Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e49a1a2-dc4c-40c4-9c7e-f41c937ffb61.roa
File: 2e49a1a2-dc4c-40c4-9c7e-f41c937ffb61.roa (raw, json)
Hash identifier: IN3/DTDN2+1Ti9SjyDyIjrsZaUm1q3oDFVFyQqtOVvE=
Subject key identifier: 30:D2:82:3F:63:EA:9C:8A:35:38:54:E7:C4:E1:D1:10:11:92:17:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A3CA958D7A382D0FA3631466A0604A9B95A610F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e49a1a2-dc4c-40c4-9c7e-f41c937ffb61.roa
Signing time: Fri 24 Oct 2025 00:20:10 +0000
ROA not before: Fri 24 Oct 2025 00:20:10 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06d:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:3c:a9:58:d7:a3:82:d0:fa:36:31:46:6a:06:04:a9:b9:5a:61:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:10 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=b4e290689244399dcf2d037e389b73e51160250cc6174f62758205c18be64430, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f2:29:1e:95:34:18:12:f7:00:7c:d1:e7:6e:
6a:89:e0:a8:c7:ea:dd:2f:b7:52:7d:71:14:22:63:
fb:86:37:f8:e3:6b:a4:49:50:72:97:30:60:51:3c:
dc:c7:34:06:f0:96:31:4f:db:35:ba:be:56:fb:09:
a8:80:4a:6b:75:4a:80:50:6a:93:c5:28:a6:2b:62:
9c:ad:5f:9b:75:71:23:67:bd:3d:15:24:8a:22:c7:
8a:8b:d9:75:9a:a6:c7:99:c5:5f:3e:3e:1a:45:9b:
34:37:6d:f3:1b:80:27:0f:b6:9b:a6:e5:8f:cb:3c:
e2:ef:61:53:51:b1:84:73:be:1f:63:97:cf:0f:5b:
d1:04:cb:d5:37:f6:04:a0:3a:f3:42:98:8c:b7:d2:
58:fe:9a:0d:23:f7:f7:50:9d:7c:e1:cf:f5:ba:d3:
62:57:e3:36:91:a9:98:b9:8e:44:ca:37:4c:4a:d7:
e7:de:3b:c3:58:54:74:ee:7a:a3:ee:96:39:9f:97:
0f:5f:44:1b:09:92:29:87:8a:f9:b3:cb:81:0b:d1:
c5:f8:44:7d:96:c6:4c:a6:8c:a2:8e:e1:79:69:13:
28:d0:65:a3:a3:ce:be:60:06:a7:fb:4a:ad:39:fd:
b6:9f:1d:ad:db:d2:e6:31:51:c0:c5:20:63:77:68:
f0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D2:82:3F:63:EA:9C:8A:35:38:54:E7:C4:E1:D1:10:11:92:17:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e49a1a2-dc4c-40c4-9c7e-f41c937ffb61.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6040::/48
Signature Algorithm: sha256WithRSAEncryption
42:d0:1e:57:43:d5:fd:01:b6:32:9c:61:40:10:f5:bf:be:ee:
c1:f0:88:02:5b:40:8d:2c:f2:5e:57:e2:99:af:ab:17:2f:81:
2e:19:2c:c6:2c:b3:30:9e:ad:42:d4:92:0a:98:12:a2:15:41:
17:7d:2c:47:ac:2f:91:86:41:f1:11:e5:c3:5d:b1:99:cc:64:
3f:78:52:9c:8e:bd:63:af:66:4a:78:18:c5:ca:7d:27:c6:b2:
36:53:04:08:9f:32:c0:fa:fb:dd:b1:46:a4:3d:60:d6:5a:92:
ec:c8:f4:50:64:29:db:fe:4c:e5:63:6a:98:6b:1a:4a:11:31:
af:cc:4b:89:0b:23:07:5a:0a:24:5b:93:f5:c8:5d:8c:3f:f5:
85:ee:1c:82:d7:94:fa:d1:e1:53:2f:30:36:fe:45:b2:af:a0:
45:13:68:b9:b4:ef:cb:c6:c5:63:51:93:f5:b3:19:e7:c4:8d:
1b:45:0a:69:84:c7:68:65:7f:1b:45:d6:1d:76:28:86:fb:27:
66:5c:fc:88:ee:07:25:5d:d0:82:68:1d:be:89:c6:26:3c:31:
13:6b:65:23:18:dd:7d:95:a8:ea:cc:68:60:55:d4:ea:13:6b:
16:cd:9b:cc:29:ea:55:50:83:d9:ef:23:79:a4:95:d9:87:66:
8f:02:92:41
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGjypWNejgtD6NjFGagYEqblaYQ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMTBaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0ZTI5MDY4OTI0NDM5OWRjZjJkMDM3ZTM4OWI3M2U1MTE2MDI1MGNjNjE3
NGY2Mjc1ODIwNWMxOGJlNjQ0MzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnyKR6VNBgS9wB80eduaongqMfq3S+3Un1xFCJj+4Y3+ONrpElQcpcwYFE8
3Mc0BvCWMU/bNbq+VvsJqIBKa3VKgFBqk8UopitinK1fm3VxI2e9PRUkiiLHiovZ
dZqmx5nFXz4+GkWbNDdt8xuAJw+2m6blj8s84u9hU1GxhHO+H2OXzw9b0QTL1Tf2
BKA680KYjLfSWP6aDSP391CdfOHP9brTYlfjNpGpmLmORMo3TErX5947w1hUdO56
o+6WOZ+XD19EGwmSKYeK+bPLgQvRxfhEfZbGTKaMoo7heWkTKNBlo6POvmAGp/tK
rTn9tp8drdvS5jFRwMUgY3do8J8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQw0oI/
Y+qcijU4VOfE4dEQEZIXiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmU0OWExYTItZGM0Yy00MGM0LTljN2UtZjQxYzkzN2ZmYjYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
QDANBgkqhkiG9w0BAQsFAAOCAQEAQtAeV0PV/QG2MpxhQBD1v77uwfCIAltAjSzy
Xlfima+rFy+BLhksxiyzMJ6tQtSSCpgSohVBF30sR6wvkYZB8RHlw12xmcxkP3hS
nI69Y69mSngYxcp9J8ayNlMECJ8ywPr73bFGpD1g1lqS7Mj0UGQp2/5M5WNqmGsa
ShExr8xLiQsjB1oKJFuT9chdjD/1he4cgteU+tHhUy8wNv5Fsq+gRRNoubTvy8bF
Y1GT9bMZ58SNG0UKaYTHaGV/G0XWHXYohvsnZlz8iO4HJV3QgmgdvonGJjwxE2tl
IxjdfZWo6sxoYFXU6hNrFs2bzCnqVVCD2e8jeaSV2YdmjwKSQQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:09 2025 by rpki-client