Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
File: eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa (raw, json)
Hash identifier: M2p0SYl60CHPr015kiyMt9Uj8ptRTe75UkbTL/REJG4=
Subject key identifier: 60:42:0B:0F:EB:5E:79:FE:5A:E1:6F:EA:A7:B6:F9:52:E1:7E:00:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0581985A1FB667A7E050B4EA41216C946740BBD8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
Signing time: Fri 26 Sep 2025 19:01:11 +0000
ROA not before: Fri 26 Sep 2025 19:01:11 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:81:98:5a:1f:b6:67:a7:e0:50:b4:ea:41:21:6c:94:67:40:bb:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:01:11 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=b7207c42f84490a898402ab26aaa26532abe7ba94b2ddacfa639683246ef5c8c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:67:0c:7f:1d:af:43:13:e3:00:cd:eb:c8:b7:
a6:e9:c6:10:12:fa:c3:07:b7:4b:ff:95:a8:8c:11:
3e:8c:a0:91:28:65:8f:ce:6e:ba:9a:0d:82:76:17:
a0:35:20:0a:32:89:f6:ee:85:0a:65:96:ce:d5:17:
70:85:33:4e:8f:1d:fc:f1:09:f0:e9:38:de:79:e0:
c0:8b:10:30:22:06:11:0c:89:8b:e5:6d:0f:33:42:
bb:ed:ff:0c:06:ca:26:f7:ea:1d:77:83:73:3d:a8:
c7:e9:da:cd:22:04:93:76:c1:32:a1:eb:17:d9:d1:
d0:c0:65:c4:72:d7:66:79:e2:b0:7b:7f:17:28:a6:
a1:d3:92:a4:c1:6c:9c:f1:26:7d:76:04:2d:71:46:
04:69:48:56:5a:68:3f:b9:14:72:b9:e2:87:ca:dd:
b9:fc:39:28:9b:f3:58:7f:c0:c8:85:26:29:d3:a8:
b1:cd:13:2f:da:6f:2f:fe:19:15:5c:82:32:d9:4d:
78:1a:18:26:9b:d1:9c:b4:57:9f:65:c0:b4:31:86:
2a:35:bb:63:34:84:30:cd:11:10:c1:18:12:16:e6:
b7:04:f8:13:cb:ba:2c:17:84:33:b4:dd:b7:4b:0d:
5c:6f:ad:bf:20:03:ac:f2:0c:6b:b8:ba:90:58:5a:
da:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:42:0B:0F:EB:5E:79:FE:5A:E1:6F:EA:A7:B6:F9:52:E1:7E:00:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4040::/48
Signature Algorithm: sha256WithRSAEncryption
7f:34:4d:6a:d9:dd:02:e5:91:b9:78:d8:d4:76:c2:de:74:e1:
3e:26:d9:e9:91:77:d5:ae:f5:3b:3e:39:bb:8a:fb:23:90:38:
15:66:54:26:7a:a4:67:e6:c1:84:bc:57:1c:53:87:ae:ef:92:
41:3b:61:a3:bd:85:58:73:0f:38:ed:b8:fb:1e:2c:9c:dc:6b:
c1:f4:f3:85:8f:23:d9:dc:55:6e:a9:73:7a:cb:ec:de:a0:c1:
95:cc:b7:5b:e0:1f:66:de:3d:8d:5f:32:ea:cd:c1:30:95:33:
ef:9d:37:7d:66:c3:b9:db:e5:b7:9e:a4:5e:03:bf:94:1b:70:
09:2c:79:20:3e:1d:ae:cf:64:28:f3:86:e1:c9:7f:be:58:42:
95:1c:50:97:43:cd:cb:f2:e6:50:f8:c9:3d:e0:14:a9:09:bd:
2c:08:25:5b:c7:a1:9c:65:1f:d4:44:8d:ce:89:9f:cd:e2:78:
c5:7d:7f:96:ef:f6:a5:2a:7b:5e:ba:e0:e8:11:11:44:dd:eb:
09:23:1e:9c:cb:3a:94:e7:14:30:ac:9a:3f:12:e3:dc:31:69:
80:61:b9:2c:33:fe:6f:14:6a:fd:8e:94:89:2d:4c:aa:46:e9:
59:7e:c9:b4:9a:fa:2c:13:97:57:ca:31:de:cb:d6:87:f0:a2:
62:ea:e1:47
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBYGYWh+2Z6fgULTqQSFslGdAu9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTAxMTFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3MjA3YzQyZjg0NDkwYTg5ODQwMmFiMjZhYWEyNjUzMmFiZTdiYTk0YjJk
ZGFjZmE2Mzk2ODMyNDZlZjVjOGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZnDH8dr0MT4wDN68i3punGEBL6wwe3S/+VqIwRPoygkShlj85uupoNgnYX
oDUgCjKJ9u6FCmWWztUXcIUzTo8d/PEJ8Ok43nngwIsQMCIGEQyJi+VtDzNCu+3/
DAbKJvfqHXeDcz2ox+nazSIEk3bBMqHrF9nR0MBlxHLXZnnisHt/FyimodOSpMFs
nPEmfXYELXFGBGlIVlpoP7kUcrnih8rdufw5KJvzWH/AyIUmKdOosc0TL9pvL/4Z
FVyCMtlNeBoYJpvRnLRXn2XAtDGGKjW7YzSEMM0REMEYEhbmtwT4E8u6LBeEM7Td
t0sNXG+tvyADrPIMa7i6kFha2sUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRgQgsP
6155/lrhb+qntvlS4X4AjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWVkZGRiYmQtMmJiZC00ZTY0LTliMzctZGRkZDMzOTJjZThmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
QDANBgkqhkiG9w0BAQsFAAOCAQEAfzRNatndAuWRuXjY1HbC3nThPibZ6ZF31a71
Oz45u4r7I5A4FWZUJnqkZ+bBhLxXHFOHru+SQTtho72FWHMPOO24+x4snNxrwfTz
hY8j2dxVbqlzesvs3qDBlcy3W+AfZt49jV8y6s3BMJUz7503fWbDudvlt56kXgO/
lBtwCSx5ID4drs9kKPOG4cl/vlhClRxQl0PNy/LmUPjJPeAUqQm9LAglW8ehnGUf
1ESNzomfzeJ4xX1/lu/2pSp7Xrrg6BERRN3rCSMenMs6lOcUMKyaPxLj3DFpgGG5
LDP+bxRq/Y6UiS1MqkbpWX7JtJr6LBOXV8ox3svWh/CiYurhRw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:10 2025 by rpki-client