Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
File: 1ec007f6-6684-43b6-8751-2e5b258a98b3.roa (raw, json)
Hash identifier: zFfFc0/68KROqOcsVXzpZ7B4HA/YUhIy5bLfNa5Uw+w=
Subject key identifier: 21:43:29:6F:E5:55:77:ED:C2:C0:6E:FB:38:82:FB:CC:3F:6B:9F:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09E1B71F4380F8570F5B553B9C75E22A1326D18D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
Signing time: Tue 21 Oct 2025 13:30:41 +0000
ROA not before: Tue 21 Oct 2025 13:30:41 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:e1:b7:1f:43:80:f8:57:0f:5b:55:3b:9c:75:e2:2a:13:26:d1:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:30:41 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=5c8a8e7e04e149a141c07e915dc4e81e2692e1a952615f1bdc8ef73db9db805a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d2:7c:d8:ad:34:8f:b9:59:93:60:40:d5:b0:
f9:23:b8:86:ba:25:53:1d:e7:ba:6a:85:d6:15:22:
be:13:b3:0e:99:28:1e:d3:13:8a:4d:9a:69:79:74:
4d:12:9e:ca:37:79:c8:44:aa:8b:01:01:1c:ae:87:
57:2c:43:39:fc:d8:26:fb:30:e4:c1:24:91:22:7d:
84:0d:75:9e:8b:c3:b0:80:49:7f:ea:d4:5a:36:95:
c8:fd:74:4b:f5:1a:00:34:30:4a:e7:23:94:e5:49:
8b:66:60:a6:df:c4:54:01:b0:40:41:c0:69:11:0c:
49:58:e8:16:31:ea:c8:ea:59:72:50:6e:14:2a:0d:
76:f7:18:d9:a3:f0:74:a3:88:e7:b2:d2:78:57:6d:
cc:27:a1:50:74:99:d3:49:bc:6f:f5:7f:cd:8d:23:
59:26:a5:38:08:bf:9c:87:8c:a0:e4:06:c3:6f:90:
5f:db:46:40:36:16:b7:6a:42:c1:79:69:fb:63:64:
02:e9:e8:a6:94:c6:3c:55:78:75:fb:45:10:6e:05:
fd:3a:81:a3:db:6d:88:fd:61:aa:58:cc:91:25:b5:
eb:7f:b4:3f:86:9c:33:1f:f6:71:57:7d:7a:92:4e:
c6:90:a9:c4:e4:56:e2:c8:74:3c:81:96:75:d6:0f:
03:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:43:29:6F:E5:55:77:ED:C2:C0:6E:FB:38:82:FB:CC:3F:6B:9F:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:2000::/40
Signature Algorithm: sha256WithRSAEncryption
77:bf:98:04:73:d3:fd:21:14:fc:3d:8b:20:6d:97:29:ac:48:
26:b3:43:45:b1:f9:25:b1:31:0b:35:1b:e2:dd:28:3d:62:4a:
95:3d:3e:ed:19:79:3a:da:f0:24:ef:50:7b:b6:84:67:11:da:
40:f7:6a:1d:06:ab:a7:c4:3a:96:bc:87:07:9d:43:30:eb:7c:
6a:ad:e0:d5:c4:07:db:6e:7a:b0:96:63:d8:cd:ef:0c:86:16:
86:31:27:2c:9f:91:2b:a3:68:9a:5a:1e:cb:3d:cb:8f:22:b4:
b9:61:bc:19:9d:14:e8:0d:64:dd:f4:54:42:33:b4:f5:0c:ca:
25:b5:c5:93:e8:d1:1f:a7:58:09:b1:89:09:6a:b9:ac:7e:30:
e4:1c:c2:94:07:59:cb:01:66:cc:f1:24:3b:2e:f8:33:16:88:
e0:83:2c:be:32:38:8e:44:a9:93:16:9c:0d:cf:51:7e:4c:55:
4c:d2:47:66:c6:cd:81:b4:d1:93:80:f7:62:6c:85:e1:40:18:
83:f3:fd:b2:8c:30:16:d9:32:5f:93:28:19:bf:55:10:6a:f8:
0a:f9:26:90:61:ed:04:b2:0f:31:ad:b4:92:30:94:82:72:1c:
30:04:3b:83:ab:d5:4c:c6:60:a7:4f:3a:56:4d:ae:e1:8d:6b:
8a:5e:60:33
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCeG3H0OA+FcPW1U7nHXiKhMm0Y0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMwNDFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjOGE4ZTdlMDRlMTQ5YTE0MWMwN2U5MTVkYzRlODFlMjY5MmUxYTk1MjYx
NWYxYmRjOGVmNzNkYjlkYjgwNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzSfNitNI+5WZNgQNWw+SO4hrolUx3numqF1hUivhOzDpkoHtMTik2aaXl0
TRKeyjd5yESqiwEBHK6HVyxDOfzYJvsw5MEkkSJ9hA11novDsIBJf+rUWjaVyP10
S/UaADQwSucjlOVJi2Zgpt/EVAGwQEHAaREMSVjoFjHqyOpZclBuFCoNdvcY2aPw
dKOI57LSeFdtzCehUHSZ00m8b/V/zY0jWSalOAi/nIeMoOQGw2+QX9tGQDYWt2pC
wXlp+2NkAunoppTGPFV4dftFEG4F/TqBo9ttiP1hqljMkSW163+0P4acMx/2cVd9
epJOxpCpxORW4sh0PIGWddYPA1kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQhQylv
5VV37cLAbvs4gvvMP2ufSTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVjMDA3ZjYtNjY4NC00M2I2LTg3NTEtMmU1YjI1OGE5OGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQg
MA0GCSqGSIb3DQEBCwUAA4IBAQB3v5gEc9P9IRT8PYsgbZcprEgms0NFsfklsTEL
NRvi3Sg9YkqVPT7tGXk62vAk71B7toRnEdpA92odBqunxDqWvIcHnUMw63xqreDV
xAfbbnqwlmPYze8MhhaGMScsn5Ero2iaWh7LPcuPIrS5YbwZnRToDWTd9FRCM7T1
DMoltcWT6NEfp1gJsYkJarmsfjDkHMKUB1nLAWbM8SQ7LvgzFojggyy+MjiORKmT
FpwNz1F+TFVM0kdmxs2BtNGTgPdibIXhQBiD8/2yjDAW2TJfkygZv1UQavgK+SaQ
Ye0Esg8xrbSSMJSCchwwBDuDq9VMxmCnTzpWTa7hjWuKXmAz
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:24 2025 by rpki-client