vfug+sOQUuVWyInOuJShJ3N
DPMkEvktS3QRCBRseVMPyYR8EstDo190EnCXLLrWWP5/fYcOOlSOmwtlgiT9cDgY
3HoUc0JOhESwckKVXQUgXh5PYS0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTzHPUW
NTocMBeVszfcrrKffuL3mjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWE1NThjOWMtZDBjZi00Y2YwLTk5Y2MtODg0ZDQ5MGJkMzMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAc3+eSOTYh05SX6f26r5uPTuY9ygMqV3bLxzk
DWKTSEKPvTQRVha5sXgPCVzQzpazCnDc8wUYw1qCL/KqHGOUcIReOl7ZzhWm4yof
2J6MicY0URWhfN/a4MinhJvFm1Ln+L9fJ8d9xiV1TOJHncJlkCy3WEE/fktF5j5J
S7jt0n9hG/pl/S+csRZe0f+vgawMkxST8cBE/y23f4UrhUdoUjDQqi4LSyGKX2vS
kRGxKrLAxm4Zg9ac6pGDUqeBEs+411xmpdtAm93YyhwcowkL0kZjQfwl8Eat1Qdj
Te5o1EgDvCLdVo6xSr68CS4C/fRSC9Xa8BSQJ+w/PBqL0NoC4g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:33 2025 by rpki-client