Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef1c587f-7016-4879-9f71-ad8ce780a8da.roa
File: ef1c587f-7016-4879-9f71-ad8ce780a8da.roa (raw, json)
Hash identifier: WklumiqW5SoJiVtUW3vx5xtEPlkdkbwN9A9VtKzcysA=
Subject key identifier: 43:D1:51:D3:2C:2E:E3:7B:B0:C7:02:B8:73:22:C3:89:68:22:F4:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B80A0CAE767D6C6F300F4675C7A3B31153FBDAB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef1c587f-7016-4879-9f71-ad8ce780a8da.roa
Signing time: Mon 29 Sep 2025 15:24:10 +0000
ROA not before: Mon 29 Sep 2025 15:24:10 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:80:a0:ca:e7:67:d6:c6:f3:00:f4:67:5c:7a:3b:31:15:3f:bd:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 29 15:24:10 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=2de04157fa5d54eb839e26b5036a733bb94b3cf0835e145527da5b7ab2ea5125, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d1:6a:41:87:6d:a5:b2:3e:b8:4d:69:e3:77:
2c:65:9d:9a:27:43:97:be:47:c7:7d:52:8c:36:43:
d5:65:c0:c0:77:7d:d0:85:11:7c:8c:ea:2f:32:94:
f1:77:83:f6:6a:6c:a5:a9:0b:65:eb:65:00:8e:25:
7f:4e:f1:d3:af:23:59:bb:1a:92:1b:d8:5d:f5:aa:
df:62:90:bb:9b:7b:a1:db:08:ff:71:a7:f2:ae:f7:
58:82:65:44:de:4e:c4:c0:f2:7e:11:19:57:5c:2b:
91:c5:13:35:ca:4c:76:a8:68:a2:df:e4:ba:e2:8f:
30:fe:37:ef:69:d8:92:8b:0a:ce:ad:9b:69:90:7f:
67:8a:2a:ce:0d:4c:58:e5:cb:2f:53:c7:f2:e7:89:
5a:21:6d:46:7d:1d:71:33:2e:78:08:6f:19:e3:76:
2b:1b:b0:c1:b5:da:ae:45:53:7e:f2:82:79:d6:d3:
5d:04:10:ef:21:b1:44:ca:e6:ee:0b:c3:05:c9:f7:
09:6c:81:94:b6:3f:47:58:7a:0a:da:4d:af:f3:f9:
69:25:9b:8c:ab:bd:1f:5f:0e:03:c7:0d:c3:70:36:
06:02:3d:33:95:59:f7:76:37:14:04:fe:30:b7:1a:
dd:9e:3a:b1:10:1b:0e:1b:56:61:c2:13:bb:69:7d:
c4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D1:51:D3:2C:2E:E3:7B:B0:C7:02:B8:73:22:C3:89:68:22:F4:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef1c587f-7016-4879-9f71-ad8ce780a8da.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
2f:46:13:29:be:14:4b:1f:71:cb:a0:72:4d:4d:dc:45:2c:5b:
2a:e5:53:2d:85:45:87:3c:94:c9:7b:b5:d5:55:58:3c:d5:d3:
98:c3:ae:c4:20:6d:d0:3a:2e:0b:64:da:df:a2:eb:6d:8a:9c:
f5:79:47:1e:ce:3d:b6:39:90:7f:e2:f8:3f:93:50:4e:cf:e1:
a9:2d:13:3c:8c:5d:56:c0:97:23:f8:18:e6:1a:19:02:4c:bc:
ef:3f:56:fa:c9:fc:67:21:72:ac:bb:5c:9c:5a:0f:62:bc:b0:
f5:79:2e:bf:d7:a4:e9:23:2d:8b:59:49:af:64:cb:a9:56:1b:
ad:11:7a:db:b7:5f:fd:51:19:1d:f1:e7:8f:33:af:e0:9d:d1:
ff:93:38:05:0f:a0:da:b7:ae:7d:0a:59:4b:01:bd:1a:b9:2a:
2b:32:1f:d9:21:7f:e1:df:c7:2b:ca:d2:6b:04:ff:bf:8a:e5:
0b:ea:b1:5e:86:4e:e4:8e:45:78:3b:f8:f4:f6:01:af:2f:ec:
20:2e:93:1a:49:9e:fc:8c:d5:10:6e:95:85:56:40:76:3f:8f:
29:45:4b:29:1f:32:52:f1:af:89:8b:0c:41:65:96:fd:2d:2d:
0c:6c:1c:0d:1c:b3:b1:5e:e8:86:47:70:91:05:15:64:47:87:
ea:ac:69:68
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUC4Cgyudn1sbzAPRnXHo7MRU/vaswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjkxNTI0MTBaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkZTA0MTU3ZmE1ZDU0ZWI4MzllMjZiNTAzNmE3MzNiYjk0YjNjZjA4MzVl
MTQ1NTI3ZGE1YjdhYjJlYTUxMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfRakGHbaWyPrhNaeN3LGWdmidDl75Hx31SjDZD1WXAwHd90IURfIzqLzKU
8XeD9mpspakLZetlAI4lf07x068jWbsakhvYXfWq32KQu5t7odsI/3Gn8q73WIJl
RN5OxMDyfhEZV1wrkcUTNcpMdqhoot/kuuKPMP4372nYkosKzq2baZB/Z4oqzg1M
WOXLL1PH8ueJWiFtRn0dcTMueAhvGeN2KxuwwbXarkVTfvKCedbTXQQQ7yGxRMrm
7gvDBcn3CWyBlLY/R1h6CtpNr/P5aSWbjKu9H18OA8cNw3A2BgI9M5VZ93Y3FAT+
MLca3Z46sRAbDhtWYcITu2l9xMsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRD0VHT
LC7je7DHArhzIsOJaCL0fzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWYxYzU4N2YtNzAxNi00ODc5LTlmNzEtYWQ4Y2U3ODBhOGRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
wDANBgkqhkiG9w0BAQsFAAOCAQEAL0YTKb4USx9xy6ByTU3cRSxbKuVTLYVFhzyU
yXu11VVYPNXTmMOuxCBt0DouC2Ta36LrbYqc9XlHHs49tjmQf+L4P5NQTs/hqS0T
PIxdVsCXI/gY5hoZAky87z9W+sn8ZyFyrLtcnFoPYryw9Xkuv9ek6SMti1lJr2TL
qVYbrRF627df/VEZHfHnjzOv4J3R/5M4BQ+g2reufQpZSwG9GrkqKzIf2SF/4d/H
K8rSawT/v4rlC+qxXoZO5I5FeDv49PYBry/sIC6TGkme/IzVEG6VhVZAdj+PKUVL
KR8yUvGviYsMQWWW/S0tDGwcDRyzsV7ohkdwkQUVZEeH6qxpaA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:27 2025 by rpki-client