Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
File: 57cdb107-9a3c-4e41-87e2-149f989f7fae.roa (raw, json)
Hash identifier: rmx1PksSJ1taeWl2Mj6+a9j6qbG0aXRfz3ulukAZJBk=
Subject key identifier: E0:1F:98:C6:85:91:39:80:8D:6A:09:A4:FE:01:92:07:E3:56:B7:DF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1931881B95EEDE21E6E2F422653B148DD0696376
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
Signing time: Fri 24 Oct 2025 00:20:08 +0000
ROA not before: Fri 24 Oct 2025 00:20:08 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:31:88:1b:95:ee:de:21:e6:e2:f4:22:65:3b:14:8d:d0:69:63:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:08 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=a236addcbbda8c084acc0f070d8b19db02b79737a5f98e2cbf8604523fb38663, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e0:ac:e8:07:c4:bb:30:7f:d3:4a:09:60:bd:
75:46:d8:98:07:70:a1:82:16:37:b2:a1:25:40:60:
69:74:1c:8e:29:ef:59:b2:c9:93:f7:81:25:89:01:
5a:0c:54:9b:9b:cb:d7:7a:32:21:ab:25:53:ac:b1:
06:36:ed:cf:ab:83:b0:39:28:8a:b6:0a:ff:6b:02:
db:ae:d9:84:0b:c7:40:fb:7b:08:da:ff:3d:a6:60:
20:b6:0a:7a:aa:0e:65:6b:54:6f:05:5a:a9:a3:0f:
07:95:1d:2c:75:f8:4f:e5:6d:c4:b8:b7:10:a2:86:
dd:1f:4a:66:50:fe:cd:94:79:02:f9:8d:2a:1d:a8:
83:18:0b:ae:77:54:2c:1c:bc:91:d0:dd:d5:8b:15:
e7:03:7c:fb:05:b3:95:ea:4c:e8:d0:bd:62:36:76:
43:83:bf:ef:03:f3:12:1a:f5:85:7b:f1:81:06:6a:
85:a2:16:5f:b0:4e:38:17:fb:41:de:2a:07:31:4b:
42:6a:f2:e3:62:c8:3b:4d:d9:72:2d:29:b7:db:de:
9d:c1:aa:c2:0c:22:bf:29:38:60:5c:64:4b:2b:69:
33:6d:7d:cc:3d:ed:f5:90:1e:96:b6:cc:fc:eb:fd:
09:94:10:a8:0b:9b:3a:8a:61:83:31:82:83:37:29:
5a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:1F:98:C6:85:91:39:80:8D:6A:09:A4:FE:01:92:07:E3:56:B7:DF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
c9:83:d2:21:ce:84:f9:76:bf:87:ab:4c:b5:34:87:15:1a:eb:
56:65:af:8f:1e:8b:5d:f6:3f:60:d9:df:73:f2:24:2f:df:4c:
00:3a:f3:96:4d:66:e0:1e:88:ec:46:4f:7b:fa:56:39:44:0d:
d8:5a:37:2a:bf:b1:eb:34:d8:23:9a:cd:ab:62:51:1b:d3:fc:
f3:99:23:ee:96:a1:ec:b5:3a:c1:05:6e:81:4c:10:62:f0:dc:
72:7c:0a:d5:f8:83:1f:4f:58:8c:86:5b:c4:6c:4c:7d:7d:fc:
45:5d:89:b6:b9:ef:d1:ec:0b:5d:e1:46:16:25:7f:1b:5d:93:
fb:b0:de:d2:9e:1e:f5:aa:6d:ed:78:26:21:a2:10:77:0b:83:
88:2d:76:be:9b:bd:9f:00:d1:6c:63:05:9e:9d:cb:03:60:fc:
6b:b5:98:d0:c8:8d:ac:36:2c:2c:a1:15:41:eb:fc:92:1a:ea:
fa:5d:c8:f8:c0:bf:a3:09:6d:f9:d9:e3:9e:f3:72:a9:72:94:
18:7a:52:ea:e8:e7:87:a2:af:83:ba:11:a9:1e:51:f7:46:9e:
70:b3:20:ae:ac:8d:29:b7:27:98:ad:20:f7:11:ae:b8:27:78:
a1:b8:67:73:2c:11:ad:37:5b:b0:34:e1:60:09:a1:72:90:46:
e9:e4:0e:56
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGTGIG5Xu3iHm4vQiZTsUjdBpY3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMDhaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyMzZhZGRjYmJkYThjMDg0YWNjMGYwNzBkOGIxOWRiMDJiNzk3MzdhNWY5
OGUyY2JmODYwNDUyM2ZiMzg2NjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJPgrOgHxLswf9NKCWC9dUbYmAdwoYIWN7KhJUBgaXQcjinvWbLJk/eBJYkB
WgxUm5vL13oyIaslU6yxBjbtz6uDsDkoirYK/2sC267ZhAvHQPt7CNr/PaZgILYK
eqoOZWtUbwVaqaMPB5UdLHX4T+VtxLi3EKKG3R9KZlD+zZR5AvmNKh2ogxgLrndU
LBy8kdDd1YsV5wN8+wWzlepM6NC9YjZ2Q4O/7wPzEhr1hXvxgQZqhaIWX7BOOBf7
Qd4qBzFLQmry42LIO03Zci0pt9vencGqwgwivyk4YFxkSytpM219zD3t9ZAelrbM
/Ov9CZQQqAubOophgzGCgzcpWosCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTgH5jG
hZE5gI1qCaT+AZIH41a33zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdjZGIxMDctOWEzYy00ZTQxLTg3ZTItMTQ5Zjk4OWY3ZmFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
wDANBgkqhkiG9w0BAQsFAAOCAQEAyYPSIc6E+Xa/h6tMtTSHFRrrVmWvjx6LXfY/
YNnfc/IkL99MADrzlk1m4B6I7EZPe/pWOUQN2Fo3Kr+x6zTYI5rNq2JRG9P885kj
7pah7LU6wQVugUwQYvDccnwK1fiDH09YjIZbxGxMfX38RV2Jtrnv0ewLXeFGFiV/
G12T+7De0p4e9apt7XgmIaIQdwuDiC12vpu9nwDRbGMFnp3LA2D8a7WY0MiNrDYs
LKEVQev8khrq+l3I+MC/owlt+dnjnvNyqXKUGHpS6ujnh6Kvg7oRqR5R90aecLMg
rqyNKbcnmK0g9xGuuCd4obhncywRrTdbsDThYAmhcpBG6eQOVg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:23 2025 by rpki-client