Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
File: 2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa (raw, json)
Hash identifier: 4Zm4XvLwxsLMWbvkNzQQS/PFiaCWEjYUqUrnjPEj8HU=
Subject key identifier: F3:AB:0D:44:89:A9:85:F1:FC:60:F4:0E:2B:FD:6A:19:E7:36:A0:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7ADAB57B0DD4CED9280C4D58669532271B6216EE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
Signing time: Wed 22 Oct 2025 00:20:06 +0000
ROA not before: Wed 22 Oct 2025 00:20:06 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:da:b5:7b:0d:d4:ce:d9:28:0c:4d:58:66:95:32:27:1b:62:16:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 22 00:20:06 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=d1c6124bf698fc6b28eb15d0a5af6f45053949806a351014dc4693d0867ec981, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3c:7a:3c:15:5c:27:58:ac:99:e9:3c:e3:08:
22:c6:94:95:b9:9e:8c:3e:0f:63:3c:f4:a2:c7:be:
be:3c:b0:0d:ab:fd:a8:9a:80:75:dc:80:e5:3a:ea:
81:68:b3:b5:1f:f5:ba:e3:da:ac:cd:07:bd:70:87:
62:9f:ae:b2:e1:07:46:1d:33:84:6a:da:b3:f1:d5:
83:c4:41:d4:1d:80:99:5e:0b:ad:31:a8:98:14:80:
ae:8e:a4:7b:47:25:31:27:0d:70:39:20:0e:83:30:
02:2c:1a:c8:83:36:01:25:a1:d1:bb:e5:d7:01:23:
11:e1:5f:39:c6:e0:aa:92:78:fe:d5:42:07:0a:68:
8f:19:f4:82:8b:8a:4e:bb:3a:76:3f:30:de:79:f1:
6b:ff:0e:1c:0f:6f:f5:f9:b2:be:33:eb:dd:c5:f5:
ad:6e:4b:c5:46:47:ad:24:3c:7a:25:f9:11:17:e2:
99:85:c1:d4:38:1e:72:27:0b:07:c8:1c:99:8b:36:
cc:ad:1e:e3:a3:3f:ed:aa:1b:e1:6a:b7:69:a7:a8:
0e:27:12:ce:0f:15:53:ec:3f:bc:d3:ae:92:d4:15:
30:fc:b4:09:a4:a4:84:9c:e6:b4:72:c1:c7:49:b6:
27:dc:5b:b4:74:b1:67:26:21:cc:52:a0:1a:88:92:
a3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AB:0D:44:89:A9:85:F1:FC:60:F4:0E:2B:FD:6A:19:E7:36:A0:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/35
Signature Algorithm: sha256WithRSAEncryption
32:25:81:cf:ea:d9:72:a0:07:07:63:47:bb:04:05:f6:33:ad:
e2:df:f8:c4:88:43:a5:23:e0:1b:14:6b:0b:9d:ec:4c:45:2f:
20:40:58:66:87:cd:d0:64:4c:03:4a:b0:0c:0f:a0:b3:f5:7e:
63:41:ee:04:c1:ca:ca:4f:fd:57:91:45:e2:ef:b0:7a:b8:f4:
d1:77:08:11:36:82:08:00:53:27:24:81:70:d1:89:00:70:cf:
8e:ae:e4:b8:06:42:db:ed:ad:76:6f:c5:60:e7:61:33:f8:fa:
4d:aa:90:c8:2d:d0:c7:68:5f:df:43:1f:2e:59:46:a0:3c:69:
30:ca:d6:21:1c:56:a1:96:91:80:b7:13:88:b4:ae:5d:f3:25:
03:c2:b0:0e:48:03:b0:12:20:ce:8c:33:cb:cb:28:b5:2a:f8:
fb:55:b1:46:7c:fe:9a:aa:0c:8a:e6:1e:4e:2d:5d:fe:34:b6:
59:42:45:0b:3d:a3:83:ed:29:c2:60:84:d3:2d:83:c1:93:0a:
9b:2f:7c:33:eb:d9:a7:6d:69:74:6d:4e:fe:e6:0e:bc:83:34:
33:79:f1:1e:a6:9a:9d:9c:d5:cd:a6:7c:98:8a:47:f6:42:87:
d1:04:27:e0:5f:c2:21:8f:36:f8:05:b3:78:b7:81:dc:06:eb:
88:4c:9a:43
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUetq1ew3UztkoDE1YZpUyJxtiFu4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjIwMDIwMDZaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxYzYxMjRiZjY5OGZjNmIyOGViMTVkMGE1YWY2ZjQ1MDUzOTQ5ODA2YTM1
MTAxNGRjNDY5M2QwODY3ZWM5ODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMg8ejwVXCdYrJnpPOMIIsaUlbmejD4PYzz0ose+vjywDav9qJqAddyA5Trq
gWiztR/1uuParM0HvXCHYp+usuEHRh0zhGras/HVg8RB1B2AmV4LrTGomBSAro6k
e0clMScNcDkgDoMwAiwayIM2ASWh0bvl1wEjEeFfOcbgqpJ4/tVCBwpojxn0gouK
Trs6dj8w3nnxa/8OHA9v9fmyvjPr3cX1rW5LxUZHrSQ8eiX5ERfimYXB1DgecicL
B8gcmYs2zK0e46M/7aob4Wq3aaeoDicSzg8VU+w/vNOuktQVMPy0CaSkhJzmtHLB
x0m2J9xbtHSxZyYhzFKgGoiSo5cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTzqw1E
iamF8fxg9A4r/WoZ5zagDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM1YmE2NzMtNmQ5YS00ZWYyLWI4YTAtMTFkMGRkYmYzMDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQAyJYHP6tlyoAcHY0e7BAX2M63i3/jEiEOlI+Ab
FGsLnexMRS8gQFhmh83QZEwDSrAMD6Cz9X5jQe4EwcrKT/1XkUXi77B6uPTRdwgR
NoIIAFMnJIFw0YkAcM+OruS4BkLb7a12b8Vg52Ez+PpNqpDILdDHaF/fQx8uWUag
PGkwytYhHFahlpGAtxOItK5d8yUDwrAOSAOwEiDOjDPLyyi1Kvj7VbFGfP6aqgyK
5h5OLV3+NLZZQkULPaOD7SnCYITTLYPBkwqbL3wz69mnbWl0bU7+5g68gzQzefEe
ppqdnNXNpnyYikf2QofRBCfgX8Ihjzb4BbN4t4HcBuuITJpD
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:39 2025 by rpki-client