Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
File: ed0f44c7-c286-45c9-9156-5644f580ab41.roa (raw, json)
Hash identifier: PtoFTRFWleacTOFlTrqthoyzTGKDqCq1OKmHpbpgHlg=
Subject key identifier: 49:D6:03:FE:E5:E6:3D:71:16:0A:31:85:54:85:F6:3C:26:64:6E:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C0D42F19D2C21472FA04A22950E64EE05EA041F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
Signing time: Fri 26 Sep 2025 19:38:50 +0000
ROA not before: Fri 26 Sep 2025 19:38:50 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:0d:42:f1:9d:2c:21:47:2f:a0:4a:22:95:0e:64:ee:05:ea:04:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:38:50 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a452019bc0060bd5b6a5ac63ed1c8de4bec40e31b211150ef86cde190f99a52c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6f:8f:2c:4b:2a:ea:2b:a9:98:a3:59:76:2e:
68:1b:9d:96:44:75:9d:d9:83:45:f5:5c:77:f2:38:
b9:25:eb:ca:87:10:a3:08:86:76:3d:8d:22:53:1f:
fa:40:4a:a2:60:c4:a1:d6:09:51:4b:f4:d5:77:6b:
55:18:aa:5d:4f:8b:7a:2c:2c:ef:64:94:57:ee:d0:
ef:ff:6f:54:8f:f7:ee:4c:f8:8b:38:d1:63:b9:45:
39:aa:dd:68:67:bf:df:30:59:6d:4d:c5:ca:42:13:
31:7d:1f:8e:af:54:a1:df:26:fb:25:fb:cd:6e:8d:
52:e7:17:63:83:ed:ea:d6:c1:1d:78:ae:19:d2:c9:
26:40:19:c6:0f:1b:e4:af:84:40:83:cc:9c:a8:85:
4f:92:29:bb:2b:93:8f:b8:24:fc:11:12:9b:e1:e1:
85:a2:10:ac:e9:71:4e:8a:a8:07:fd:4f:d3:e8:c0:
56:63:6c:96:d8:35:50:fc:a2:3c:ee:60:61:9f:0e:
a1:6c:2f:e5:47:9d:5a:00:b7:d6:0e:34:41:ff:54:
2a:69:c7:1d:0b:71:72:03:59:ad:4b:54:a8:67:06:
cc:00:7f:f8:7b:93:3b:bd:b5:e2:e4:a4:f5:7d:eb:
19:47:3c:8b:64:f5:f5:5a:db:0c:ef:1b:79:cc:a5:
23:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D6:03:FE:E5:E6:3D:71:16:0A:31:85:54:85:F6:3C:26:64:6E:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:b000::/40
Signature Algorithm: sha256WithRSAEncryption
54:18:cd:51:40:e6:c0:0f:1e:a7:b2:ed:78:01:4b:d6:47:dd:
62:cb:50:90:88:78:e9:d0:41:46:ad:d4:e5:ae:18:aa:b1:60:
4f:2f:4c:cb:25:18:5c:5a:e4:72:b0:63:58:f3:41:45:e0:82:
17:fc:25:c2:b8:63:f7:9d:c9:89:35:81:be:0e:80:3a:12:a9:
ac:79:3c:e9:48:99:83:10:ba:ee:4c:66:0b:b8:d0:ac:1b:32:
b5:fc:ef:a4:a0:50:44:f7:60:03:58:fc:31:92:93:36:1e:8a:
ca:6d:8c:85:72:19:0b:eb:33:d8:c9:2b:a9:3a:da:42:fc:de:
48:21:6c:61:26:0c:80:3b:f4:6b:71:1c:f1:ef:14:f7:2d:ed:
ab:b6:ce:77:72:73:13:c4:71:d0:4b:1d:2b:f2:a2:bc:51:d5:
2c:28:3f:7e:11:e2:ba:35:39:6a:b0:e9:d4:97:d3:c1:06:63:
8f:0d:69:cb:4a:3e:61:1f:68:15:17:cd:1f:1c:55:c1:bd:97:
02:47:aa:e6:95:20:cd:54:81:d8:b4:ce:f1:c1:5a:f5:4f:d7:
f0:96:b4:ed:8c:26:3a:22:3a:9c:08:1f:66:6f:b1:85:68:2a:
76:33:7a:a6:96:13:92:8a:6d:e8:fd:b4:c3:e1:8a:4f:f1:be:
d2:e9:0b:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXA1C8Z0sIUcvoEoilQ5k7gXqBB8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTM4NTBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0NTIwMTliYzAwNjBiZDViNmE1YWM2M2VkMWM4ZGU0YmVjNDBlMzFiMjEx
MTUwZWY4NmNkZTE5MGY5OWE1MmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOhvjyxLKuorqZijWXYuaBudlkR1ndmDRfVcd/I4uSXryocQowiGdj2NIlMf
+kBKomDEodYJUUv01XdrVRiqXU+Leiws72SUV+7Q7/9vVI/37kz4izjRY7lFOard
aGe/3zBZbU3FykITMX0fjq9Uod8m+yX7zW6NUucXY4Pt6tbBHXiuGdLJJkAZxg8b
5K+EQIPMnKiFT5IpuyuTj7gk/BESm+HhhaIQrOlxToqoB/1P0+jAVmNsltg1UPyi
PO5gYZ8OoWwv5UedWgC31g40Qf9UKmnHHQtxcgNZrUtUqGcGzAB/+HuTO7214uSk
9X3rGUc8i2T19VrbDO8becylI48CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJ1gP+
5eY9cRYKMYVUhfY8JmRucDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWQwZjQ0YzctYzI4Ni00NWM5LTkxNTYtNTY0NGY1ODBhYjQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fiw
MA0GCSqGSIb3DQEBCwUAA4IBAQBUGM1RQObADx6nsu14AUvWR91iy1CQiHjp0EFG
rdTlrhiqsWBPL0zLJRhcWuRysGNY80FF4IIX/CXCuGP3ncmJNYG+DoA6EqmseTzp
SJmDELruTGYLuNCsGzK1/O+koFBE92ADWPwxkpM2HorKbYyFchkL6zPYySupOtpC
/N5IIWxhJgyAO/RrcRzx7xT3Le2rts53cnMTxHHQSx0r8qK8UdUsKD9+EeK6NTlq
sOnUl9PBBmOPDWnLSj5hH2gVF80fHFXBvZcCR6rmlSDNVIHYtM7xwVr1T9fwlrTt
jCY6IjqcCB9mb7GFaCp2M3qmlhOSim3o/bTD4YpP8b7S6Qui
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:12 2025 by rpki-client