Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
File: 35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa (raw, json)
Hash identifier: BnjzL5HpuxRxVxdV/KhbnlDNt3wHGOKNrGZATGdRDFc=
Subject key identifier: 6B:AA:BF:55:ED:C1:23:85:81:93:DB:C8:0C:78:1B:5D:38:06:FE:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 306BF3317FF4B3BB072C53170C964C2CC48DE525
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
Signing time: Tue 21 Oct 2025 14:00:54 +0000
ROA not before: Tue 21 Oct 2025 14:00:54 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:6b:f3:31:7f:f4:b3:bb:07:2c:53:17:0c:96:4c:2c:c4:8d:e5:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:00:54 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=7a8c7e3285bb70a750068589ac0737bd161e712cd50a1c2e81415486c34f2fb3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:6f:c8:80:53:5d:6d:68:9b:78:58:86:4d:07:
63:86:28:7d:34:1e:53:67:0b:14:8e:4b:98:21:a9:
ef:77:74:18:7f:ee:2b:dd:44:87:f0:52:e5:dc:11:
6f:c6:4a:d5:e9:98:53:25:93:a1:95:ac:c8:03:33:
87:91:e9:98:a8:59:62:e1:25:d5:cf:85:0a:bf:db:
13:ac:1e:22:ab:52:06:79:a1:29:da:69:6b:25:9c:
2c:1d:3b:5b:70:d8:5e:c1:28:7d:41:54:fa:08:4c:
7d:1f:af:8d:10:af:f0:c2:2c:d5:29:f3:80:72:cd:
e5:b3:9e:d8:9e:e3:78:fb:fd:86:57:6c:42:47:c8:
e3:4f:98:31:da:41:96:ef:44:b9:5c:1a:16:9f:d4:
27:06:c4:f0:11:ad:69:a5:8e:00:06:14:09:d1:ff:
c0:1f:bc:e6:2d:59:08:65:43:77:53:e9:77:e1:b5:
6a:64:bf:db:b9:00:8e:5f:1d:f0:ac:c4:30:3a:22:
5e:a6:39:a5:74:68:a4:2a:a0:6e:a0:40:c4:77:c3:
8f:71:82:de:3d:93:81:f7:e3:3f:d2:a5:51:9a:1b:
c7:85:90:6f:c9:70:78:48:d9:79:6a:a4:2d:94:e7:
49:35:44:3a:2a:3f:75:9e:77:4f:eb:b8:6d:87:f1:
b5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:AA:BF:55:ED:C1:23:85:81:93:DB:C8:0C:78:1B:5D:38:06:FE:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/38
Signature Algorithm: sha256WithRSAEncryption
6e:62:04:d5:8c:ca:54:cb:0a:bc:d2:1a:e6:6b:00:f4:80:84:
fd:6c:e8:94:1c:c4:2a:8b:eb:1d:89:b4:a9:67:cf:dc:0a:26:
ba:df:42:9d:50:55:b5:01:d9:15:45:43:c8:2c:84:15:d2:0e:
2d:d2:c6:05:05:6a:7c:f4:63:67:10:28:92:b7:74:ef:56:72:
73:f1:e9:e3:30:c8:3f:fa:f2:e2:3c:31:1f:0a:f8:ff:5c:08:
9f:ed:0f:f1:70:78:54:d0:82:1c:28:22:5d:b9:4a:09:ee:38:
55:e0:7c:4c:b7:be:1d:9c:a3:d5:f8:d4:a7:c6:5b:34:51:ae:
2b:79:92:47:f8:3e:4b:fa:5e:f7:3f:ec:9b:07:25:4e:d8:5a:
17:16:50:55:44:d8:9e:d3:30:a1:63:46:b4:57:56:e6:d8:89:
f7:72:3f:d9:3a:b7:fb:da:76:b7:db:ba:f2:88:60:21:f9:10:
f5:ab:a6:81:f2:e6:ad:b4:5e:b2:89:a2:e8:26:1e:8b:d5:cf:
11:1a:9f:09:e9:0d:0a:3c:67:0c:37:3d:b2:a2:58:7b:48:f5:
1c:4a:11:42:4e:44:fd:27:a5:78:72:e4:e5:96:9f:b7:d2:cd:
75:e1:bf:82:f5:f2:5c:1b:72:4f:ab:fa:aa:b9:f4:9f:fd:4d:
b3:9a:77:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMGvzMX/0s7sHLFMXDJZMLMSN5SUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDAwNTRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhOGM3ZTMyODViYjcwYTc1MDA2ODU4OWFjMDczN2JkMTYxZTcxMmNkNTBh
MWMyZTgxNDE1NDg2YzM0ZjJmYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAORvyIBTXW1om3hYhk0HY4YofTQeU2cLFI5LmCGp73d0GH/uK91Eh/BS5dwR
b8ZK1emYUyWToZWsyAMzh5HpmKhZYuEl1c+FCr/bE6weIqtSBnmhKdppayWcLB07
W3DYXsEofUFU+ghMfR+vjRCv8MIs1SnzgHLN5bOe2J7jePv9hldsQkfI40+YMdpB
lu9EuVwaFp/UJwbE8BGtaaWOAAYUCdH/wB+85i1ZCGVDd1Ppd+G1amS/27kAjl8d
8KzEMDoiXqY5pXRopCqgbqBAxHfDj3GC3j2TgffjP9KlUZobx4WQb8lweEjZeWqk
LZTnSTVEOio/dZ53T+u4bYfxtQ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrqr9V
7cEjhYGT28gMeBtdOAb+bDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzViYjBkYTUtMGEyZC00YjgwLWFhZmUtYWY3ZTc0Y2Y1ODY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQBuYgTVjMpUywq80hrmawD0gIT9bOiUHMQqi+sd
ibSpZ8/cCia630KdUFW1AdkVRUPILIQV0g4t0sYFBWp89GNnECiSt3TvVnJz8enj
MMg/+vLiPDEfCvj/XAif7Q/xcHhU0IIcKCJduUoJ7jhV4HxMt74dnKPV+NSnxls0
Ua4reZJH+D5L+l73P+ybByVO2FoXFlBVRNie0zChY0a0V1bm2In3cj/ZOrf72na3
27ryiGAh+RD1q6aB8uattF6yiaLoJh6L1c8RGp8J6Q0KPGcMNz2yolh7SPUcShFC
TkT9J6V4cuTllp+30s114b+C9fJcG3JPq/qqufSf/U2zmnec
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:07 2025 by rpki-client