Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed5c7923-af04-4bf1-865e-1ffe0babf916.roa
File: ed5c7923-af04-4bf1-865e-1ffe0babf916.roa (raw, json)
Hash identifier: 3QHPVel1RPoPLJkYxbmEGNg7uQA/XctKAczT1q6qSRU=
Subject key identifier: D5:C0:32:13:A9:FD:4A:6D:BC:C1:45:65:11:35:5A:4C:9A:31:00:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2AE7A92F5980B9C625ACFE3C8DEFE913FD7701D2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed5c7923-af04-4bf1-865e-1ffe0babf916.roa
Signing time: Mon 06 Oct 2025 17:50:56 +0000
ROA not before: Mon 06 Oct 2025 17:50:56 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:e7:a9:2f:59:80:b9:c6:25:ac:fe:3c:8d:ef:e9:13:fd:77:01:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:56 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=7683d1d9fe2ce77d88d882685c81170b1da291144acedfa2f545b38d8d397eac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2b:c0:04:85:d7:e7:7d:9b:f7:ef:cf:e3:5a:
c3:aa:fc:ec:a2:e8:3d:c3:2b:59:0c:c4:57:aa:92:
bb:1e:e7:35:fc:3c:6e:1c:95:41:38:d8:ce:24:83:
b3:10:72:c9:9b:16:ff:0c:b6:a2:b0:86:06:77:5f:
5f:39:5f:bb:3a:aa:07:06:4f:71:f1:49:0e:c3:08:
ed:83:2b:02:b5:a8:f8:75:21:6c:2f:86:79:c8:e0:
91:84:c1:00:a0:fd:d7:5e:d0:f8:0c:a9:2a:32:d3:
fd:e2:09:dd:38:84:76:7d:1f:37:dd:2e:33:93:7c:
bf:ad:9a:f0:c3:d5:8d:ff:74:7f:ae:4b:51:77:c7:
21:fd:13:91:76:d9:59:d3:02:cd:b1:20:b9:e3:c0:
00:b3:df:88:80:3a:e4:1d:7b:eb:72:aa:7b:b9:c5:
b4:a0:3d:30:f3:9d:2b:83:5b:d7:3f:41:09:84:8b:
f2:a1:28:b5:b3:aa:8c:0d:a9:5f:02:99:41:67:ab:
79:26:ce:c7:d5:a8:42:de:09:fd:05:3f:f8:40:3c:
9b:01:b3:0d:d6:4d:a7:98:83:f2:bf:bb:0a:59:f0:
8d:85:24:79:22:28:09:a1:a8:a5:0b:f3:36:10:76:
fe:24:5c:7d:32:f6:b9:63:f2:52:47:2d:ef:df:64:
46:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C0:32:13:A9:FD:4A:6D:BC:C1:45:65:11:35:5A:4C:9A:31:00:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed5c7923-af04-4bf1-865e-1ffe0babf916.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:6080::/48
Signature Algorithm: sha256WithRSAEncryption
04:a2:84:72:c6:40:d5:04:a4:c9:54:0d:bc:b7:8b:02:5e:7e:
6a:f0:03:36:8a:8c:ca:21:f8:59:22:b5:81:18:ba:22:3d:24:
e6:aa:56:47:3c:bd:ed:5f:23:45:4e:21:1e:44:2c:dc:b4:f8:
f1:a3:e0:4d:df:7f:f7:65:6e:09:56:d8:2d:5d:d1:77:4e:bd:
b3:9e:89:4e:b3:c6:61:4c:e9:f7:75:2d:49:3c:3f:88:32:c4:
89:70:18:0f:5b:d8:4d:6a:4d:c9:35:39:88:1c:a0:47:0a:e1:
e4:20:e1:8f:38:58:52:fa:3b:eb:11:16:69:5a:fc:0b:ee:61:
c8:e6:40:f2:dd:0f:1b:31:bb:48:de:5d:25:75:bf:a1:2d:e5:
20:cc:bb:8d:4f:fc:45:25:a0:1a:50:d4:ab:d4:5d:b7:5a:ae:
db:bd:c5:85:8e:84:14:df:fa:8a:95:95:0a:f1:db:99:9f:8a:
b3:7d:c9:d4:59:a2:eb:13:5d:14:d1:3e:b6:fd:35:e6:0c:f5:
37:6e:27:29:78:ac:72:66:fe:0a:37:e1:0e:d2:74:14:0f:df:
72:ab:7a:a7:2c:11:ec:0a:aa:25:c4:b0:0f:c0:60:bc:24:9f:
22:d1:e8:65:80:5f:ac:ce:ed:e4:e0:3f:36:d0:09:ce:0f:fc:
7f:de:10:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKuepL1mAucYlrP48je/pE/13AdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwNTZaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2ODNkMWQ5ZmUyY2U3N2Q4OGQ4ODI2ODVjODExNzBiMWRhMjkxMTQ0YWNl
ZGZhMmY1NDViMzhkOGQzOTdlYWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMrwASF1+d9m/fvz+Naw6r87KLoPcMrWQzEV6qSux7nNfw8bhyVQTjYziSD
sxByyZsW/wy2orCGBndfXzlfuzqqBwZPcfFJDsMI7YMrArWo+HUhbC+GecjgkYTB
AKD9117Q+AypKjLT/eIJ3TiEdn0fN90uM5N8v62a8MPVjf90f65LUXfHIf0TkXbZ
WdMCzbEguePAALPfiIA65B1763Kqe7nFtKA9MPOdK4Nb1z9BCYSL8qEotbOqjA2p
XwKZQWereSbOx9WoQt4J/QU/+EA8mwGzDdZNp5iD8r+7ClnwjYUkeSIoCaGopQvz
NhB2/iRcfTL2uWPyUkct799kRhkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTVwDIT
qf1KbbzBRWURNVpMmjEAaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWQ1Yzc5MjMtYWYwNC00YmYxLTg2NWUtMWZmZTBiYWJmOTE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H1g
gDANBgkqhkiG9w0BAQsFAAOCAQEABKKEcsZA1QSkyVQNvLeLAl5+avADNoqMyiH4
WSK1gRi6Ij0k5qpWRzy97V8jRU4hHkQs3LT48aPgTd9/92VuCVbYLV3Rd069s56J
TrPGYUzp93UtSTw/iDLEiXAYD1vYTWpNyTU5iBygRwrh5CDhjzhYUvo76xEWaVr8
C+5hyOZA8t0PGzG7SN5dJXW/oS3lIMy7jU/8RSWgGlDUq9Rdt1qu273FhY6EFN/6
ipWVCvHbmZ+Ks33J1Fmi6xNdFNE+tv015gz1N24nKXiscmb+CjfhDtJ0FA/fcqt6
pywR7AqqJcSwD8BgvCSfItHoZYBfrM7t5OA/NtAJzg/8f94Qaw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:32 2025 by rpki-client