Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/efc2799b-d173-40c0-a6ee-0c0ad41cbd49.roa
File: efc2799b-d173-40c0-a6ee-0c0ad41cbd49.roa (raw, json)
Hash identifier: GOwUYeM17QEGJIfx0Jals1SrEPb45teY5XNI9WYYGmk=
Subject key identifier: 39:3F:8C:C0:17:B7:E6:12:C4:02:D6:BF:BA:B7:A8:6F:6F:82:22:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45D9EF137926C053CF6AB636130AA50080556396
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/efc2799b-d173-40c0-a6ee-0c0ad41cbd49.roa
Signing time: Fri 17 Oct 2025 21:10:14 +0000
ROA not before: Fri 17 Oct 2025 21:10:14 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:d9:ef:13:79:26:c0:53:cf:6a:b6:36:13:0a:a5:00:80:55:63:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 17 21:10:14 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=2efbdad0968793a48ade902122aaeb797c3efdb3018e90170ca1bb54dc2418e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3d:0c:6f:83:0e:c2:c3:de:81:b0:64:98:16:
ae:8b:4d:f0:5b:97:75:ca:9c:8e:f3:c7:b2:bc:84:
19:f8:52:a3:d5:9d:d1:c4:66:6c:22:0a:10:c1:ea:
85:84:ad:d5:49:ab:fa:0c:24:69:83:b0:92:d4:ce:
e0:31:d4:2c:de:5d:df:f6:b2:e2:c0:22:0f:b7:dc:
31:af:db:c9:0b:7c:6b:3c:15:a4:dd:f8:30:b6:b1:
bd:36:6a:79:92:dc:ee:74:f3:bf:65:af:c7:32:b6:
a5:fb:3d:78:b6:07:8e:a3:73:4e:6a:5c:9e:43:48:
b5:90:af:6a:65:d5:c6:d5:05:44:10:c3:d1:88:c6:
77:8d:9b:5f:b9:88:a1:a7:9c:a7:5c:f9:7b:db:1e:
c8:0a:1f:ae:4d:31:2a:e9:12:31:c0:8e:7e:b9:fd:
ce:2a:c5:46:14:86:d3:5e:bb:4c:16:6f:56:05:70:
8f:6c:ef:e0:03:ef:47:a3:08:17:a1:6d:cd:dc:93:
19:be:4d:55:77:b7:85:a3:c0:ad:18:b0:98:a9:ed:
b3:d0:eb:a8:fd:d3:08:ed:05:19:25:5e:54:c4:90:
21:21:d0:62:8f:05:dc:cc:9c:5b:bc:b7:d5:16:c0:
13:f6:e3:06:54:df:8e:8e:f9:4a:8d:54:8d:f3:72:
37:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3F:8C:C0:17:B7:E6:12:C4:02:D6:BF:BA:B7:A8:6F:6F:82:22:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/efc2799b-d173-40c0-a6ee-0c0ad41cbd49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:2000::/48
Signature Algorithm: sha256WithRSAEncryption
af:0f:70:e1:91:b4:93:7d:a2:fb:67:49:ea:b5:e6:6c:0a:d5:
87:28:10:d3:b9:5d:2e:96:bd:57:8d:fa:1c:4b:b4:70:33:b4:
55:76:69:d7:6b:78:50:5c:55:1a:c3:ba:cc:84:9f:c4:df:4d:
f2:35:de:16:0b:fb:51:cb:d9:6d:02:9e:52:ac:67:be:c3:d1:
47:aa:e4:a6:0d:c4:28:35:f7:5a:29:0e:8f:ce:e2:f5:0a:02:
e2:f3:6c:f5:36:f9:ad:fa:85:6e:a2:6b:21:57:bb:d5:8f:91:
cc:1b:18:63:17:c3:9f:a6:89:b1:72:10:7a:49:09:77:53:a4:
1a:31:6a:cb:42:2e:44:e2:26:99:94:ad:6e:84:37:5b:12:b2:
9a:d4:9d:8e:ac:f7:56:f3:a4:e1:c9:53:7e:6d:e0:dd:49:fa:
61:6f:37:97:32:bb:9c:c3:1a:24:d7:44:44:e2:5f:35:e3:b9:
8d:fe:96:25:a6:1c:9e:b2:42:9d:55:7a:d8:90:34:f6:3d:a0:
e5:5b:70:43:a4:15:71:ac:3c:4d:19:84:8f:33:c3:64:ad:db:
19:36:1d:57:19:19:da:8f:f2:eb:a3:d6:42:d3:48:db:c3:cc:
f2:e4:d9:27:35:6e:de:f4:c3:97:49:e4:92:cd:7b:34:a9:ce:
5b:20:a7:5c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURdnvE3kmwFPParY2EwqlAIBVY5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTcyMTEwMTRaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlZmJkYWQwOTY4NzkzYTQ4YWRlOTAyMTIyYWFlYjc5N2MzZWZkYjMwMThl
OTAxNzBjYTFiYjU0ZGMyNDE4ZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAME9DG+DDsLD3oGwZJgWrotN8FuXdcqcjvPHsryEGfhSo9Wd0cRmbCIKEMHq
hYSt1Umr+gwkaYOwktTO4DHULN5d3/ay4sAiD7fcMa/byQt8azwVpN34MLaxvTZq
eZLc7nTzv2WvxzK2pfs9eLYHjqNzTmpcnkNItZCvamXVxtUFRBDD0YjGd42bX7mI
oaecp1z5e9seyAofrk0xKukSMcCOfrn9zirFRhSG0167TBZvVgVwj2zv4APvR6MI
F6FtzdyTGb5NVXe3haPArRiwmKnts9DrqP3TCO0FGSVeVMSQISHQYo8F3MycW7y3
1RbAE/bjBlTfjo75So1UjfNyN/0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ5P4zA
F7fmEsQC1r+6t6hvb4IiDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWZjMjc5OWItZDE3My00MGMwLWE2ZWUtMGMwYWQ0MWNiZDQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gwg
ADANBgkqhkiG9w0BAQsFAAOCAQEArw9w4ZG0k32i+2dJ6rXmbArVhygQ07ldLpa9
V436HEu0cDO0VXZp12t4UFxVGsO6zISfxN9N8jXeFgv7UcvZbQKeUqxnvsPRR6rk
pg3EKDX3WikOj87i9QoC4vNs9Tb5rfqFbqJrIVe71Y+RzBsYYxfDn6aJsXIQekkJ
d1OkGjFqy0IuROImmZStboQ3WxKymtSdjqz3VvOk4clTfm3g3Un6YW83lzK7nMMa
JNdEROJfNeO5jf6WJaYcnrJCnVV62JA09j2g5VtwQ6QVcaw8TRmEjzPDZK3bGTYd
VxkZ2o/y66PWQtNI28PM8uTZJzVu3vTDl0nkks17NKnOWyCnXA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:28 2025 by rpki-client