Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
File: 31246558-533e-42f5-8c90-dc91729aa7fa.roa (raw, json)
Hash identifier: Izj/iJ+YSbJlf6yiWg38pJUPRNxSRIRuuZYCGH/nWf0=
Subject key identifier: 62:78:38:37:61:90:7C:57:E5:5F:C4:93:E1:47:20:52:B1:6F:A7:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 023B65AA53F71AB21CE4C3FA55728471ECD6B628
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
Signing time: Tue 21 Oct 2025 13:20:36 +0000
ROA not before: Tue 21 Oct 2025 13:20:36 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:3b:65:aa:53:f7:1a:b2:1c:e4:c3:fa:55:72:84:71:ec:d6:b6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:36 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=f5f2836da8de3ad87fba4084f69f332539fb131c4380da32b164b45caee570ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:84:21:a6:7c:18:24:a9:91:1a:98:3a:0e:59:
eb:f8:f4:6f:e3:2f:3e:80:72:88:f9:8a:87:2b:3e:
3f:71:6b:c1:36:f3:96:4d:0a:20:a4:e6:5d:2d:e3:
c8:b3:56:e0:4d:33:43:a5:f5:2f:41:21:8b:65:ee:
ba:3b:41:0f:65:37:de:29:7a:e3:36:f2:98:ad:7e:
74:89:9f:cd:0b:13:3c:5e:dd:1d:a3:fe:40:44:b6:
8f:3e:d2:d3:64:d1:4a:be:57:4d:84:c8:3d:de:c9:
27:96:b0:0d:48:97:fd:35:03:0c:3e:48:18:79:03:
14:b8:5a:c1:5b:67:82:4a:90:43:ab:2b:2c:e7:cb:
0e:47:c8:fe:72:a8:c5:3f:4f:5d:0f:a1:10:97:e7:
ff:9e:9f:8b:31:ba:d1:fc:ff:09:d1:76:79:49:25:
48:bb:aa:17:74:51:a0:fb:99:4f:93:48:94:62:52:
82:da:1a:07:0d:8c:76:3d:2e:2b:1b:cc:5e:ec:4c:
9e:ff:e2:95:ee:59:e4:54:70:f1:c6:c9:6e:11:5e:
83:e8:31:91:95:48:f6:db:0b:91:eb:cf:01:f5:79:
10:07:56:c0:35:47:14:e3:f5:3a:f5:6c:5c:3f:9c:
be:78:ff:49:f0:47:71:74:25:b9:8d:1c:67:57:d6:
0e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:78:38:37:61:90:7C:57:E5:5F:C4:93:E1:47:20:52:B1:6F:A7:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:1000::/40
Signature Algorithm: sha256WithRSAEncryption
b8:0f:bd:84:02:a1:cd:20:46:de:45:04:32:ac:ae:ea:c1:6d:
53:25:c0:c5:e8:e2:c9:a0:7c:2e:9b:d8:33:9c:8c:d0:2e:d2:
cc:3b:d3:a9:55:f5:f1:eb:c8:81:2d:36:bb:e8:b0:cb:7d:71:
1b:c9:ce:65:14:57:d6:76:15:d9:d8:d5:a3:15:86:24:98:e7:
ca:ec:4b:16:04:b0:db:15:54:76:e1:a9:e5:01:d3:28:f6:a2:
d4:02:fb:45:cf:89:c7:3d:66:dc:a5:1f:b2:ab:41:65:30:f1:
29:32:2b:6d:77:99:25:ca:b7:0c:8d:e0:4a:1f:36:e3:70:b8:
86:cc:2d:db:16:87:ee:eb:f7:5e:17:88:5e:c2:cf:71:9d:fb:
19:3f:7f:36:a9:23:31:ac:51:4f:6a:2a:07:be:e4:a3:07:51:
23:b1:1f:55:fd:ce:88:28:b1:3e:cd:0e:96:55:48:4d:a7:75:
22:36:7a:3a:9e:43:5e:b8:1a:b7:8a:7e:3f:9f:9a:5c:2a:38:
25:e6:6e:9c:74:4c:b8:fc:9d:86:d8:68:1e:c4:a2:94:c0:57:
d9:aa:82:a0:38:d9:e9:3c:d6:2b:0f:81:59:59:a4:54:7b:dd:
22:60:82:e7:8b:e1:01:f3:61:e0:d9:5f:e4:96:4e:7e:18:0b:
34:fc:6d:71
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAjtlqlP3GrIc5MP6VXKEcezWtigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwMzZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1ZjI4MzZkYThkZTNhZDg3ZmJhNDA4NGY2OWYzMzI1MzlmYjEzMWM0Mzgw
ZGEzMmIxNjRiNDVjYWVlNTcwYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO+EIaZ8GCSpkRqYOg5Z6/j0b+MvPoByiPmKhys+P3FrwTbzlk0KIKTmXS3j
yLNW4E0zQ6X1L0Ehi2XuujtBD2U33il64zbymK1+dImfzQsTPF7dHaP+QES2jz7S
02TRSr5XTYTIPd7JJ5awDUiX/TUDDD5IGHkDFLhawVtngkqQQ6srLOfLDkfI/nKo
xT9PXQ+hEJfn/56fizG60fz/CdF2eUklSLuqF3RRoPuZT5NIlGJSgtoaBw2Mdj0u
KxvMXuxMnv/ile5Z5FRw8cbJbhFeg+gxkZVI9tsLkevPAfV5EAdWwDVHFOP1OvVs
XD+cvnj/SfBHcXQluY0cZ1fWDn8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRieDg3
YZB8V+VfxJPhRyBSsW+nxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEyNDY1NTgtNTMzZS00MmY1LThjOTAtZGM5MTcyOWFhN2ZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0Q
MA0GCSqGSIb3DQEBCwUAA4IBAQC4D72EAqHNIEbeRQQyrK7qwW1TJcDF6OLJoHwu
m9gznIzQLtLMO9OpVfXx68iBLTa76LDLfXEbyc5lFFfWdhXZ2NWjFYYkmOfK7EsW
BLDbFVR24anlAdMo9qLUAvtFz4nHPWbcpR+yq0FlMPEpMittd5klyrcMjeBKHzbj
cLiGzC3bFofu6/deF4hews9xnfsZP382qSMxrFFPaioHvuSjB1EjsR9V/c6IKLE+
zQ6WVUhNp3UiNno6nkNeuBq3in4/n5pcKjgl5m6cdEy4/J2G2GgexKKUwFfZqoKg
ONnpPNYrD4FZWaRUe90iYILni+EB82Hg2V/klk5+GAs0/G1x
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:06 2025 by rpki-client