Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
File: fbd3a3af-f307-4148-9e34-70199540a838.roa (raw, json)
Hash identifier: MDP6Xte89BQoBxFQju4MdGwNS4I4ez8D1V18AaWm/Ck=
Subject key identifier: 35:93:A9:74:CC:10:80:EA:8C:C6:F8:E3:77:89:77:CF:1F:9A:22:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F1E6E2E5455854ACED17FF4ED2AA4EA1F0319B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
Signing time: Fri 26 Sep 2025 19:01:32 +0000
ROA not before: Fri 26 Sep 2025 19:01:32 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:1e:6e:2e:54:55:85:4a:ce:d1:7f:f4:ed:2a:a4:ea:1f:03:19:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:01:32 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=0009455b1c4c16c09f31b3785289b6e4a2dd82625e3f298506886ea3991d854d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:56:4e:c0:37:67:cd:8b:ea:95:13:20:27:53:
a7:ad:48:d3:9f:69:9f:10:38:bb:eb:5a:19:d0:11:
42:37:63:e8:2c:4f:3e:0c:8e:66:fa:e1:a7:c9:93:
59:39:54:b1:da:a4:5c:3d:9b:44:2a:29:2a:53:41:
c1:fe:51:5e:5b:e8:9b:d2:05:3b:cc:92:74:d8:3d:
70:49:08:04:17:b5:bf:19:55:93:2b:68:63:f2:16:
8a:e5:7d:ef:cd:cc:13:9c:4c:c3:4c:13:5e:7b:25:
fc:67:32:b5:97:e9:d3:28:b4:e2:cd:11:1b:5e:c2:
78:d4:e2:06:de:d0:6f:4e:88:75:c2:6b:18:2e:20:
d5:df:d1:fd:50:7f:32:8f:0a:98:1f:12:1c:6d:85:
31:5a:1d:68:87:7a:80:69:5d:46:55:55:f2:6e:44:
39:d6:88:08:dc:65:d2:d4:8f:fc:c4:5b:dc:b2:1a:
54:5c:c5:42:89:e9:ed:17:a2:09:c3:22:b0:39:fd:
fe:72:bf:a3:27:eb:63:93:ed:a6:eb:59:c6:00:85:
05:e7:84:ff:d2:60:b3:45:d7:d7:17:a2:11:c4:0b:
94:fe:70:99:3b:fc:07:54:c4:24:0b:9e:0b:03:39:
27:70:2a:c7:88:c5:65:1f:ca:aa:1c:78:2d:31:23:
d0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:93:A9:74:CC:10:80:EA:8C:C6:F8:E3:77:89:77:CF:1F:9A:22:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:b000::/40
Signature Algorithm: sha256WithRSAEncryption
a4:22:b9:82:d7:98:e9:95:51:e7:3b:0d:d6:5c:2d:c9:01:af:
ac:96:f9:e1:8b:3c:bc:dd:9d:12:bf:73:d2:74:2a:c9:bf:d3:
8b:08:0a:2d:7d:7c:67:7e:96:ae:6d:39:e8:29:47:f2:50:6a:
0d:27:c3:97:22:91:5b:81:58:44:0b:11:af:7e:24:6d:1c:4b:
c1:e0:2a:e4:2e:ad:d5:e5:85:c8:9c:98:34:a3:48:30:44:f3:
80:61:f0:11:92:ce:1e:53:dd:51:6d:5f:6b:4d:aa:a2:ea:ee:
d1:b9:87:a4:82:b4:2a:6a:34:cb:b6:68:69:18:a3:24:75:14:
0b:ca:a4:18:1d:13:0d:9b:27:e4:50:a6:32:9e:c8:84:da:af:
e3:e9:52:37:3c:e3:a6:8a:92:95:d5:40:46:f4:97:80:23:b4:
ff:a9:dd:20:e3:8e:29:68:b3:6d:e6:f1:87:0c:21:d7:44:49:
a8:55:c3:f0:7b:77:99:5e:25:f9:6f:22:da:e8:06:c8:76:44:
6e:b6:17:07:49:36:2f:c1:64:d0:a9:e3:f3:0d:68:4b:92:48:
d9:17:df:10:ed:d1:af:bc:8c:f3:76:27:57:e8:6f:97:f0:5b:
80:9a:76:80:cc:16:9b:87:63:ea:f8:31:56:de:16:e2:97:b3:
2f:31:3d:c7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbx5uLlRVhUrO0X/07Sqk6h8DGbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTAxMzJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwMDk0NTViMWM0YzE2YzA5ZjMxYjM3ODUyODliNmU0YTJkZDgyNjI1ZTNm
Mjk4NTA2ODg2ZWEzOTkxZDg1NGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1WTsA3Z82L6pUTICdTp61I059pnxA4u+taGdARQjdj6CxPPgyOZvrhp8mT
WTlUsdqkXD2bRCopKlNBwf5RXlvom9IFO8ySdNg9cEkIBBe1vxlVkytoY/IWiuV9
783ME5xMw0wTXnsl/GcytZfp0yi04s0RG17CeNTiBt7Qb06IdcJrGC4g1d/R/VB/
Mo8KmB8SHG2FMVodaId6gGldRlVV8m5EOdaICNxl0tSP/MRb3LIaVFzFQonp7Rei
CcMisDn9/nK/oyfrY5PtputZxgCFBeeE/9Jgs0XX1xeiEcQLlP5wmTv8B1TEJAue
CwM5J3Aqx4jFZR/Kqhx4LTEj0PMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1k6l0
zBCA6ozG+ON3iXfPH5oi3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmJkM2EzYWYtZjMwNy00MTQ4LTllMzQtNzAxOTk1NDBhODM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Diw
MA0GCSqGSIb3DQEBCwUAA4IBAQCkIrmC15jplVHnOw3WXC3JAa+slvnhizy83Z0S
v3PSdCrJv9OLCAotfXxnfpaubTnoKUfyUGoNJ8OXIpFbgVhECxGvfiRtHEvB4Crk
Lq3V5YXInJg0o0gwRPOAYfARks4eU91RbV9rTaqi6u7RuYekgrQqajTLtmhpGKMk
dRQLyqQYHRMNmyfkUKYynsiE2q/j6VI3POOmipKV1UBG9JeAI7T/qd0g444paLNt
5vGHDCHXREmoVcPwe3eZXiX5byLa6AbIdkRuthcHSTYvwWTQqePzDWhLkkjZF98Q
7dGvvIzzdidX6G+X8FuAmnaAzBabh2Pq+DFW3hbil7MvMT3H
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:43 2025 by rpki-client