Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
File: 2331f846-3447-4dea-ac7a-63323853ebb9.roa (raw, json)
Hash identifier: fKzYRPL8GZ0sERutCaIFlaUjD2/hO/KhOVRsqFhHygU=
Subject key identifier: C8:5F:68:58:29:8A:12:B1:A5:EA:C3:25:F0:FD:FF:F3:6B:C8:8F:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 537B16589897AEB7BCEB2BB76C999D873B8CBEB0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
Signing time: Tue 21 Oct 2025 13:50:41 +0000
ROA not before: Tue 21 Oct 2025 13:50:41 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:7b:16:58:98:97:ae:b7:bc:eb:2b:b7:6c:99:9d:87:3b:8c:be:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:41 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=e483413f72d1de359cc801e6d8dfed2daeeb6b0750cd56ba26ce03f850f52b7d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:43:55:72:ce:32:92:1d:f5:da:0e:6f:63:a3:
2f:56:24:10:fa:98:74:4e:b1:af:3b:45:47:e8:f1:
83:61:df:d5:53:47:59:b4:94:d3:cf:7a:a5:dc:44:
56:d1:7e:88:e7:2e:18:da:16:de:81:aa:fa:ed:fb:
07:48:dd:64:a9:c1:21:92:0d:f5:ee:04:2e:8d:02:
48:2a:ce:98:c9:86:0e:0f:c0:cc:b0:b2:cf:d9:61:
68:1f:3b:9b:1c:88:21:62:16:c8:72:d0:e1:0a:8e:
ef:04:19:e7:20:e2:4e:e3:04:85:33:e7:fe:e8:71:
6d:79:d8:de:b6:9e:16:5a:1c:75:52:f6:d7:59:14:
ee:92:86:46:11:7e:a1:e5:05:e7:13:e1:77:37:15:
d4:67:93:fb:b3:d7:6d:03:e3:d9:a5:b9:aa:25:d5:
19:87:37:bc:c0:1b:03:3b:68:be:0b:88:d3:0b:53:
06:7c:87:9e:fc:c4:a8:f6:2b:2d:2c:73:25:08:10:
e0:c3:73:e0:55:04:71:c4:e1:cc:82:5e:68:f4:ec:
3d:11:5f:17:4d:cc:50:b5:c6:7e:3b:9b:26:3b:25:
03:2b:f8:7b:08:8c:4d:30:be:43:3d:07:ad:a4:96:
9a:20:74:04:98:6a:04:a1:45:fa:2d:48:b3:23:c4:
2a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:5F:68:58:29:8A:12:B1:A5:EA:C3:25:F0:FD:FF:F3:6B:C8:8F:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c8:64:80:be:aa:73:03:59:64:e8:d6:e0:cc:84:49:8b:02:86:
89:91:76:41:16:5b:f6:63:32:36:32:5f:a7:7e:f1:56:f8:14:
ac:2b:93:cc:79:0d:b3:e7:0a:36:18:82:fc:83:43:5d:66:43:
54:46:8f:d7:fe:28:7d:5e:a0:3c:01:1d:14:dd:8a:48:3a:8a:
15:91:41:7f:c9:87:81:4e:cd:74:cd:2a:46:2f:f2:ea:40:60:
99:85:4f:c8:67:c8:83:d0:e5:72:24:8b:1f:df:5c:46:f4:14:
96:09:ce:86:77:88:18:70:e0:58:ee:a2:93:64:8c:52:e6:79:
a8:53:a1:f5:a5:dd:74:47:3c:58:ec:97:04:be:23:d0:93:b4:
0c:f4:8e:f0:34:75:2c:46:79:b8:cc:ce:cd:f3:bb:28:9d:75:
e0:71:22:65:a8:07:93:ae:8b:41:23:61:3e:a6:07:40:ec:e5:
53:cb:88:fd:ec:28:92:92:cf:3b:a2:a6:a7:d9:0a:1a:86:72:
75:a5:f0:8f:a8:de:a7:e2:58:a6:54:51:b9:fd:7f:99:2c:4f:
60:f2:fb:da:5c:57:22:91:e0:7a:4c:9c:2d:d5:e0:49:9a:71:
08:e5:fd:4d:41:41:86:12:8d:67:6a:72:2c:92:11:88:c4:d8:
5f:3e:7f:0d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUU3sWWJiXrre86yu3bJmdhzuMvrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwNDFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0ODM0MTNmNzJkMWRlMzU5Y2M4MDFlNmQ4ZGZlZDJkYWVlYjZiMDc1MGNk
NTZiYTI2Y2UwM2Y4NTBmNTJiN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFDVXLOMpId9doOb2OjL1YkEPqYdE6xrztFR+jxg2Hf1VNHWbSU0896pdxE
VtF+iOcuGNoW3oGq+u37B0jdZKnBIZIN9e4ELo0CSCrOmMmGDg/AzLCyz9lhaB87
mxyIIWIWyHLQ4QqO7wQZ5yDiTuMEhTPn/uhxbXnY3raeFlocdVL211kU7pKGRhF+
oeUF5xPhdzcV1GeT+7PXbQPj2aW5qiXVGYc3vMAbAztovguI0wtTBnyHnvzEqPYr
LSxzJQgQ4MNz4FUEccThzIJeaPTsPRFfF03MULXGfjubJjslAyv4ewiMTTC+Qz0H
raSWmiB0BJhqBKFF+i1IsyPEKgsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTIX2hY
KYoSsaXqwyXw/f/za8iPqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjMzMWY4NDYtMzQ0Ny00ZGVhLWFjN2EtNjMzMjM4NTNlYmI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8g
MA0GCSqGSIb3DQEBCwUAA4IBAQDIZIC+qnMDWWTo1uDMhEmLAoaJkXZBFlv2YzI2
Ml+nfvFW+BSsK5PMeQ2z5wo2GIL8g0NdZkNURo/X/ih9XqA8AR0U3YpIOooVkUF/
yYeBTs10zSpGL/LqQGCZhU/IZ8iD0OVyJIsf31xG9BSWCc6Gd4gYcOBY7qKTZIxS
5nmoU6H1pd10RzxY7JcEviPQk7QM9I7wNHUsRnm4zM7N87sonXXgcSJlqAeTrotB
I2E+pgdA7OVTy4j97CiSks87oqan2QoahnJ1pfCPqN6n4limVFG5/X+ZLE9g8vva
XFcikeB6TJwt1eBJmnEI5f1NQUGGEo1nanIskhGIxNhfPn8N
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:21:13 2025 by rpki-client