Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
File: 1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa (raw, json)
Hash identifier: oGbq3F2f4eewkYx7APYFIdgytShMzjQZT2QTrZxEzPw=
Subject key identifier: D8:4C:B0:01:CF:EB:56:2C:8C:7F:A0:79:13:8C:74:5F:96:8D:3E:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5722F237684252E8DD9662F4A584DC5A3ECC7B36
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
Signing time: Tue 21 Oct 2025 14:10:40 +0000
ROA not before: Tue 21 Oct 2025 14:10:40 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:22:f2:37:68:42:52:e8:dd:96:62:f4:a5:84:dc:5a:3e:cc:7b:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:10:40 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=4f981ed75ee58e862782ebfa173b03946e998a47bcdf111a1eb6be54fd21fac2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a6:7a:c5:f1:84:97:dd:e2:39:2c:8a:c1:9a:
a0:e7:5f:80:5c:cd:7f:54:4d:c5:74:6e:fb:bd:40:
49:1c:b1:20:52:e9:3c:05:b1:b6:fd:eb:01:72:b5:
47:a6:ac:1d:a7:9a:aa:02:c4:68:7e:9c:02:0d:d1:
ba:c4:88:72:72:26:c7:4a:f6:c7:41:6a:17:83:88:
d4:eb:ba:ed:fa:5b:43:ed:2b:e7:6d:03:c6:6e:70:
55:ac:df:2e:e1:3d:dd:04:fc:b6:74:21:98:b4:de:
2d:d9:a9:38:fa:c6:85:a7:ee:d2:25:16:9c:4c:a7:
1e:6d:fe:fa:9a:2a:ef:15:02:af:16:95:ea:3c:cd:
51:ca:8c:9c:27:38:48:3d:73:64:6e:88:fa:d7:80:
c7:f5:4f:09:b7:b1:fc:6c:d4:10:c0:48:f7:0a:57:
be:16:7b:e0:3b:cc:12:d7:b7:ba:79:1f:63:f9:4b:
03:06:1c:40:a7:5d:4d:dc:27:f2:c7:ab:43:e3:f3:
d3:fc:ae:ed:8d:82:35:7b:50:e4:48:e5:36:25:26:
49:81:8f:85:3c:7c:88:ab:92:8b:fd:00:97:6b:21:
b1:cc:7f:3e:3a:7b:d9:42:b7:ee:a9:ae:0a:4b:a1:
63:ec:56:d2:22:bd:fb:31:bd:33:47:65:8c:8a:2d:
09:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:4C:B0:01:CF:EB:56:2C:8C:7F:A0:79:13:8C:74:5F:96:8D:3E:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a040::/48
Signature Algorithm: sha256WithRSAEncryption
10:36:49:04:28:5e:1b:31:f5:a3:37:50:e5:3a:80:ba:3f:67:
8f:0a:33:7f:57:63:11:31:54:01:34:4d:70:b0:7b:7c:d6:5d:
88:f8:fb:8a:d4:fc:a9:db:59:5b:50:c4:a0:33:17:58:1e:3c:
8d:a6:89:9d:6d:ad:3c:e6:99:d8:53:9f:12:28:d6:91:3e:87:
35:3e:be:44:0e:49:f3:8f:37:25:cc:ff:e9:79:89:ae:43:65:
a6:8a:69:4d:87:f3:60:10:8f:0e:13:0d:e9:b8:9d:ce:be:37:
b0:15:32:47:93:c4:b2:95:02:7d:aa:86:15:88:3f:3f:18:a6:
5f:c5:cf:26:91:7a:04:95:34:c1:95:ac:99:e1:30:6f:3a:65:
49:3d:ea:e8:af:9c:78:8e:ee:b2:11:3f:f3:ea:48:72:fa:41:
ba:de:b4:c3:b2:2d:ab:94:02:c1:13:c0:12:97:3f:9d:f3:70:
cf:11:ca:3c:17:8a:23:8f:66:a1:b3:63:73:63:9d:5c:ec:b6:
8b:8d:30:34:cf:6a:0a:cc:4e:b0:9e:a4:b9:af:ea:cd:80:a5:
87:40:88:2c:3a:8c:d8:e3:23:40:96:c9:58:a0:8e:60:61:75:
47:56:2d:6f:7d:b8:b0:f7:16:21:da:eb:62:0f:a2:84:1b:8d:
d8:71:81:82
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVyLyN2hCUujdlmL0pYTcWj7MezYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDEwNDBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmOTgxZWQ3NWVlNThlODYyNzgyZWJmYTE3M2IwMzk0NmU5OThhNDdiY2Rm
MTExYTFlYjZiZTU0ZmQyMWZhYzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKmesXxhJfd4jksisGaoOdfgFzNf1RNxXRu+71ASRyxIFLpPAWxtv3rAXK1
R6asHaeaqgLEaH6cAg3RusSIcnImx0r2x0FqF4OI1Ou67fpbQ+0r520Dxm5wVazf
LuE93QT8tnQhmLTeLdmpOPrGhafu0iUWnEynHm3++poq7xUCrxaV6jzNUcqMnCc4
SD1zZG6I+teAx/VPCbex/GzUEMBI9wpXvhZ74DvMEte3unkfY/lLAwYcQKddTdwn
8serQ+Pz0/yu7Y2CNXtQ5EjlNiUmSYGPhTx8iKuSi/0Al2shscx/Pjp72UK37qmu
CkuhY+xW0iK9+zG9M0dljIotCQkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTYTLAB
z+tWLIx/oHkTjHRflo0+qzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWM4MWFlODUtYTk3YS00MWM0LTk3ZjctMzMyN2NjZjBkYzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
QDANBgkqhkiG9w0BAQsFAAOCAQEAEDZJBCheGzH1ozdQ5TqAuj9njwozf1djETFU
ATRNcLB7fNZdiPj7itT8qdtZW1DEoDMXWB48jaaJnW2tPOaZ2FOfEijWkT6HNT6+
RA5J8483Jcz/6XmJrkNlpoppTYfzYBCPDhMN6bidzr43sBUyR5PEspUCfaqGFYg/
PximX8XPJpF6BJU0wZWsmeEwbzplST3q6K+ceI7ushE/8+pIcvpBut60w7Itq5QC
wRPAEpc/nfNwzxHKPBeKI49mobNjc2OdXOy2i40wNM9qCsxOsJ6kua/qzYClh0CI
LDqM2OMjQJbJWKCOYGF1R1Ytb324sPcWIdrrYg+ihBuN2HGBgg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:12:00 2025 by rpki-client