Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
File: f6aec084-593c-47be-8e46-9024b5572011.roa (raw, json)
Hash identifier: QvJsq9h9o73n039oEieIrTkbSatXFdxP7IDO0cu0GEI=
Subject key identifier: 66:DD:5D:DD:74:24:8B:DC:9F:11:3F:74:EC:E3:3C:F2:05:C2:96:EB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28286CD18F5573CE742D7EF9CFE487D3E2B8A39D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
Signing time: Mon 13 Oct 2025 18:00:10 +0000
ROA not before: Mon 13 Oct 2025 18:00:10 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:28:6c:d1:8f:55:73:ce:74:2d:7e:f9:cf:e4:87:d3:e2:b8:a3:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 18:00:10 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=6b716dc87e999a9b61cbb4f3b4bc3998e7e6d28472b0f99ecbe594497faa1429, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ba:e0:f2:7c:db:f8:e3:40:fc:ae:bd:ef:59:
0a:53:c1:10:8c:76:34:57:21:df:0f:9c:a1:98:81:
73:4b:a6:60:7a:6c:87:dc:44:0d:a9:b2:e7:92:b0:
51:ee:e2:cb:98:08:30:cc:d6:57:0c:55:5b:70:eb:
08:5f:60:ed:76:ed:88:4a:12:4d:8a:e0:2a:04:92:
d5:68:af:28:91:a8:c8:69:96:f0:1b:8e:6b:2a:55:
13:56:26:13:a7:fe:2d:b6:c6:15:00:36:80:88:63:
25:ee:1b:a5:89:9c:d6:6f:d6:5c:d6:fc:90:9a:e4:
dc:c6:19:c0:3e:87:4d:00:0e:53:6d:04:07:99:99:
8c:b5:87:93:14:e9:c1:07:4d:ee:c3:4e:90:52:91:
ec:f6:c1:b7:a9:f6:28:bb:ed:76:6a:ee:21:3d:ed:
d0:0b:d5:0b:db:a4:bd:e0:53:3e:f1:ed:b2:40:8b:
d0:e7:4b:25:a2:6a:54:fc:a7:52:06:c0:ea:16:08:
46:8d:9b:75:63:b3:1c:a2:d0:05:46:ed:df:42:fa:
d0:b9:e2:94:7e:d3:05:95:d7:e8:86:c4:18:ac:23:
be:a9:5b:7f:e8:f9:1d:07:b6:d7:d7:50:cd:10:09:
3d:33:ac:e6:b9:5d:d8:10:e3:f5:ba:a7:6f:c2:32:
41:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:DD:5D:DD:74:24:8B:DC:9F:11:3F:74:EC:E3:3C:F2:05:C2:96:EB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
3a:c7:df:70:c4:37:df:ca:d4:f6:6c:aa:9f:a2:19:a1:0a:58:
d0:fb:26:7e:1c:5e:f8:5b:23:fb:2d:eb:5a:b1:fc:fb:59:48:
99:a9:3d:56:b1:b3:d8:a5:0b:e5:7b:58:61:0c:a9:a8:99:a4:
43:df:c8:b3:af:ee:c0:03:5b:43:33:c2:9c:2f:dc:4c:58:f4:
af:8f:d4:4b:44:a9:79:cc:b0:02:bc:36:bf:9f:34:d1:e1:8f:
73:de:72:b8:ba:88:45:0c:f9:ca:9c:8c:f9:70:de:ff:53:d2:
13:ae:dd:80:64:76:b7:e8:fc:1c:e4:af:45:88:d4:48:46:5a:
f3:c4:3a:34:c5:7e:b8:88:ea:2b:c7:b2:d4:a1:a1:e7:69:ea:
67:db:72:ef:fc:4f:4b:63:57:e4:05:55:bc:7e:66:d9:3e:7c:
04:07:84:d0:55:ed:f0:e6:a6:4f:a6:bf:90:de:0c:cc:82:db:
5c:39:4c:ab:46:b1:42:ae:cb:dc:ca:db:99:af:24:bf:63:b8:
1b:b5:4b:21:8c:e5:eb:63:e2:7b:2d:78:13:36:82:22:f9:ec:
25:a1:e6:78:25:5c:85:1a:49:25:aa:26:81:f9:8d:76:f2:cc:
c6:19:e6:cc:61:a1:c1:a4:2a:37:c5:18:0d:bf:de:72:cd:b6:
9a:8c:f4:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKChs0Y9Vc850LX75z+SH0+K4o50wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxODAwMTBaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiNzE2ZGM4N2U5OTlhOWI2MWNiYjRmM2I0YmMzOTk4ZTdlNmQyODQ3MmIw
Zjk5ZWNiZTU5NDQ5N2ZhYTE0MjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJq64PJ82/jjQPyuve9ZClPBEIx2NFch3w+coZiBc0umYHpsh9xEDamy55Kw
Ue7iy5gIMMzWVwxVW3DrCF9g7XbtiEoSTYrgKgSS1WivKJGoyGmW8BuOaypVE1Ym
E6f+LbbGFQA2gIhjJe4bpYmc1m/WXNb8kJrk3MYZwD6HTQAOU20EB5mZjLWHkxTp
wQdN7sNOkFKR7PbBt6n2KLvtdmruIT3t0AvVC9ukveBTPvHtskCL0OdLJaJqVPyn
UgbA6hYIRo2bdWOzHKLQBUbt30L60LnilH7TBZXX6IbEGKwjvqlbf+j5HQe219dQ
zRAJPTOs5rld2BDj9bqnb8IyQbUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRm3V3d
dCSL3J8RP3Ts4zzyBcKW6zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjZhZWMwODQtNTkzYy00N2JlLThlNDYtOTAyNGI1NTcyMDExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQA6x99wxDffytT2bKqfohmhCljQ+yZ+HF74WyP7
Letasfz7WUiZqT1WsbPYpQvle1hhDKmomaRD38izr+7AA1tDM8KcL9xMWPSvj9RL
RKl5zLACvDa/nzTR4Y9z3nK4uohFDPnKnIz5cN7/U9ITrt2AZHa36Pwc5K9FiNRI
RlrzxDo0xX64iOorx7LUoaHnaepn23Lv/E9LY1fkBVW8fmbZPnwEB4TQVe3w5qZP
pr+Q3gzMgttcOUyrRrFCrsvcytuZryS/Y7gbtUshjOXrY+J7LXgTNoIi+ewloeZ4
JVyFGkklqiaB+Y128szGGebMYaHBpCo3xRgNv95yzbaajPQd
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:45 2025 by rpki-client