Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
File: 1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa (raw, json)
Hash identifier: X/xlyJvEZE/aqum3WVpdkOM2aU0qBuirM0zjsE8vGmE=
Subject key identifier: FD:B3:39:72:01:45:39:BD:BA:1C:92:FB:5C:E1:A3:73:D2:7E:F7:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 62EE1FA2161C1C13507D6193ED1E5D0CCDF02907
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
Signing time: Tue 21 Oct 2025 13:40:29 +0000
ROA not before: Tue 21 Oct 2025 13:40:29 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:ee:1f:a2:16:1c:1c:13:50:7d:61:93:ed:1e:5d:0c:cd:f0:29:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:40:29 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=475994aef5e011c1a760b1dcf9711db120416b00be100ca9e37e35c9b36f6484, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:06:4a:f6:c4:77:2e:69:1e:d8:72:1a:02:64:
3f:ae:b0:82:e9:52:88:1e:98:fd:5e:e2:f6:5b:20:
95:10:c6:ce:2f:e7:e8:f7:a6:d1:57:d7:97:c3:70:
75:fe:11:8b:a8:c8:e8:72:83:ab:f4:2c:ee:3d:80:
eb:23:b5:b4:21:d9:ec:01:56:e3:16:10:cb:5f:85:
38:2e:37:c4:c0:f9:f5:cb:c0:cd:1e:8d:8f:e3:da:
43:9e:c1:be:db:d6:64:fc:3e:9e:69:ac:56:83:d6:
0c:56:1a:0f:1c:e8:0a:f7:0e:92:de:e9:be:8e:22:
b8:e0:89:15:8f:29:6c:e6:c1:a5:f9:d2:44:1d:5c:
ea:99:ee:2f:45:5e:a0:38:42:58:d0:84:2e:a7:05:
aa:62:3a:a7:f0:7c:b5:7a:a8:d9:da:54:7c:ff:a8:
ba:59:a1:6c:74:c5:65:5d:89:ae:4e:c0:0c:e3:79:
9d:5e:ab:77:84:6c:46:59:78:c2:3c:b2:ed:42:1b:
4f:48:18:1e:33:1f:ab:da:d4:0f:f9:3a:74:ee:91:
dc:0b:3e:4f:35:8f:02:38:8b:d0:3a:70:3c:ed:65:
c1:cf:a3:3c:e1:f2:17:dc:c3:7e:3a:88:37:14:66:
62:3e:73:00:cf:2d:b0:bb:67:ce:09:4c:62:cc:33:
56:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B3:39:72:01:45:39:BD:BA:1C:92:FB:5C:E1:A3:73:D2:7E:F7:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e000::/40
Signature Algorithm: sha256WithRSAEncryption
5d:0c:f2:ec:bb:c5:90:e2:f8:0c:b0:1d:ca:f1:04:85:ea:bc:
f9:b1:e9:ea:de:c5:15:ae:f2:fd:c7:d1:b8:d2:56:41:fc:89:
b5:82:22:84:15:d8:35:5c:05:b1:f9:a9:c1:ae:0f:04:de:3c:
13:19:74:b2:ac:41:87:cb:53:3d:ee:2e:d0:e3:e9:67:e7:8a:
60:be:98:4a:57:e3:d7:59:d6:32:85:74:26:76:cc:15:32:77:
0a:d5:d8:92:c1:f4:6f:99:34:f3:12:4f:55:78:b9:94:86:47:
ce:f3:a9:b7:d8:6e:b4:58:de:f5:53:4a:e2:f6:3d:cb:9a:1e:
28:f2:cf:1c:a3:e6:20:4f:f7:76:da:05:f5:eb:25:36:34:99:
76:02:fe:1f:20:95:49:bf:eb:a6:b7:76:33:5a:3d:37:8f:f1:
8f:06:be:b7:b6:36:9d:1c:e9:85:0c:a8:b3:e5:91:2a:88:7a:
eb:c1:ef:81:94:a1:42:f2:25:36:57:5b:6c:5a:64:58:2f:43:
9a:7f:ea:3b:7f:b2:a6:34:4c:1e:ff:19:44:e9:c5:43:55:df:
3a:4d:60:73:d8:ea:85:6e:c1:22:61:e9:c5:ab:0b:43:3b:c4:
f7:2c:66:7e:27:08:8f:65:44:8e:5e:d5:aa:d5:f2:4e:8c:51:
e3:07:86:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYu4fohYcHBNQfWGT7R5dDM3wKQcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzQwMjlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3NTk5NGFlZjVlMDExYzFhNzYwYjFkY2Y5NzExZGIxMjA0MTZiMDBiZTEw
MGNhOWUzN2UzNWM5YjM2ZjY0ODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAGSvbEdy5pHthyGgJkP66wgulSiB6Y/V7i9lsglRDGzi/n6Pem0VfXl8Nw
df4Ri6jI6HKDq/Qs7j2A6yO1tCHZ7AFW4xYQy1+FOC43xMD59cvAzR6Nj+PaQ57B
vtvWZPw+nmmsVoPWDFYaDxzoCvcOkt7pvo4iuOCJFY8pbObBpfnSRB1c6pnuL0Ve
oDhCWNCELqcFqmI6p/B8tXqo2dpUfP+oulmhbHTFZV2Jrk7ADON5nV6rd4RsRll4
wjyy7UIbT0gYHjMfq9rUD/k6dO6R3As+TzWPAjiL0DpwPO1lwc+jPOHyF9zDfjqI
NxRmYj5zAM8tsLtnzglMYswzVoMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT9szly
AUU5vbockvtc4aNz0n73eDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4NzU3YTMtNWIwZS00NDczLTlhM2ItODc2Y2MxMzRlMmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADg
MA0GCSqGSIb3DQEBCwUAA4IBAQBdDPLsu8WQ4vgMsB3K8QSF6rz5senq3sUVrvL9
x9G40lZB/Im1giKEFdg1XAWx+anBrg8E3jwTGXSyrEGHy1M97i7Q4+ln54pgvphK
V+PXWdYyhXQmdswVMncK1diSwfRvmTTzEk9VeLmUhkfO86m32G60WN71U0ri9j3L
mh4o8s8co+YgT/d22gX16yU2NJl2Av4fIJVJv+umt3YzWj03j/GPBr63tjadHOmF
DKiz5ZEqiHrrwe+BlKFC8iU2V1tsWmRYL0Oaf+o7f7KmNEwe/xlE6cVDVd86TWBz
2OqFbsEiYenFqwtDO8T3LGZ+JwiPZUSOXtWq1fJOjFHjB4aO
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:26 2025 by rpki-client