Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
File: 09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa (raw, json)
Hash identifier: r/x2LySYYDiPXXsSMEkfUIlbWLBlhmT+6JJ5mQgD0NY=
Subject key identifier: 47:D1:FE:FF:AC:E2:A7:0B:F6:E6:4A:75:CB:2F:66:14:B9:56:64:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6101331C831FBB2541D069B5BBD56CA2BC3B69BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
Signing time: Tue 21 Oct 2025 14:00:36 +0000
ROA not before: Tue 21 Oct 2025 14:00:36 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:01:33:1c:83:1f:bb:25:41:d0:69:b5:bb:d5:6c:a2:bc:3b:69:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:00:36 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=8f9cde1b718381b0aabe472617b8a445149b68dda2024bd165ebefc69ffe88ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e2:41:eb:2d:fd:19:54:25:86:f7:e1:3b:6b:
8a:a9:5b:3c:1d:6d:ba:34:55:d0:34:ba:79:8f:28:
dd:37:9e:e7:1c:bb:72:50:18:f1:16:65:58:fc:41:
e1:13:82:2b:27:3d:23:77:ce:50:7a:ce:aa:3e:0a:
c7:1a:48:fb:92:9e:73:36:bb:3c:a7:46:2e:a4:3d:
22:f5:98:2d:5d:e3:b8:5e:70:b9:3b:5d:b2:79:0d:
7b:19:72:75:66:ad:6f:13:73:84:32:d1:d6:53:95:
70:55:74:be:04:f8:14:be:45:b4:d7:67:67:b9:37:
06:0c:fe:6b:90:0d:43:f5:4a:17:5e:bd:c9:d8:47:
b6:46:6b:81:9f:84:65:a5:3a:6c:f8:a4:92:67:96:
77:4a:a7:09:96:ea:c6:b7:89:b4:47:68:32:13:03:
77:91:3c:83:97:a7:9e:2a:c8:4d:95:fc:4b:84:5e:
ec:ce:e4:77:6c:2b:bf:56:a1:af:c9:c4:89:31:4e:
3e:31:cb:dc:b1:62:48:41:df:98:e0:a5:1e:8a:9f:
71:84:24:f3:39:bf:79:a0:42:15:28:44:f7:4f:79:
15:a2:96:05:86:54:e4:77:1d:4b:9c:62:86:19:d2:
5d:58:01:e4:72:b9:cd:45:d2:b6:a9:72:f2:12:57:
fe:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D1:FE:FF:AC:E2:A7:0B:F6:E6:4A:75:CB:2F:66:14:B9:56:64:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8020::/48
Signature Algorithm: sha256WithRSAEncryption
2b:cb:b3:da:af:eb:85:a2:7f:39:72:3d:c2:15:07:b4:be:a5:
a1:14:c7:f3:06:96:02:2f:c6:41:45:fc:a0:62:8b:1d:b3:2a:
38:75:33:cc:41:11:28:9f:ca:3d:83:3b:b9:51:5f:dc:3c:c8:
b0:5b:b7:a4:ac:b9:2a:3a:e7:19:bf:c3:fb:ce:65:4c:32:b4:
fd:d1:45:a1:11:23:af:71:2d:fa:53:a2:a9:cd:7c:d1:19:f7:
ec:32:55:7d:46:e0:42:76:7b:7b:f3:87:c4:57:fa:d7:4b:7a:
9d:65:ce:c5:7e:6a:ea:0a:18:20:55:13:51:e9:83:b8:9c:be:
5f:78:82:39:33:85:ef:30:16:09:88:3e:ec:8e:ad:85:27:34:
8e:04:72:38:9e:1a:f9:62:a2:9a:b7:73:c0:5b:68:7b:16:3a:
45:7a:bc:e9:a9:13:06:1a:d6:76:45:c4:e4:ee:2b:dc:c2:de:
5c:69:3a:7c:cb:aa:3f:31:4b:55:84:b3:63:32:ce:46:5d:48:
78:bd:1b:fc:bf:a5:34:e7:ed:1f:c5:fa:69:40:c7:4c:bf:16:
0a:d5:07:50:4b:b2:bb:b0:76:f7:15:b1:1d:cd:d5:b6:0c:9e:
9d:80:b9:ff:36:2a:04:e9:f8:6c:57:6a:ca:ab:9f:8e:7d:9c:
39:a8:9e:72
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYQEzHIMfuyVB0Gm1u9Vsorw7ab0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDAwMzZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmOWNkZTFiNzE4MzgxYjBhYWJlNDcyNjE3YjhhNDQ1MTQ5YjY4ZGRhMjAy
NGJkMTY1ZWJlZmM2OWZmZTg4Y2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7iQest/RlUJYb34TtriqlbPB1tujRV0DS6eY8o3Tee5xy7clAY8RZlWPxB
4ROCKyc9I3fOUHrOqj4KxxpI+5Kecza7PKdGLqQ9IvWYLV3juF5wuTtdsnkNexly
dWatbxNzhDLR1lOVcFV0vgT4FL5FtNdnZ7k3Bgz+a5ANQ/VKF169ydhHtkZrgZ+E
ZaU6bPikkmeWd0qnCZbqxreJtEdoMhMDd5E8g5ennirITZX8S4Re7M7kd2wrv1ah
r8nEiTFOPjHL3LFiSEHfmOClHoqfcYQk8zm/eaBCFShE9095FaKWBYZU5HcdS5xi
hhnSXVgB5HK5zUXStqly8hJX/ocCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRH0f7/
rOKnC/bmSnXLL2YUuVZkhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlmNjRlZGEtMmI5Yy00Yzg5LThlYjQtN2NmYjA4YjJiYTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
IDANBgkqhkiG9w0BAQsFAAOCAQEAK8uz2q/rhaJ/OXI9whUHtL6loRTH8waWAi/G
QUX8oGKLHbMqOHUzzEERKJ/KPYM7uVFf3DzIsFu3pKy5KjrnGb/D+85lTDK0/dFF
oREjr3Et+lOiqc180Rn37DJVfUbgQnZ7e/OHxFf610t6nWXOxX5q6goYIFUTUemD
uJy+X3iCOTOF7zAWCYg+7I6thSc0jgRyOJ4a+WKimrdzwFtoexY6RXq86akTBhrW
dkXE5O4r3MLeXGk6fMuqPzFLVYSzYzLORl1IeL0b/L+lNOftH8X6aUDHTL8WCtUH
UEuyu7B29xWxHc3VtgyenYC5/zYqBOn4bFdqyqufjn2cOaiecg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:16 2025 by rpki-client