Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa
File: 290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa (raw, json)
Hash identifier: PsFllUeHse7/EuWUJZqdhY/brHO68yxrdak4BhPoQJI=
Subject key identifier: C5:27:7A:1C:1F:41:A2:65:F9:CD:D5:F5:F0:B4:90:0D:4F:D5:61:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 500724166E222E7A89BE15BFFF0DC541D27FFB1B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa
Signing time: Tue 21 Oct 2025 13:50:03 +0000
ROA not before: Tue 21 Oct 2025 13:50:03 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:07:24:16:6e:22:2e:7a:89:be:15:bf:ff:0d:c5:41:d2:7f:fb:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:03 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=06e27fe74168272621aa48c49845f56a58030f18c7a361f7a103cfc5a914ebeb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a0:7e:49:63:a9:7f:4c:10:a6:c2:ba:43:bf:
97:05:52:5e:cc:1a:f8:64:9b:8c:6c:41:63:8a:9c:
1b:24:32:5c:a5:1e:8a:f1:15:16:cd:34:d4:35:3b:
73:de:f2:81:b4:27:37:17:06:72:47:9e:a6:9c:f8:
e9:6e:72:00:91:cb:3e:10:f5:e2:e3:9c:03:42:89:
c2:e5:99:f4:fd:3b:24:bd:7a:2e:3f:f6:2b:cd:04:
f4:5e:38:0f:24:55:20:02:9f:a3:3e:fa:51:9e:d8:
98:dc:ae:58:02:7f:8d:bc:3c:2f:e1:3a:69:28:ab:
78:3c:2e:f6:ee:d3:a1:d2:94:c5:44:03:76:28:24:
48:e9:04:bb:05:3d:60:1a:56:40:b3:54:56:ff:e0:
58:ab:5b:24:d4:ef:cf:2e:34:1d:bf:fa:0b:67:d5:
08:66:2f:bf:74:70:66:64:48:77:bc:7d:82:f9:62:
72:82:67:69:ff:d3:db:eb:5e:af:0d:67:14:60:b6:
29:4c:81:84:fa:38:77:24:0b:a2:9a:16:78:fe:c5:
af:68:52:c2:ee:ce:75:cf:58:fd:c5:ec:ec:06:51:
97:d0:6a:af:f7:19:03:ad:66:44:06:d3:8e:21:57:
2f:67:ef:ac:c7:42:c6:5e:7e:ac:78:2b:86:af:e5:
52:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:27:7A:1C:1F:41:A2:65:F9:CD:D5:F5:F0:B4:90:0D:4F:D5:61:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b::/36
Signature Algorithm: sha256WithRSAEncryption
5f:ef:42:58:9a:fc:be:e2:af:36:6c:96:87:b2:6f:7b:cc:fa:
07:8b:fd:ea:d0:17:ad:8f:ed:b7:26:7e:88:8f:59:12:3a:72:
3d:15:06:11:3c:d1:b1:74:f6:89:ff:3a:7d:6a:3c:e5:b4:2b:
95:4c:dd:cb:ef:64:14:83:f6:ee:87:95:58:1f:c3:ab:05:ff:
84:97:d8:06:19:ad:2c:15:00:b0:59:30:98:27:42:b8:4f:7a:
7d:34:ee:2e:9f:c6:ea:f5:84:60:00:2e:e6:7d:ca:c8:8a:f0:
a2:c2:f3:4e:5e:fa:6d:d8:2d:b3:f4:8a:a5:57:51:c5:5f:ce:
3b:ec:6a:c7:57:d6:57:df:51:ca:27:02:43:b1:6c:26:4f:26:
c6:d5:6b:1a:14:2f:12:fb:b0:65:a3:69:c8:dc:26:48:36:25:
ef:d4:85:c4:96:32:be:03:ad:38:41:40:ed:01:96:d4:fa:9c:
53:60:be:d8:d3:e3:46:65:86:2d:6d:d1:8a:08:b5:d0:19:73:
02:e7:5f:99:ce:0c:b6:17:cc:42:77:de:3a:1a:76:2c:6c:c5:
ed:4b:39:f3:55:4e:b4:f4:b2:8b:4f:a9:a9:7f:5a:36:d9:c6:
14:54:47:f3:a4:a5:fe:8f:2c:ac:0f:09:5d:8a:05:74:7f:f8:
5a:91:60:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUAckFm4iLnqJvhW//w3FQdJ/+xswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwMDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2ZTI3ZmU3NDE2ODI3MjYyMWFhNDhjNDk4NDVmNTZhNTgwMzBmMThjN2Ez
NjFmN2ExMDNjZmM1YTkxNGViZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMygfkljqX9MEKbCukO/lwVSXswa+GSbjGxBY4qcGyQyXKUeivEVFs001DU7
c97ygbQnNxcGckeeppz46W5yAJHLPhD14uOcA0KJwuWZ9P07JL16Lj/2K80E9F44
DyRVIAKfoz76UZ7YmNyuWAJ/jbw8L+E6aSireDwu9u7TodKUxUQDdigkSOkEuwU9
YBpWQLNUVv/gWKtbJNTvzy40Hb/6C2fVCGYvv3RwZmRId7x9gvlicoJnaf/T2+te
rw1nFGC2KUyBhPo4dyQLopoWeP7Fr2hSwu7Odc9Y/cXs7AZRl9Bqr/cZA61mRAbT
jiFXL2fvrMdCxl5+rHgrhq/lUj8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFJ3oc
H0GiZfnN1fXwtJANT9VhDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjkwZTY3YzctN2I3NS00YjlkLWFiYzYtMGMzZWMzNGMxNTI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CsA
MA0GCSqGSIb3DQEBCwUAA4IBAQBf70JYmvy+4q82bJaHsm97zPoHi/3q0Betj+23
Jn6Ij1kSOnI9FQYRPNGxdPaJ/zp9ajzltCuVTN3L72QUg/buh5VYH8OrBf+El9gG
Ga0sFQCwWTCYJ0K4T3p9NO4un8bq9YRgAC7mfcrIivCiwvNOXvpt2C2z9IqlV1HF
X8477GrHV9ZX31HKJwJDsWwmTybG1WsaFC8S+7Blo2nI3CZINiXv1IXEljK+A604
QUDtAZbU+pxTYL7Y0+NGZYYtbdGKCLXQGXMC51+Zzgy2F8xCd946GnYsbMXtSznz
VU609LKLT6mpf1o22cYUVEfzpKX+jyysDwldigV0f/hakWBf
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:54 2025 by rpki-client