Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
File: 55ba2d71-c4db-41f1-a648-b39b354abfa6.roa (raw, json)
Hash identifier: tTyeJKlCecnZz8xyjj7DAGrgEBdh98PkDHatrMvZWYI=
Subject key identifier: 91:96:80:D0:35:81:57:82:EA:C2:A3:E9:31:A3:8C:3A:07:CD:3E:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 562D5E160D990C74F855153520E6BB08660E2C5B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
Signing time: Tue 21 Oct 2025 13:40:07 +0000
ROA not before: Tue 21 Oct 2025 13:40:07 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:2d:5e:16:0d:99:0c:74:f8:55:15:35:20:e6:bb:08:66:0e:2c:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:40:07 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=6623dac499e38cbaec1da2877b5c18006ab1b0f065042aebb3b5cf65eec1ca43, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c8:3a:9c:fe:64:de:65:81:fb:31:75:ce:86:
4c:d0:65:77:68:64:f3:6b:50:8a:f8:58:91:d0:da:
28:89:30:3b:2d:cb:e1:44:d3:90:d7:c5:bb:ea:55:
56:70:d6:a9:11:bf:dc:1b:27:15:3b:dc:4b:e1:30:
6f:5e:b9:d3:76:de:17:8e:a4:1d:d3:ff:19:3b:69:
07:9a:6b:a9:90:5a:da:86:ce:f4:07:d8:b0:59:4a:
a9:b8:93:5f:4a:1c:07:2c:2b:e1:c4:bf:46:16:46:
35:e1:95:ab:3d:0f:f0:46:33:08:b7:73:3a:d9:f0:
24:3e:80:e9:97:5e:0a:72:1d:7b:00:52:9d:a5:ff:
ef:11:94:6c:cf:c4:f0:2b:56:21:85:4f:1f:f1:84:
fa:50:24:80:a8:41:ee:6e:70:72:dd:78:f8:46:58:
f8:fd:9e:b7:a4:30:8b:4a:f6:c1:42:6a:37:67:a6:
b8:f3:5a:ae:4e:47:5b:75:53:ec:ba:64:a2:7b:23:
66:1d:ef:3a:c1:c8:0e:f2:8e:8b:48:73:6a:41:99:
79:00:71:fa:8a:ae:42:25:79:8c:14:81:3c:e7:27:
6e:01:73:cf:3b:c9:5d:f0:da:b4:1f:93:c2:1f:3b:
19:0b:78:4b:91:3b:f0:c9:5c:ca:e5:84:83:98:5e:
85:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:96:80:D0:35:81:57:82:EA:C2:A3:E9:31:A3:8C:3A:07:CD:3E:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:8000::/40
Signature Algorithm: sha256WithRSAEncryption
32:4e:d6:8e:27:d4:cf:97:f8:09:de:1b:c5:73:c5:bc:0f:1d:
b1:9e:cc:83:83:cf:0e:88:6b:af:42:f8:43:b9:0e:93:95:ff:
20:fc:34:bb:37:1b:ad:22:04:8a:37:36:60:f9:34:c6:4c:61:
e9:4c:58:ee:f4:b7:a6:d7:20:5b:48:3d:52:1e:c3:99:ef:4b:
2b:ee:b6:58:f6:43:56:3b:b3:9e:9f:2c:14:49:9e:1d:46:da:
74:3c:45:1e:21:c4:eb:06:2a:74:69:5e:1e:f1:4c:d6:4f:e7:
28:f7:2f:35:ed:85:02:d7:24:3d:a6:6e:e5:63:2a:3b:96:79:
0f:cb:63:cb:7a:d3:79:6e:1d:e7:11:af:ac:4d:91:eb:82:6b:
da:86:00:87:f8:8c:e9:d7:61:c9:68:b6:9a:81:ef:b9:66:22:
c6:45:a4:3e:4c:53:fa:62:5d:31:be:75:0c:97:ea:d1:9d:4c:
21:28:e0:eb:77:c4:b0:58:59:9c:8a:8d:b8:87:a1:e6:3c:16:
7b:e3:7d:61:fc:29:c5:38:fc:ce:d8:7b:ff:19:da:34:6f:92:
d3:b6:c7:de:c5:22:d9:97:1a:ce:e1:4f:c1:97:fb:87:d0:92:
e8:ad:b1:bd:6b:2c:c8:82:b5:65:56:81:cd:5e:12:ca:87:52:
76:be:fc:49
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVi1eFg2ZDHT4VRU1IOa7CGYOLFswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzQwMDdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2MjNkYWM0OTllMzhjYmFlYzFkYTI4NzdiNWMxODAwNmFiMWIwZjA2NTA0
MmFlYmIzYjVjZjY1ZWVjMWNhNDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJDIOpz+ZN5lgfsxdc6GTNBld2hk82tQivhYkdDaKIkwOy3L4UTTkNfFu+pV
VnDWqRG/3BsnFTvcS+Ewb16503beF46kHdP/GTtpB5prqZBa2obO9AfYsFlKqbiT
X0ocBywr4cS/RhZGNeGVqz0P8EYzCLdzOtnwJD6A6ZdeCnIdewBSnaX/7xGUbM/E
8CtWIYVPH/GE+lAkgKhB7m5wct14+EZY+P2et6Qwi0r2wUJqN2emuPNark5HW3VT
7LpkonsjZh3vOsHIDvKOi0hzakGZeQBx+oquQiV5jBSBPOcnbgFzzzvJXfDatB+T
wh87GQt4S5E78MlcyuWEg5heha0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSRloDQ
NYFXgurCo+kxo4w6B80+ljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTViYTJkNzEtYzRkYi00MWYxLWE2NDgtYjM5YjM1NGFiZmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiA
MA0GCSqGSIb3DQEBCwUAA4IBAQAyTtaOJ9TPl/gJ3hvFc8W8Dx2xnsyDg88OiGuv
QvhDuQ6Tlf8g/DS7NxutIgSKNzZg+TTGTGHpTFju9Lem1yBbSD1SHsOZ70sr7rZY
9kNWO7OenywUSZ4dRtp0PEUeIcTrBip0aV4e8UzWT+co9y817YUC1yQ9pm7lYyo7
lnkPy2PLetN5bh3nEa+sTZHrgmvahgCH+Izp12HJaLaage+5ZiLGRaQ+TFP6Yl0x
vnUMl+rRnUwhKODrd8SwWFmcio24h6HmPBZ7431h/CnFOPzO2Hv/Gdo0b5LTtsfe
xSLZlxrO4U/Bl/uH0JLorbG9ayzIgrVlVoHNXhLKh1J2vvxJ
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:11 2025 by rpki-client