Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
File: 42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa (raw, json)
Hash identifier: GUCoFBGS4Pp9mYRLpj7Qxus4gEAKWWajzN3S7jkPuNM=
Subject key identifier: EE:07:91:9D:79:94:C1:44:83:F5:D1:10:A2:5B:3F:6E:D6:01:11:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F19184EE58AD8624B2F3D8EFE6E64523541F712
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
Signing time: Tue 21 Oct 2025 13:30:14 +0000
ROA not before: Tue 21 Oct 2025 13:30:14 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:19:18:4e:e5:8a:d8:62:4b:2f:3d:8e:fe:6e:64:52:35:41:f7:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:30:14 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=ee961b9ddc929b98fea6c3cc8518bcf95cdb6a0b520d376cfba35e9e56af2453, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8d:63:70:59:ba:fd:1c:32:18:69:a0:f7:3e:
16:8d:a4:ea:c2:f0:37:32:ab:1a:c3:2a:0c:de:db:
de:cc:27:9a:b4:46:92:63:14:37:ea:25:6d:eb:76:
32:8e:06:d4:19:0d:90:a4:78:17:6d:18:96:7d:fd:
b7:bb:92:9f:a2:57:da:47:97:db:fd:4b:03:79:ac:
00:92:04:ae:11:04:fa:0a:98:2a:e5:6b:44:1a:e6:
51:03:be:73:b3:4d:f3:b9:e5:04:ed:34:d0:0b:61:
0f:1a:85:cc:0c:aa:54:12:72:f7:b0:ec:df:4b:14:
21:b4:63:ef:9c:1b:91:b6:11:b3:d9:64:ea:4e:15:
e8:2b:38:10:ac:1b:fa:11:a6:07:b4:85:d6:62:0f:
1a:ac:f3:11:38:57:df:33:df:b8:b5:75:43:8e:43:
01:fb:09:f6:7f:b5:24:2d:62:8a:62:30:31:1e:55:
42:25:18:84:b0:e6:ac:ba:00:8a:2a:58:57:c1:75:
fe:07:75:87:34:87:58:e1:cd:8e:c7:e0:b3:ea:34:
5a:b4:35:63:68:57:24:2a:2d:0e:a6:3c:19:32:55:
86:57:e8:ee:4e:60:f2:6f:74:db:20:1c:c3:58:ab:
66:5b:9e:4d:b5:24:a4:1b:00:c3:43:77:a1:48:e4:
25:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:07:91:9D:79:94:C1:44:83:F5:D1:10:A2:5B:3F:6E:D6:01:11:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8090::/48
Signature Algorithm: sha256WithRSAEncryption
2c:1a:51:ee:44:d3:f0:e9:b7:9f:51:82:c0:c0:30:b8:54:cb:
77:99:fe:4e:23:0d:8d:b5:7d:a7:8d:f0:f7:a5:5e:a0:ae:cd:
68:30:5a:9c:57:f4:72:f4:cc:a3:29:e5:a4:56:31:fa:ce:3e:
3e:66:7d:1b:1d:a2:61:f6:e1:e2:b7:c7:1d:ae:f6:79:ea:f8:
d1:e6:4e:01:7c:6d:27:2a:d2:06:52:29:2e:fb:5a:bf:87:0a:
96:f2:20:bc:83:12:0c:5f:a2:73:5c:84:68:de:f6:ea:39:ab:
73:52:e4:61:82:86:42:9b:62:16:d8:cf:92:72:1e:ee:ea:52:
20:45:67:5f:f3:7f:9d:a2:64:07:e0:02:ca:ec:4f:e0:79:ff:
6e:d5:56:9c:ad:1f:c5:80:c0:79:c7:b9:3c:d8:1a:ed:fe:58:
14:86:0a:f8:17:98:d8:0f:ff:bc:c8:af:9c:49:39:26:9c:f2:
ea:ac:bc:52:14:68:d9:e1:93:4f:1e:71:40:2e:78:18:45:02:
da:dd:ed:0a:fa:54:2d:54:aa:b4:79:d9:9d:80:a3:f1:fa:54:
20:4e:71:a1:ea:6b:bf:af:5b:0d:a5:18:4a:44:e7:5c:cd:fa:
da:88:7c:a9:9a:fd:04:86:34:09:c8:b9:a2:45:fd:b8:2c:fd:
6d:bb:7b:39
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPxkYTuWK2GJLLz2O/m5kUjVB9xIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMwMTRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlOTYxYjlkZGM5MjliOThmZWE2YzNjYzg1MThiY2Y5NWNkYjZhMGI1MjBk
Mzc2Y2ZiYTM1ZTllNTZhZjI0NTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWNY3BZuv0cMhhpoPc+Fo2k6sLwNzKrGsMqDN7b3swnmrRGkmMUN+olbet2
Mo4G1BkNkKR4F20Yln39t7uSn6JX2keX2/1LA3msAJIErhEE+gqYKuVrRBrmUQO+
c7NN87nlBO000AthDxqFzAyqVBJy97Ds30sUIbRj75wbkbYRs9lk6k4V6Cs4EKwb
+hGmB7SF1mIPGqzzEThX3zPfuLV1Q45DAfsJ9n+1JC1iimIwMR5VQiUYhLDmrLoA
iipYV8F1/gd1hzSHWOHNjsfgs+o0WrQ1Y2hXJCotDqY8GTJVhlfo7k5g8m902yAc
w1irZlueTbUkpBsAw0N3oUjkJeMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTuB5Gd
eZTBRIP10RCiWz9u1gERITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDJlZjdkODktYjliZi00NjBmLWI5MDYtNzQ0M2Q5NmY0YTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
kDANBgkqhkiG9w0BAQsFAAOCAQEALBpR7kTT8Om3n1GCwMAwuFTLd5n+TiMNjbV9
p43w96VeoK7NaDBanFf0cvTMoynlpFYx+s4+PmZ9Gx2iYfbh4rfHHa72eer40eZO
AXxtJyrSBlIpLvtav4cKlvIgvIMSDF+ic1yEaN726jmrc1LkYYKGQptiFtjPknIe
7upSIEVnX/N/naJkB+ACyuxP4Hn/btVWnK0fxYDAece5PNga7f5YFIYK+BeY2A//
vMivnEk5Jpzy6qy8UhRo2eGTTx5xQC54GEUC2t3tCvpULVSqtHnZnYCj8fpUIE5x
oeprv69bDaUYSkTnXM362oh8qZr9BIY0Cci5okX9uCz9bbt7OQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:17 2025 by rpki-client