Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
File: 2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa (raw, json)
Hash identifier: 7tQBpkqf2Mn4A/SKN3QlFZX5+TN3Ihb9QMBt988HmLs=
Subject key identifier: 35:32:1C:61:81:2F:9C:E9:BD:1B:DA:70:29:E6:43:40:CE:CE:A0:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40716E42E79335F67ED0B9A665B6AA74CC01B268
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
Signing time: Tue 21 Oct 2025 13:40:34 +0000
ROA not before: Tue 21 Oct 2025 13:40:34 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:71:6e:42:e7:93:35:f6:7e:d0:b9:a6:65:b6:aa:74:cc:01:b2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:40:34 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=6561e7acb3f293993965f3b14def3217cf1bf4d53bcb7273e456c51c8e8ac394, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:07:4f:e3:ec:36:0c:d5:02:07:11:d0:ac:86:
56:e7:bb:ea:6c:9d:26:6a:6a:19:9e:e4:26:a3:a7:
f9:f5:d4:5e:dc:de:1d:aa:db:78:19:d5:6c:c4:86:
0d:ad:73:f4:12:fd:75:00:81:25:d6:2d:54:95:91:
62:87:02:e8:11:b2:d0:b4:31:dd:7f:a5:0f:b5:f2:
3c:24:cd:89:49:93:a6:bd:a9:e1:ec:df:6d:0a:a6:
4b:05:5d:0d:54:83:07:78:b8:9b:d4:5d:79:95:a5:
44:19:29:70:0c:59:27:98:69:60:7a:d1:88:71:8c:
25:b0:27:8e:25:15:94:eb:11:12:3e:08:4b:40:08:
d4:9b:fe:d6:2c:41:f9:78:d9:ef:ed:7e:b3:f0:fc:
b3:41:2e:b9:6a:16:40:db:8c:ca:ef:25:cc:32:f7:
16:99:63:32:24:34:c6:e2:1c:0f:72:f0:01:28:3c:
2a:7e:b0:3c:22:65:d9:a7:50:72:a4:2a:38:b6:73:
68:08:f1:10:60:ea:68:ce:bd:74:21:d7:b1:77:d1:
54:9c:36:f3:1b:0a:4c:a1:67:53:fb:46:24:29:a7:
03:42:bc:0b:a2:96:96:66:9a:16:6e:b7:5e:45:d7:
44:58:20:92:c7:1b:b8:7b:79:6d:95:fd:86:f5:10:
69:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:32:1C:61:81:2F:9C:E9:BD:1B:DA:70:29:E6:43:40:CE:CE:A0:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:a000::/40
Signature Algorithm: sha256WithRSAEncryption
9c:6f:86:05:77:0e:a1:70:7d:74:0d:65:c1:2d:69:1f:99:0b:
d6:03:76:dc:bc:71:10:ec:59:01:d9:f7:a8:7d:0a:0b:ee:53:
0c:31:df:22:48:b5:51:11:be:26:86:29:15:7f:fe:50:bd:f2:
36:a2:a9:7d:5d:b8:80:3b:d5:fb:38:3e:e1:22:66:05:c2:5c:
90:dd:7c:ba:46:89:61:0b:8f:fc:e3:e2:18:5c:60:df:dd:ec:
0e:94:26:24:9b:15:ca:2c:27:44:72:35:03:f2:0a:44:d4:33:
0b:c9:54:f8:79:32:b1:a7:d3:e7:d6:53:c1:44:5b:85:9f:7f:
13:54:9d:c0:44:d6:84:fa:2c:fb:c8:ee:7b:62:1d:51:55:4a:
06:eb:10:d5:9d:fb:54:35:0b:4c:cb:bc:f0:4e:c1:71:3d:3f:
2c:1c:60:2c:a5:f0:d6:63:5c:93:77:4b:4d:80:68:ea:5a:5c:
d5:c0:7e:a1:33:2d:5b:43:cd:b8:e3:df:e3:cb:6e:05:12:2f:
ec:3f:6b:e9:52:dc:1e:3b:83:7c:1b:7c:45:61:de:d8:99:ac:
29:0d:f5:00:2f:68:4d:53:c3:f0:4a:66:38:5b:91:75:37:67:
c1:8e:3d:d6:3a:8f:d7:e3:d5:27:22:60:f0:aa:16:99:c9:e3:
ff:45:e7:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQHFuQueTNfZ+0LmmZbaqdMwBsmgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzQwMzRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1NjFlN2FjYjNmMjkzOTkzOTY1ZjNiMTRkZWYzMjE3Y2YxYmY0ZDUzYmNi
NzI3M2U0NTZjNTFjOGU4YWMzOTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEHT+PsNgzVAgcR0KyGVue76mydJmpqGZ7kJqOn+fXUXtzeHarbeBnVbMSG
Da1z9BL9dQCBJdYtVJWRYocC6BGy0LQx3X+lD7XyPCTNiUmTpr2p4ezfbQqmSwVd
DVSDB3i4m9RdeZWlRBkpcAxZJ5hpYHrRiHGMJbAnjiUVlOsREj4IS0AI1Jv+1ixB
+XjZ7+1+s/D8s0EuuWoWQNuMyu8lzDL3FpljMiQ0xuIcD3LwASg8Kn6wPCJl2adQ
cqQqOLZzaAjxEGDqaM69dCHXsXfRVJw28xsKTKFnU/tGJCmnA0K8C6KWlmaaFm63
XkXXRFggkscbuHt5bZX9hvUQaeUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1Mhxh
gS+c6b0b2nAp5kNAzs6gZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRjN2I1NjQtYzNlMS00OWVmLWE3OGMtZjM2ZjQxMzliNDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hig
MA0GCSqGSIb3DQEBCwUAA4IBAQCcb4YFdw6hcH10DWXBLWkfmQvWA3bcvHEQ7FkB
2feofQoL7lMMMd8iSLVREb4mhikVf/5QvfI2oql9XbiAO9X7OD7hImYFwlyQ3Xy6
RolhC4/84+IYXGDf3ewOlCYkmxXKLCdEcjUD8gpE1DMLyVT4eTKxp9Pn1lPBRFuF
n38TVJ3ARNaE+iz7yO57Yh1RVUoG6xDVnftUNQtMy7zwTsFxPT8sHGAspfDWY1yT
d0tNgGjqWlzVwH6hMy1bQ82449/jy24FEi/sP2vpUtweO4N8G3xFYd7YmawpDfUA
L2hNU8PwSmY4W5F1N2fBjj3WOo/X49UnImDwqhaZyeP/Reck
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:11 2025 by rpki-client