Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
File: 16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa (raw, json)
Hash identifier: k/hMnGIoQeNjxdkn8tnDqLFHl9+gH7x7y0XqbNCjrEs=
Subject key identifier: 3F:DC:57:ED:D2:35:BD:94:2D:08:5E:32:F7:47:07:FF:21:D8:0B:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 126BDC2568C8A94F26D069D6840A676F06E26A78
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
Signing time: Tue 21 Oct 2025 14:10:09 +0000
ROA not before: Tue 21 Oct 2025 14:10:09 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:6b:dc:25:68:c8:a9:4f:26:d0:69:d6:84:0a:67:6f:06:e2:6a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:10:09 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=1ac0f8f716c2d8de1376c79e1a0b17b0785018a0a17221fe945cf66c60107f38, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:46:4a:14:43:8c:3b:94:5f:e5:06:b1:f3:3b:
18:af:68:79:20:b6:cc:87:9c:8b:2b:0a:52:a3:76:
06:cf:c9:a6:8b:05:6a:20:d5:5f:61:da:b4:55:5f:
32:61:a3:be:e6:ae:80:fe:46:13:63:73:35:a8:74:
04:4e:c0:f3:4c:4b:d1:07:f2:df:5d:d6:cc:99:97:
5a:f7:da:c0:73:d4:92:a9:30:e7:d0:e1:e6:66:68:
88:11:65:e5:85:30:24:3a:0f:09:21:f2:28:57:48:
9f:bf:31:63:ba:35:3a:eb:ad:4c:99:f3:41:ed:f3:
fd:76:77:12:78:a1:e4:25:e2:5d:c9:da:41:a4:9f:
bc:95:8b:9a:b9:3f:ea:97:35:d1:af:bd:9b:79:52:
43:ff:03:f6:0a:09:bd:9e:56:80:36:bf:48:8a:d3:
48:1a:a8:24:c9:bd:a4:68:32:2b:ae:e7:d9:65:9d:
a7:4a:e9:4b:72:3f:3d:4d:37:f1:dc:12:5e:94:26:
bf:93:cb:3a:6e:bc:ef:63:ef:d9:b2:c2:df:27:ec:
c3:84:81:c0:ec:0d:a3:d0:11:8a:e4:2f:98:6b:7b:
20:93:5a:2d:b3:16:97:da:97:00:2f:e3:95:22:e1:
46:9e:9e:b5:54:17:31:92:37:b2:1c:b4:d3:01:10:
b3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:DC:57:ED:D2:35:BD:94:2D:08:5E:32:F7:47:07:FF:21:D8:0B:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:b000::/40
Signature Algorithm: sha256WithRSAEncryption
66:61:c8:93:a5:e7:a8:78:0e:80:10:12:6b:63:c4:df:d5:a2:
e7:b5:dc:eb:54:a8:93:e1:1c:27:4d:be:b5:28:40:75:8a:61:
a7:67:1a:c3:a7:96:a2:99:25:e6:a5:c1:5b:d1:4a:49:a8:68:
f9:79:38:f9:d8:a8:f1:da:6b:3e:69:96:cd:03:e7:7d:9f:e7:
78:b1:16:bf:90:bd:51:8c:c0:ff:64:63:35:a9:45:7b:1f:d2:
32:8a:e1:4a:f4:95:1b:71:b5:80:80:fe:a1:b6:eb:fd:60:e2:
e6:b1:04:72:fb:08:83:9e:f2:c4:b9:0c:1e:ff:4b:39:28:d7:
95:92:87:79:e2:8e:01:aa:80:50:3c:c3:11:56:ec:69:24:4b:
bb:ea:49:7b:7f:ad:52:16:f7:e4:a6:27:06:1b:0d:f6:ab:4e:
06:ab:66:ae:22:f1:dc:c9:75:7c:1a:0b:21:05:09:f6:bc:31:
14:42:20:34:b5:6b:aa:45:8e:a9:42:3e:5a:da:2e:ab:75:de:
59:fd:15:79:16:f1:82:15:41:d7:59:bb:a1:18:23:14:55:d8:
ce:b9:52:60:10:0b:f2:ae:71:b0:0d:6e:6a:db:f1:78:a1:40:
95:61:d1:b6:fb:43:5e:1f:03:ce:6b:42:42:9c:fd:e7:0d:c8:
92:2f:5c:e0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEmvcJWjIqU8m0GnWhApnbwbiangwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDEwMDlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhYzBmOGY3MTZjMmQ4ZGUxMzc2Yzc5ZTFhMGIxN2IwNzg1MDE4YTBhMTcy
MjFmZTk0NWNmNjZjNjAxMDdmMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZGShRDjDuUX+UGsfM7GK9oeSC2zIeciysKUqN2Bs/JposFaiDVX2HatFVf
MmGjvuaugP5GE2NzNah0BE7A80xL0Qfy313WzJmXWvfawHPUkqkw59Dh5mZoiBFl
5YUwJDoPCSHyKFdIn78xY7o1OuutTJnzQe3z/XZ3Enih5CXiXcnaQaSfvJWLmrk/
6pc10a+9m3lSQ/8D9goJvZ5WgDa/SIrTSBqoJMm9pGgyK67n2WWdp0rpS3I/PU03
8dwSXpQmv5PLOm6872Pv2bLC3yfsw4SBwOwNo9ARiuQvmGt7IJNaLbMWl9qXAC/j
lSLhRp6etVQXMZI3shy00wEQsysCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ/3Fft
0jW9lC0IXjL3Rwf/IdgLKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTZlODNkODktOWMyOS00ZDcwLTlkMWQtODVlNGRjN2UzZDZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hiw
MA0GCSqGSIb3DQEBCwUAA4IBAQBmYciTpeeoeA6AEBJrY8Tf1aLntdzrVKiT4Rwn
Tb61KEB1imGnZxrDp5aimSXmpcFb0UpJqGj5eTj52Kjx2ms+aZbNA+d9n+d4sRa/
kL1RjMD/ZGM1qUV7H9IyiuFK9JUbcbWAgP6htuv9YOLmsQRy+wiDnvLEuQwe/0s5
KNeVkod54o4BqoBQPMMRVuxpJEu76kl7f61SFvfkpicGGw32q04Gq2auIvHcyXV8
GgshBQn2vDEUQiA0tWuqRY6pQj5a2i6rdd5Z/RV5FvGCFUHXWbuhGCMUVdjOuVJg
EAvyrnGwDW5q2/F4oUCVYdG2+0NeHwPOa0JCnP3nDciSL1zg
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:13 2025 by rpki-client