Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
File: 0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa (raw, json)
Hash identifier: jbLOBFk4QeqkhbfeonZMinqozjxRAjVtn56j4nLs9NY=
Subject key identifier: 6D:65:C3:5F:9A:22:1D:8D:E2:7A:AE:B2:F6:7B:FD:BE:D9:DD:FA:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 456C9579B82033696E5A86FBB45F295B2D89AE08
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
Signing time: Wed 22 Oct 2025 00:20:05 +0000
ROA not before: Wed 22 Oct 2025 00:20:05 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:6c:95:79:b8:20:33:69:6e:5a:86:fb:b4:5f:29:5b:2d:89:ae:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 22 00:20:05 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=d4dcfa98f47d847547c7bc01d2409edc9a3f71af1cbdb45223ff23748be4f339, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:71:70:16:95:a2:6e:6d:8e:49:a4:e3:56:c4:
c1:89:c5:f8:3e:2e:43:0b:8c:a8:fe:f3:8e:84:88:
1e:06:cc:6b:68:9c:45:ee:08:33:f3:57:45:92:04:
14:7a:7c:a7:5d:66:bd:d4:5b:18:31:be:95:23:36:
35:ef:17:66:2a:fc:3f:ca:df:e0:53:ec:7f:77:d4:
d7:a6:1c:64:51:70:6c:d5:c5:13:4e:f8:b1:88:27:
ea:31:ca:51:d3:cf:fc:e9:f0:e6:c9:13:79:fb:80:
1b:e5:19:4d:0e:67:2a:26:51:15:58:2d:ee:84:d3:
3d:82:77:e5:cb:b8:07:6a:10:70:48:87:46:6b:61:
6e:2c:32:d2:2c:e9:d8:20:79:15:e1:3b:2b:9f:6d:
42:15:bd:a2:08:75:77:6d:aa:28:65:3f:1b:fe:a5:
7a:3f:68:99:41:0d:47:56:fd:7f:a7:9c:c9:c1:79:
e9:06:ad:5e:f3:35:b7:1c:02:5c:f8:c9:be:fb:e2:
36:e4:f5:ca:65:e2:41:f5:00:3c:05:f2:fb:48:eb:
75:65:ad:f7:29:fd:75:c6:c4:1b:2f:de:79:62:ce:
be:aa:2d:ad:c4:38:84:ae:68:92:bc:0a:84:6c:be:
11:e2:0a:c8:e7:05:3e:d8:e8:39:79:bd:bf:a6:6e:
59:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:65:C3:5F:9A:22:1D:8D:E2:7A:AE:B2:F6:7B:FD:BE:D9:DD:FA:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1400::/38
Signature Algorithm: sha256WithRSAEncryption
58:54:20:32:20:05:98:15:00:ef:86:e2:44:a2:02:26:00:40:
e1:48:22:6f:56:f2:b7:4b:c3:24:12:5e:ee:84:92:87:69:6f:
04:cc:11:a9:c8:2e:40:22:b5:a0:5c:11:6e:a9:66:2d:e1:7a:
08:00:a4:a7:4d:b3:be:9f:f7:04:19:4c:d0:e6:e9:ae:4c:16:
b5:56:0d:b7:5f:77:4a:b3:6b:b2:14:a8:46:10:5c:d6:e9:99:
53:e3:e9:44:88:bc:d1:02:ea:8f:ec:74:bc:5d:a0:e3:f7:9c:
ec:17:c4:64:c1:82:e7:2d:46:96:ef:83:98:e6:62:cc:ca:1b:
27:a6:eb:e3:df:8a:1e:36:38:d7:3f:8b:bb:bf:88:88:75:d8:
9c:5e:ed:3d:b7:51:af:0c:93:4b:fd:a5:5d:6b:95:b5:b6:a7:
7c:6d:03:0c:31:8a:2d:06:c9:6d:60:65:62:34:96:96:86:0d:
4b:6b:06:89:29:fd:f6:41:31:20:e1:59:74:c1:fb:77:59:04:
50:3d:e6:c5:eb:5a:d8:5d:98:38:25:96:33:1d:87:fa:c6:7d:
ce:b7:ac:82:73:0f:9b:39:e1:9d:17:8f:f2:f5:82:44:7b:0b:
8b:2f:79:5f:1c:fe:2b:ef:65:e8:b1:2d:61:7e:a2:bf:fa:9e:
17:57:65:d4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURWyVebggM2luWob7tF8pWy2JrggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjIwMDIwMDVaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0ZGNmYTk4ZjQ3ZDg0NzU0N2M3YmMwMWQyNDA5ZWRjOWEzZjcxYWYxY2Jk
YjQ1MjIzZmYyMzc0OGJlNGYzMzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJxcBaVom5tjkmk41bEwYnF+D4uQwuMqP7zjoSIHgbMa2icRe4IM/NXRZIE
FHp8p11mvdRbGDG+lSM2Ne8XZir8P8rf4FPsf3fU16YcZFFwbNXFE074sYgn6jHK
UdPP/Onw5skTefuAG+UZTQ5nKiZRFVgt7oTTPYJ35cu4B2oQcEiHRmthbiwy0izp
2CB5FeE7K59tQhW9ogh1d22qKGU/G/6lej9omUENR1b9f6ecycF56QatXvM1txwC
XPjJvvviNuT1ymXiQfUAPAXy+0jrdWWt9yn9dcbEGy/eeWLOvqotrcQ4hK5okrwK
hGy+EeIKyOcFPtjoOXm9v6ZuWYcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRtZcNf
miIdjeJ6rrL2e/2+2d36eTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGZlMjc5Y2YtYjU1Zi00ZDk2LTk5NTgtZWMzZWNkNjRiMGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQU
MA0GCSqGSIb3DQEBCwUAA4IBAQBYVCAyIAWYFQDvhuJEogImAEDhSCJvVvK3S8Mk
El7uhJKHaW8EzBGpyC5AIrWgXBFuqWYt4XoIAKSnTbO+n/cEGUzQ5umuTBa1Vg23
X3dKs2uyFKhGEFzW6ZlT4+lEiLzRAuqP7HS8XaDj95zsF8RkwYLnLUaW74OY5mLM
yhsnpuvj34oeNjjXP4u7v4iIddicXu09t1GvDJNL/aVda5W1tqd8bQMMMYotBslt
YGViNJaWhg1LawaJKf32QTEg4Vl0wft3WQRQPebF61rYXZg4JZYzHYf6xn3Ot6yC
cw+bOeGdF4/y9YJEewuLL3lfHP4r72XosS1hfqK/+p4XV2XU
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:21 2025 by rpki-client