Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
File: 38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa (raw, json)
Hash identifier: 1Xd6CDXtSeizdbNEo+/MnX0Xs4Wn5y+RgEwCBht0KIM=
Subject key identifier: E6:32:7D:F0:EC:4D:62:ED:43:8B:7B:B1:5D:66:0A:5C:D6:4B:5D:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66C6E6583B3BEE7B892301178C641CFCE8E208EA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
Signing time: Tue 21 Oct 2025 13:20:56 +0000
ROA not before: Tue 21 Oct 2025 13:20:56 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:c6:e6:58:3b:3b:ee:7b:89:23:01:17:8c:64:1c:fc:e8:e2:08:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:56 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=4d86053d0f86f834cb4e90602c417b037e32e75671f585ed587227b525ec3662, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4f:a8:2b:e0:b2:b4:a5:8f:f8:48:e0:4a:1b:
45:e7:47:53:92:4e:ca:9b:e2:7c:7c:54:5d:bd:4c:
24:45:e0:49:cb:dd:53:0b:d3:d3:86:df:b0:d7:90:
a0:32:e9:2a:00:02:9d:9a:34:ba:14:bf:3b:2b:34:
11:27:e6:6e:fe:29:59:ab:b2:b5:7f:8e:0f:6a:8b:
fb:54:ee:76:dc:f4:0b:7f:b5:14:30:5b:fb:5f:b8:
71:8a:70:bb:fb:60:6e:ac:3b:63:e9:7d:95:0e:8f:
1d:67:a0:f0:f6:b7:88:3c:0b:d7:db:b6:ae:7d:17:
91:8a:30:b5:ba:3b:33:37:ea:0d:77:1d:d1:e6:b0:
df:25:2b:a4:52:43:23:41:40:3b:94:65:c0:8e:4a:
21:77:5e:3e:44:c4:67:0a:09:97:45:61:14:81:c0:
8c:c2:fa:dd:1b:ee:b4:07:e9:5d:5e:2a:e8:33:7f:
91:dc:93:51:5f:e9:79:47:1f:a5:0a:19:7c:d3:0c:
9e:c9:ba:d3:5c:2a:26:59:41:36:95:3f:cb:94:d3:
8a:32:8c:4e:2f:24:e7:be:ba:c2:5e:a3:23:50:06:
1b:d2:ed:49:8f:4d:87:6e:51:fa:8b:1d:37:0a:16:
2a:8c:64:22:d2:ed:bd:e5:67:92:1e:a2:9e:66:a5:
5f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:32:7D:F0:EC:4D:62:ED:43:8B:7B:B1:5D:66:0A:5C:D6:4B:5D:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:6000::/40
Signature Algorithm: sha256WithRSAEncryption
bc:9d:db:d9:96:1f:cc:9f:f3:d8:4c:73:0d:e2:c1:aa:17:61:
e7:5a:a8:cd:70:8c:e4:65:1b:9a:fc:8b:6a:10:5c:02:f3:e7:
44:06:09:6d:05:9e:11:8a:9a:1a:36:5e:bc:d5:4f:c0:35:f6:
f7:cd:d0:8d:b5:41:d0:83:df:8d:31:a2:25:43:8f:a3:cf:ca:
0f:40:d3:42:da:a6:e4:ed:6f:d6:f4:3f:40:bd:df:1d:ad:95:
39:e9:28:57:53:81:da:b8:c1:88:8f:72:5f:d1:5a:86:b9:cb:
44:74:b9:10:69:ed:fe:12:1c:79:b4:2c:6b:c8:97:73:b3:72:
f6:2d:30:2e:ab:56:36:12:d2:7e:c2:ce:a1:2d:1a:34:23:bc:
a5:c4:06:39:17:59:34:10:3e:f6:79:dd:54:78:47:d1:39:42:
73:09:95:c9:b1:e8:60:0b:9c:97:74:74:3f:f6:33:08:a9:45:
94:00:b3:80:21:a9:09:0b:46:dc:18:73:44:9d:db:7f:d4:a2:
3c:d2:35:e0:4f:f4:d7:fc:3f:14:d8:7b:69:b0:3e:1c:03:f3:
89:cd:ae:b0:68:88:c9:2b:16:1d:be:c1:cd:dc:9e:e9:ba:13:
50:27:6f:5b:ab:16:c8:bc:49:82:07:da:4a:68:26:79:b2:1e:
23:6d:1e:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZsbmWDs77nuJIwEXjGQc/OjiCOowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwNTZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkODYwNTNkMGY4NmY4MzRjYjRlOTA2MDJjNDE3YjAzN2UzMmU3NTY3MWY1
ODVlZDU4NzIyN2I1MjVlYzM2NjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJPqCvgsrSlj/hI4EobRedHU5JOypvifHxUXb1MJEXgScvdUwvT04bfsNeQ
oDLpKgACnZo0uhS/Oys0ESfmbv4pWauytX+OD2qL+1Tudtz0C3+1FDBb+1+4cYpw
u/tgbqw7Y+l9lQ6PHWeg8Pa3iDwL19u2rn0XkYowtbo7MzfqDXcd0eaw3yUrpFJD
I0FAO5RlwI5KIXdePkTEZwoJl0VhFIHAjML63RvutAfpXV4q6DN/kdyTUV/peUcf
pQoZfNMMnsm601wqJllBNpU/y5TTijKMTi8k5766wl6jI1AGG9LtSY9Nh25R+osd
NwoWKoxkItLtveVnkh6inmalXwUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTmMn3w
7E1i7UOLe7FdZgpc1ktdejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzhmOWMwZjAtYTEwOS00ODVjLWJkMmQtMmUxYTQ0MGI4NjRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVg
MA0GCSqGSIb3DQEBCwUAA4IBAQC8ndvZlh/Mn/PYTHMN4sGqF2HnWqjNcIzkZRua
/ItqEFwC8+dEBgltBZ4RipoaNl681U/ANfb3zdCNtUHQg9+NMaIlQ4+jz8oPQNNC
2qbk7W/W9D9Avd8drZU56ShXU4HauMGIj3Jf0VqGuctEdLkQae3+Ehx5tCxryJdz
s3L2LTAuq1Y2EtJ+ws6hLRo0I7ylxAY5F1k0ED72ed1UeEfROUJzCZXJsehgC5yX
dHQ/9jMIqUWUALOAIakJC0bcGHNEndt/1KI80jXgT/TX/D8U2HtpsD4cA/OJza6w
aIjJKxYdvsHN3J7puhNQJ29bqxbIvEmCB9pKaCZ5sh4jbR4C
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:19 2025 by rpki-client