Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
File: eb69b216-60d5-4f56-b2b8-3401f331f31e.roa (raw, json)
Hash identifier: giTRAgakVh8Z9F7pp05ZqvvBCWOEkwXTphyZgjj+Nl4=
Subject key identifier: EB:8D:F5:12:5E:D3:FF:27:86:27:DB:B1:E2:E8:E4:99:7B:85:E6:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 62531BDCE25385E3CAC2FE937D07F5BCA4D98F79
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
Signing time: Fri 26 Sep 2025 19:41:45 +0000
ROA not before: Fri 26 Sep 2025 19:41:45 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:53:1b:dc:e2:53:85:e3:ca:c2:fe:93:7d:07:f5:bc:a4:d9:8f:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:41:45 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=8f6ffca798835546f2042149cb9d8c36ff5bf02c04c3c918e203ca5dcbe52ce7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d8:41:5f:5e:41:77:4f:3d:8c:ee:f7:6a:ff:
c8:1a:b8:a5:70:ce:36:f7:7b:aa:b8:06:16:c3:04:
2f:34:93:f9:2d:0e:49:7a:5b:55:ce:7e:e0:0c:02:
35:2d:6c:ea:1c:ce:8e:30:55:9b:78:9e:7b:f7:81:
95:25:90:8c:2c:38:ab:d9:61:1c:96:01:4e:b9:15:
39:9d:5c:87:c3:d1:65:7a:df:53:f0:7b:e0:78:ca:
04:9b:ea:b5:3b:db:8a:1d:99:a9:bf:f6:c1:99:c4:
11:0b:0e:5c:83:7a:75:71:ae:a9:56:1e:c8:94:1f:
8a:c8:7f:f6:7e:88:da:7d:37:f4:75:d2:43:59:9f:
63:7d:2c:27:5f:0e:a2:58:0b:2d:62:3a:13:1f:10:
f1:1b:f0:ee:14:de:15:4a:91:82:46:7d:0d:e0:dd:
47:b3:ac:4c:70:d2:90:bf:2d:cd:8f:e2:5e:7d:ff:
cc:49:16:82:dd:c5:e5:e0:39:91:7c:cd:04:c8:f1:
2e:44:36:90:5c:55:f7:f3:82:6e:0a:c2:08:2a:7f:
99:f3:f0:12:b0:64:15:c7:a2:46:f8:99:f5:1c:06:
21:c6:e6:45:20:d5:d1:02:ea:b4:a7:f1:3d:d1:4d:
1a:6e:aa:82:39:47:c8:34:79:30:17:03:f3:8e:61:
99:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:8D:F5:12:5E:D3:FF:27:86:27:DB:B1:E2:E8:E4:99:7B:85:E6:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
1e:71:13:b7:c3:ce:c6:3c:d4:21:e5:66:ec:7e:0f:01:56:8b:
42:cf:1d:8c:e4:12:cd:f5:5a:aa:0c:56:60:e0:29:ad:69:0a:
ff:e2:7e:01:f3:17:db:a1:09:78:12:28:97:b0:e0:a4:d1:eb:
72:50:46:25:ca:3b:44:c0:12:7d:88:5a:93:51:63:70:82:c8:
40:52:96:d5:68:01:8c:81:ac:fd:53:c1:72:25:7a:52:f0:65:
d6:b0:78:12:bd:b6:2c:06:ec:a9:00:73:09:d6:00:ec:47:62:
57:f9:a8:ef:bd:b1:2b:7d:1a:0f:6c:8d:4f:23:ed:66:b3:6a:
40:ee:70:ae:89:3f:4a:dd:dd:c3:19:b1:d5:b6:5e:03:1e:d1:
a4:e2:f2:a0:2e:5d:48:f4:c3:4e:89:c1:b9:c2:b7:59:0b:df:
44:d3:cc:2c:1e:36:5c:5a:1d:6d:a1:7d:6e:2d:ff:c4:8c:ff:
1c:f8:63:28:39:8a:56:0c:a2:9f:c7:64:cc:9c:d2:18:0a:1a:
39:75:27:6c:a6:97:c6:a2:0f:a9:73:f0:42:b1:fc:23:8b:36:
f4:69:06:8d:29:d9:84:6d:fb:64:cd:3c:7a:13:b8:aa:61:ef:
86:05:56:7d:95:29:0b:ae:91:bb:17:dd:60:94:94:e9:2f:2b:
cd:a5:ae:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYlMb3OJThePKwv6TfQf1vKTZj3kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQxNDVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmNmZmY2E3OTg4MzU1NDZmMjA0MjE0OWNiOWQ4YzM2ZmY1YmYwMmMwNGMz
YzkxOGUyMDNjYTVkY2JlNTJjZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjYQV9eQXdPPYzu92r/yBq4pXDONvd7qrgGFsMELzST+S0OSXpbVc5+4AwC
NS1s6hzOjjBVm3iee/eBlSWQjCw4q9lhHJYBTrkVOZ1ch8PRZXrfU/B74HjKBJvq
tTvbih2Zqb/2wZnEEQsOXIN6dXGuqVYeyJQfish/9n6I2n039HXSQ1mfY30sJ18O
olgLLWI6Ex8Q8Rvw7hTeFUqRgkZ9DeDdR7OsTHDSkL8tzY/iXn3/zEkWgt3F5eA5
kXzNBMjxLkQ2kFxV9/OCbgrCCCp/mfPwErBkFceiRviZ9RwGIcbmRSDV0QLqtKfx
PdFNGm6qgjlHyDR5MBcD845hmX0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTrjfUS
XtP/J4Yn27Hi6OSZe4XmOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWI2OWIyMTYtNjBkNS00ZjU2LWIyYjgtMzQwMWYzMzFmMzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HpA
MA0GCSqGSIb3DQEBCwUAA4IBAQAecRO3w87GPNQh5Wbsfg8BVotCzx2M5BLN9Vqq
DFZg4CmtaQr/4n4B8xfboQl4EiiXsOCk0etyUEYlyjtEwBJ9iFqTUWNwgshAUpbV
aAGMgaz9U8FyJXpS8GXWsHgSvbYsBuypAHMJ1gDsR2JX+ajvvbErfRoPbI1PI+1m
s2pA7nCuiT9K3d3DGbHVtl4DHtGk4vKgLl1I9MNOicG5wrdZC99E08wsHjZcWh1t
oX1uLf/EjP8c+GMoOYpWDKKfx2TMnNIYCho5dSdsppfGog+pc/BCsfwjizb0aQaN
KdmEbftkzTx6E7iqYe+GBVZ9lSkLrpG7F91glJTpLyvNpa5B
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:44 2025 by rpki-client