Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
File: 581266ac-af97-4864-a566-36693b593269.roa (raw, json)
Hash identifier: fkd44P/yqVNTNqgrILs9Zf/lFsvCEyIAn4PW1/51bQQ=
Subject key identifier: F7:1F:23:F0:B6:F9:9A:AC:74:4B:BA:EB:99:F3:02:7E:64:40:07:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77E653BF66171E7AB3E7DFEB85ACEC6DE3EDC6C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
Signing time: Tue 21 Oct 2025 13:31:06 +0000
ROA not before: Tue 21 Oct 2025 13:31:06 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:e6:53:bf:66:17:1e:7a:b3:e7:df:eb:85:ac:ec:6d:e3:ed:c6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:31:06 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=ee05750c41f1779a0d2ee0c6f6f607242f966539d838686b9da1d8a407f3e729, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b2:8e:3d:64:86:39:ba:d6:d3:f5:03:9b:0b:
71:56:0a:b0:79:0b:e4:e4:44:e7:93:d9:6d:c4:d9:
e6:0e:53:21:dd:1d:1c:16:f5:bb:7b:f7:ad:33:ba:
71:02:9b:bf:e9:cf:d1:31:07:96:f6:79:ce:54:bb:
c0:2c:5d:f5:e9:4b:a1:45:77:ca:dd:1b:2e:fa:91:
14:8e:a6:41:52:df:54:33:eb:db:be:16:3e:72:4a:
de:3f:69:1a:26:96:f6:b3:4a:30:f0:29:95:4d:4d:
b7:ae:f9:9f:5b:23:d8:29:ef:5d:51:73:2a:97:62:
ca:f1:8b:30:88:eb:67:00:7f:11:f1:9c:be:21:81:
f6:88:26:e8:a8:e1:0c:20:5f:84:3d:50:de:08:c7:
60:b3:77:0f:72:49:31:e8:f5:13:ae:05:cf:a7:e0:
34:c1:3e:6c:6c:2c:0d:50:e3:d1:fe:00:19:04:3f:
47:38:4b:4f:92:1c:15:5d:9e:24:08:4c:0d:9b:98:
2e:e0:c4:3d:a8:4c:9b:45:f0:4f:8b:ee:6a:ca:76:
72:e8:45:16:97:f3:34:ef:0c:ea:4a:c7:5b:7a:29:
74:76:67:6d:12:6e:c0:4b:55:12:8e:04:6b:8c:90:
66:93:aa:24:33:86:40:a6:72:fc:eb:af:a5:77:ae:
26:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:1F:23:F0:B6:F9:9A:AC:74:4B:BA:EB:99:F3:02:7E:64:40:07:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
6a:c3:10:25:51:db:72:11:75:02:21:c0:bf:d8:ca:fe:5f:62:
89:7b:c7:89:72:e3:7c:bf:d8:9a:0d:f0:2c:bd:b7:d6:9d:74:
a1:14:48:98:10:c0:6d:dd:f7:66:f2:4f:78:91:0b:5e:1c:d1:
ac:8c:5f:35:f3:e3:d5:7b:e7:2a:b6:0f:f2:b2:15:dc:7b:24:
27:b6:ae:b2:58:d6:d2:6d:67:cd:58:6a:1a:17:6c:30:40:46:
3b:84:70:d1:20:68:2a:ce:1b:34:a9:0e:d9:43:28:e0:b4:fc:
02:5e:27:93:37:be:61:21:bf:fe:1a:33:97:88:ce:38:85:ab:
9b:05:e6:0d:e0:27:c0:4d:4b:a5:b9:74:52:00:14:e7:f7:3b:
68:8a:c0:41:67:6b:13:be:29:77:43:af:f0:00:9d:7f:16:10:
7d:36:b0:37:32:77:31:fc:80:4b:77:ae:44:f2:d5:d4:f4:30:
dc:53:f6:82:2f:b6:23:dd:23:a1:cd:90:a0:d5:4b:f9:96:03:
dd:b0:fb:72:5f:1c:aa:1f:95:12:70:5c:34:f6:df:50:77:eb:
2e:28:0f:33:fb:47:6c:6f:1c:94:94:e2:5b:c6:0a:e4:99:2c:
bf:76:d9:5f:37:2b:d7:39:74:70:75:68:2e:42:08:fa:5d:54:
9e:55:71:ed
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd+ZTv2YXHnqz59/rhazsbePtxsgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMxMDZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlMDU3NTBjNDFmMTc3OWEwZDJlZTBjNmY2ZjYwNzI0MmY5NjY1MzlkODM4
Njg2YjlkYTFkOGE0MDdmM2U3MjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqyjj1khjm61tP1A5sLcVYKsHkL5ORE55PZbcTZ5g5TId0dHBb1u3v3rTO6
cQKbv+nP0TEHlvZ5zlS7wCxd9elLoUV3yt0bLvqRFI6mQVLfVDPr274WPnJK3j9p
GiaW9rNKMPAplU1Nt675n1sj2CnvXVFzKpdiyvGLMIjrZwB/EfGcviGB9ogm6Kjh
DCBfhD1Q3gjHYLN3D3JJMej1E64Fz6fgNME+bGwsDVDj0f4AGQQ/RzhLT5IcFV2e
JAhMDZuYLuDEPahMm0XwT4vuasp2cuhFFpfzNO8M6krHW3opdHZnbRJuwEtVEo4E
a4yQZpOqJDOGQKZy/OuvpXeuJn0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT3HyPw
tvmarHRLuuuZ8wJ+ZEAHrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTgxMjY2YWMtYWY5Ny00ODY0LWE1NjYtMzY2OTNiNTkzMjY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+A
MA0GCSqGSIb3DQEBCwUAA4IBAQBqwxAlUdtyEXUCIcC/2Mr+X2KJe8eJcuN8v9ia
DfAsvbfWnXShFEiYEMBt3fdm8k94kQteHNGsjF818+PVe+cqtg/yshXceyQntq6y
WNbSbWfNWGoaF2wwQEY7hHDRIGgqzhs0qQ7ZQyjgtPwCXieTN75hIb/+GjOXiM44
haubBeYN4CfATUuluXRSABTn9ztoisBBZ2sTvil3Q6/wAJ1/FhB9NrA3Mncx/IBL
d65E8tXU9DDcU/aCL7Yj3SOhzZCg1Uv5lgPdsPtyXxyqH5UScFw09t9Qd+suKA8z
+0dsbxyUlOJbxgrkmSy/dtlfNyvXOXRwdWguQgj6XVSeVXHt
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:21:14 2025 by rpki-client