Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
File: 50b60672-d484-48a0-9016-474bafea8912.roa (raw, json)
Hash identifier: o5nUNlSf5fan4B07UuITjK096XdwGfXP8Frq3O7yhdM=
Subject key identifier: F2:43:A6:DB:D4:DE:F1:48:54:D4:62:90:A3:BB:7E:A1:C0:28:1E:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D6AD8995ABE42AC3896E1153A81BA9F0DA447A5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
Signing time: Tue 21 Oct 2025 13:40:47 +0000
ROA not before: Tue 21 Oct 2025 13:40:47 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:6a:d8:99:5a:be:42:ac:38:96:e1:15:3a:81:ba:9f:0d:a4:47:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:40:47 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=6a00f784f083e54bb820fdbcf3bc9c098965a5205be56938e62c7397b1b729c2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fc:86:69:50:e1:53:b1:91:99:eb:bf:16:e5:
35:7a:97:84:11:b6:23:c9:70:70:c6:20:eb:fa:90:
c4:12:5d:98:4e:2b:81:c2:49:2e:c2:ae:fd:7a:f8:
4d:9a:35:94:2e:ca:8e:45:89:54:15:45:46:74:3e:
1d:79:26:16:91:19:1f:f5:97:f6:ca:d2:d4:ac:e4:
ae:f8:66:d1:a7:b1:6c:0e:d5:bd:a3:c1:91:e6:5c:
a0:ad:c3:41:51:bc:fa:13:34:7f:70:7e:c7:5c:9b:
7e:0d:36:53:48:54:5e:01:1c:41:ef:5d:85:fe:ad:
4b:f8:8b:d7:82:f5:f3:7f:83:e0:b4:08:59:7a:39:
39:0e:e0:a5:5a:c0:96:2e:8a:81:6f:d7:d7:94:62:
71:7e:13:f0:05:69:c6:05:a3:67:3d:47:fc:5e:63:
1e:9d:9e:39:98:01:89:41:dd:af:01:34:30:b8:f7:
ae:70:f3:de:a0:dc:bf:8f:9e:70:bc:f5:f1:bf:21:
79:3a:2d:50:9c:4a:f2:c3:b6:aa:67:db:c0:95:6f:
01:97:08:54:18:23:51:8d:0d:3d:b9:76:45:5a:a0:
6d:68:83:3d:78:17:95:82:61:d3:e5:79:97:0e:75:
6d:33:25:04:98:35:b7:ef:f3:d9:32:85:77:15:48:
b7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:43:A6:DB:D4:DE:F1:48:54:D4:62:90:A3:BB:7E:A1:C0:28:1E:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/36
Signature Algorithm: sha256WithRSAEncryption
17:6e:1d:ed:9d:e0:e3:05:af:fa:b4:02:19:df:88:cd:27:d4:
ce:da:92:8b:9c:2a:63:f6:d5:45:8d:2f:ea:74:61:a4:63:f9:
72:4d:06:43:b2:15:94:36:74:12:4f:c7:1a:dd:7f:9b:14:aa:
9e:5d:82:f8:a0:80:bb:ad:3d:11:be:ac:79:8d:ce:d4:e7:da:
91:75:95:56:80:2d:39:d5:81:a8:7d:87:c3:56:46:9c:f5:b9:
1a:64:d2:41:e1:9c:69:f4:83:b0:62:7b:8b:2e:d9:b0:03:13:
89:1c:09:d6:f4:04:95:94:0a:81:7c:aa:aa:4e:00:7e:1c:c3:
6a:bf:07:83:62:1c:97:88:34:52:4a:c2:d3:2b:d3:92:5a:c5:
ca:24:b1:06:1e:b4:4d:e2:ea:91:38:0b:08:70:75:da:90:11:
58:27:f3:89:35:fd:45:77:fe:b6:25:83:98:52:cd:44:6c:ee:
af:32:8a:7a:d4:9c:95:bd:1d:d4:64:b4:d0:ea:e6:e8:f1:95:
56:ac:84:d8:10:de:87:03:8e:1b:ae:ed:97:f7:53:cf:fe:7d:
87:42:40:c6:0e:9d:3f:e5:49:01:d2:b3:5a:54:97:f3:ea:e6:
3a:05:64:53:18:e0:0f:2b:e0:c0:5b:a1:4f:f5:b6:69:88:c1:
2b:83:d8:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULWrYmVq+Qqw4luEVOoG6nw2kR6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzQwNDdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhMDBmNzg0ZjA4M2U1NGJiODIwZmRiY2YzYmM5YzA5ODk2NWE1MjA1YmU1
NjkzOGU2MmM3Mzk3YjFiNzI5YzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALj8hmlQ4VOxkZnrvxblNXqXhBG2I8lwcMYg6/qQxBJdmE4rgcJJLsKu/Xr4
TZo1lC7KjkWJVBVFRnQ+HXkmFpEZH/WX9srS1Kzkrvhm0aexbA7VvaPBkeZcoK3D
QVG8+hM0f3B+x1ybfg02U0hUXgEcQe9dhf6tS/iL14L183+D4LQIWXo5OQ7gpVrA
li6KgW/X15RicX4T8AVpxgWjZz1H/F5jHp2eOZgBiUHdrwE0MLj3rnDz3qDcv4+e
cLz18b8heTotUJxK8sO2qmfbwJVvAZcIVBgjUY0NPbl2RVqgbWiDPXgXlYJh0+V5
lw51bTMlBJg1t+/z2TKFdxVItwcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyQ6bb
1N7xSFTUYpCju36hwCgekzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTBiNjA2NzItZDQ4NC00OGEwLTkwMTYtNDc0YmFmZWE4OTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQAXbh3tneDjBa/6tAIZ34jNJ9TO2pKLnCpj9tVF
jS/qdGGkY/lyTQZDshWUNnQST8ca3X+bFKqeXYL4oIC7rT0Rvqx5jc7U59qRdZVW
gC051YGofYfDVkac9bkaZNJB4Zxp9IOwYnuLLtmwAxOJHAnW9ASVlAqBfKqqTgB+
HMNqvweDYhyXiDRSSsLTK9OSWsXKJLEGHrRN4uqROAsIcHXakBFYJ/OJNf1Fd/62
JYOYUs1EbO6vMop61JyVvR3UZLTQ6ubo8ZVWrITYEN6HA44bru2X91PP/n2HQkDG
Dp0/5UkB0rNaVJfz6uY6BWRTGOAPK+DAW6FP9bZpiMErg9hf
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:21:13 2025 by rpki-client