Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
File: 575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa (raw, json)
Hash identifier: sUL2lYisP523YuhgQOJBZDgujlrrolFTgROLEmL+kbs=
Subject key identifier: AD:CF:18:C8:95:1E:77:96:F6:96:60:14:FD:BE:9C:99:6B:C7:7E:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06CA14C3462CE3453817BBABC70A9D40742C8E01
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
Signing time: Tue 21 Oct 2025 14:00:09 +0000
ROA not before: Tue 21 Oct 2025 14:00:09 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:ca:14:c3:46:2c:e3:45:38:17:bb:ab:c7:0a:9d:40:74:2c:8e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:00:09 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=e7fb1ea7e6e6f927c8587a70c72370b419ec94eafa2016aa403b2dfcf835ace7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:01:98:92:d8:aa:e3:b2:cb:0c:89:fe:0e:c1:
8a:32:95:95:1e:57:f1:90:55:bc:e2:e2:e8:8d:b2:
ed:7e:fc:f9:98:f0:68:d7:3d:75:60:fd:94:44:34:
ae:34:68:9b:16:35:37:77:af:ce:35:6f:28:ac:c5:
67:bc:42:df:ca:6a:f1:8f:26:15:c3:d6:ca:22:2f:
84:55:2c:3c:cf:c0:f3:97:f6:fb:4e:cf:a2:bb:3b:
51:e8:af:dd:d3:0d:1c:d8:97:37:db:b6:2a:98:81:
b9:6f:10:1a:e2:87:39:b1:97:5c:6e:00:43:87:78:
fc:26:7e:38:68:69:2a:8b:ed:ea:76:39:ef:8c:4d:
11:95:c2:03:0f:04:e4:ac:ee:f2:e6:1b:83:a8:a7:
52:90:4f:29:42:9d:99:97:f5:25:4f:a2:db:6e:01:
3b:be:fa:1f:7b:37:fd:cd:cb:25:f9:72:76:e0:c5:
24:98:ac:34:65:46:f6:06:48:b1:9f:6d:68:06:f0:
47:b3:55:0e:96:1b:5c:82:e4:df:b3:20:e5:ea:48:
9c:f4:71:89:24:14:e6:0a:77:3a:f6:ee:20:1c:2d:
d7:91:8c:dd:89:8f:2f:6d:a4:22:bd:2d:18:5e:22:
5c:c3:28:33:6a:d9:a2:9e:44:46:2d:c1:72:d6:62:
45:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:CF:18:C8:95:1E:77:96:F6:96:60:14:FD:BE:9C:99:6B:C7:7E:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:4000::/40
Signature Algorithm: sha256WithRSAEncryption
97:39:c3:eb:ae:bb:69:84:b4:62:54:27:c9:28:7c:b5:22:f1:
48:5f:7b:fb:49:ad:9b:1c:23:9b:0f:04:88:ae:99:f3:ea:55:
42:80:d5:f6:20:9d:2c:9c:af:8a:32:ee:0a:41:41:82:41:eb:
b1:ba:8f:90:76:22:8d:f8:07:a9:bb:76:a7:aa:49:27:de:cd:
34:56:9b:94:a6:f3:96:22:f7:5d:e1:9f:38:54:9c:5e:2f:a9:
e4:81:a2:fe:23:d1:96:b2:fe:19:cb:a8:2f:c4:ec:06:ac:11:
05:c4:a3:0e:c3:4c:cd:ec:1b:ea:c5:7d:8d:d8:c5:02:7b:26:
f5:3d:1b:22:aa:c7:3d:63:74:bd:ba:64:b6:8e:9c:13:3b:47:
3c:30:bf:09:d9:1f:e1:fb:bf:95:4e:61:fb:c7:68:05:c2:ac:
62:b4:85:1f:1b:4f:4c:96:b7:15:1c:70:fc:c5:59:dc:13:f1:
34:16:dd:69:1e:52:51:63:75:9a:77:9c:8c:6e:01:9c:ba:4a:
ad:6b:c0:1b:ef:be:9b:3a:31:55:b6:45:b1:50:16:5e:0e:3a:
41:47:d1:7d:dd:75:06:c2:82:f0:5c:9a:cb:61:48:3c:63:d7:
21:f6:c3:93:23:88:1b:86:96:23:0e:6a:17:27:6e:d7:0c:a1:
1b:f9:dc:f2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBsoUw0Ys40U4F7urxwqdQHQsjgEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDAwMDlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3ZmIxZWE3ZTZlNmY5MjdjODU4N2E3MGM3MjM3MGI0MTllYzk0ZWFmYTIw
MTZhYTQwM2IyZGZjZjgzNWFjZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMBmJLYquOyywyJ/g7BijKVlR5X8ZBVvOLi6I2y7X78+ZjwaNc9dWD9lEQ0
rjRomxY1N3evzjVvKKzFZ7xC38pq8Y8mFcPWyiIvhFUsPM/A85f2+07Pors7Ueiv
3dMNHNiXN9u2KpiBuW8QGuKHObGXXG4AQ4d4/CZ+OGhpKovt6nY574xNEZXCAw8E
5Kzu8uYbg6inUpBPKUKdmZf1JU+i224BO776H3s3/c3LJflyduDFJJisNGVG9gZI
sZ9taAbwR7NVDpYbXILk37Mg5epInPRxiSQU5gp3OvbuIBwt15GM3YmPL22kIr0t
GF4iXMMoM2rZop5ERi3BctZiRUECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBStzxjI
lR53lvaWYBT9vpyZa8d+ZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTc1ZTMwYzgtMmVhNS00ZTk3LTg3MmItNmFmMGIzZTgzMThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZA
MA0GCSqGSIb3DQEBCwUAA4IBAQCXOcPrrrtphLRiVCfJKHy1IvFIX3v7Sa2bHCOb
DwSIrpnz6lVCgNX2IJ0snK+KMu4KQUGCQeuxuo+QdiKN+Aepu3anqkkn3s00VpuU
pvOWIvdd4Z84VJxeL6nkgaL+I9GWsv4Zy6gvxOwGrBEFxKMOw0zN7BvqxX2N2MUC
eyb1PRsiqsc9Y3S9umS2jpwTO0c8ML8J2R/h+7+VTmH7x2gFwqxitIUfG09MlrcV
HHD8xVncE/E0Ft1pHlJRY3Wad5yMbgGcukqta8Ab776bOjFVtkWxUBZeDjpBR9F9
3XUGwoLwXJrLYUg8Y9ch9sOTI4gbhpYjDmoXJ27XDKEb+dzy
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:22 2025 by rpki-client