Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
File: 3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa (raw, json)
Hash identifier: vlFoo5BS/o/Oh0XY5sRpM2iI6j4ePNU2GAbNCgKe0d0=
Subject key identifier: C6:F4:6B:8A:41:1B:3C:27:F3:D7:E5:18:93:77:2B:F7:98:1F:5B:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10C8F04BF8C26ED8D71135AA60FED24CA97A68A5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
Signing time: Tue 21 Oct 2025 14:30:59 +0000
ROA not before: Tue 21 Oct 2025 14:30:59 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:c8:f0:4b:f8:c2:6e:d8:d7:11:35:aa:60:fe:d2:4c:a9:7a:68:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:30:59 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=048dd3683a744f2ab0e69f148ca427c0cf0a1b8dbb62887ec0c7f14c809a71bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6d:df:e2:78:93:3f:a8:eb:a2:a4:de:b3:25:
13:ec:61:64:2b:eb:40:86:be:33:40:9f:7c:6d:5e:
6d:29:fb:f0:bf:dc:2c:8e:4d:39:ab:18:ce:08:50:
a1:db:bc:b1:e7:8a:2b:f6:9d:d0:09:77:9e:4d:7f:
6a:21:7b:86:ff:21:72:b7:47:37:f6:97:bb:25:80:
b0:25:4f:e1:4e:a8:33:5b:43:59:08:8a:b6:db:b3:
34:6a:81:3f:1b:3d:3b:c0:f2:f9:ec:10:24:cc:26:
07:7c:48:3a:df:0e:8b:4c:cb:36:40:14:f6:a6:99:
13:60:60:61:d4:d9:26:30:0c:78:27:2f:0b:0f:0f:
7f:7c:15:ff:83:ea:2b:db:77:05:08:11:5c:0c:3a:
e0:ae:2d:9f:2c:3b:7c:97:93:03:d1:4d:1b:06:9c:
19:02:20:a0:5d:34:cf:9e:57:e3:6a:ad:5d:66:78:
db:3b:1a:f1:4e:9a:83:07:19:bc:e8:c5:f3:b8:ec:
be:24:56:57:01:63:45:9a:cf:a9:da:67:86:bb:81:
76:b8:e9:ce:88:0b:71:7b:cc:d6:a5:37:07:ac:ee:
b9:89:27:7a:98:8f:b2:50:1d:e2:fa:ee:69:96:5a:
51:55:e8:97:dd:2c:2b:d8:1b:1a:3e:1f:5f:03:82:
88:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F4:6B:8A:41:1B:3C:27:F3:D7:E5:18:93:77:2B:F7:98:1F:5B:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8040::/48
Signature Algorithm: sha256WithRSAEncryption
56:6e:2f:d2:10:50:6e:f1:d9:83:72:05:c0:5f:25:79:0b:bb:
0b:3d:a3:04:48:9a:f6:6e:0f:72:1e:a0:bf:93:d5:e4:f3:cb:
bb:97:29:53:35:01:57:60:8e:4f:1d:ab:1a:a6:a7:72:b9:b6:
c0:e8:f5:8d:56:d7:78:00:01:f4:cf:a4:1e:48:55:ea:f1:98:
c8:47:f2:da:36:98:32:5a:db:09:f0:53:00:7b:62:f2:51:0f:
f9:ed:6c:8c:7b:bb:67:7f:dc:ad:dd:6f:b9:74:0a:41:f9:74:
e3:54:1d:12:43:cd:03:d9:2d:e2:5f:be:25:c6:9b:a4:53:ca:
05:8e:d3:3f:1c:22:f6:86:7d:08:07:f2:f9:9b:32:e3:8e:ed:
09:a1:43:6a:b7:9a:ce:e7:9b:be:a4:c5:5f:0c:d6:b4:fe:4e:
81:f9:6f:a6:9a:e5:68:1d:00:b0:5c:3a:af:62:db:41:91:d3:
08:fc:a2:a2:3f:01:d3:5d:e4:c0:35:74:31:06:d1:e0:f7:89:
a4:86:9b:4f:aa:b2:29:76:0f:6d:fe:dd:03:55:e2:77:b3:ff:
70:d2:42:d9:13:da:30:17:92:34:03:3b:62:e1:8a:eb:51:05:
44:28:a6:8d:8c:21:57:8a:d9:5d:51:26:65:9c:f2:5d:37:38:
e0:6f:bf:55
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEMjwS/jCbtjXETWqYP7STKl6aKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMwNTlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0OGRkMzY4M2E3NDRmMmFiMGU2OWYxNDhjYTQyN2MwY2YwYTFiOGRiYjYy
ODg3ZWMwYzdmMTRjODA5YTcxYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNt3+J4kz+o66Kk3rMlE+xhZCvrQIa+M0CffG1ebSn78L/cLI5NOasYzghQ
odu8seeKK/ad0Al3nk1/aiF7hv8hcrdHN/aXuyWAsCVP4U6oM1tDWQiKttuzNGqB
Pxs9O8Dy+ewQJMwmB3xIOt8Oi0zLNkAU9qaZE2BgYdTZJjAMeCcvCw8Pf3wV/4Pq
K9t3BQgRXAw64K4tnyw7fJeTA9FNGwacGQIgoF00z55X42qtXWZ42zsa8U6agwcZ
vOjF87jsviRWVwFjRZrPqdpnhruBdrjpzogLcXvM1qU3B6zuuYknepiPslAd4vru
aZZaUVXol90sK9gbGj4fXwOCiEkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTG9GuK
QRs8J/PX5RiTdyv3mB9bZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y1Y2MxY2EtMGRiYS00NGE3LThiYjMtZWZlODQ4Y2M3OWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
QDANBgkqhkiG9w0BAQsFAAOCAQEAVm4v0hBQbvHZg3IFwF8leQu7Cz2jBEia9m4P
ch6gv5PV5PPLu5cpUzUBV2COTx2rGqancrm2wOj1jVbXeAAB9M+kHkhV6vGYyEfy
2jaYMlrbCfBTAHti8lEP+e1sjHu7Z3/crd1vuXQKQfl041QdEkPNA9kt4l++Jcab
pFPKBY7TPxwi9oZ9CAfy+Zsy447tCaFDareazuebvqTFXwzWtP5OgflvpprlaB0A
sFw6r2LbQZHTCPyioj8B013kwDV0MQbR4PeJpIabT6qyKXYPbf7dA1Xid7P/cNJC
2RPaMBeSNAM7YuGK61EFRCimjYwhV4rZXVEmZZzyXTc44G+/VQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:09 2025 by rpki-client