Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
File: 58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa (raw, json)
Hash identifier: tCji+WhSnX9Hoaz9ilgSM9Gh1gMSwIWZopO0x5KWwlw=
Subject key identifier: 67:55:E2:96:B1:06:86:57:B0:16:25:EF:DC:A6:2D:A4:D3:4A:53:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 627E1CA3D75159D89A2D2EA309A5663D01B85E18
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
Signing time: Tue 21 Oct 2025 14:31:15 +0000
ROA not before: Tue 21 Oct 2025 14:31:15 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:7e:1c:a3:d7:51:59:d8:9a:2d:2e:a3:09:a5:66:3d:01:b8:5e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:31:15 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=83087b0d344f1133be9f2941631bad8700c8ee04315a4898dfe01a6a48217e89, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a6:69:59:8b:75:e3:0b:e6:48:d8:e3:8c:66:
e2:91:75:12:54:20:b9:62:61:5d:83:49:f6:f4:fc:
7b:de:00:6a:8a:de:ad:0c:35:fd:1f:42:71:80:17:
a1:f4:5f:6f:8c:f2:b3:8d:4f:46:1e:f5:44:0e:09:
89:e8:83:5f:71:1e:58:35:49:16:ee:8b:ad:e8:0b:
17:1d:c1:40:88:38:7a:f5:e2:0a:40:57:d1:06:54:
ba:68:cb:5e:55:8c:b6:71:89:1c:5b:50:2f:39:d3:
e0:2e:b2:43:f5:b3:c4:be:47:f8:35:b3:5b:a0:7c:
e3:8f:bc:67:b7:e6:35:75:0e:db:e4:38:32:57:a1:
8b:7c:be:cb:f5:f5:5a:38:99:d9:ed:64:ee:d8:c4:
9c:9b:54:f0:c0:40:f7:e6:b4:30:22:1a:ab:ae:06:
f9:c0:09:c6:32:32:ad:cd:de:08:80:89:be:bf:ce:
b4:44:b2:67:24:01:f6:56:68:3c:00:01:7c:fc:20:
54:19:a6:14:2f:00:3f:e6:82:57:40:25:c6:9d:3d:
8a:b9:b9:4e:d4:92:74:e4:f0:c5:c1:9b:61:e2:74:
b0:36:37:2e:b4:c3:06:64:04:59:20:c2:41:a5:e6:
55:ba:b5:de:c0:59:21:ec:7b:86:8d:c0:d5:d6:84:
3a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:55:E2:96:B1:06:86:57:B0:16:25:EF:DC:A6:2D:A4:D3:4A:53:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2040::/48
Signature Algorithm: sha256WithRSAEncryption
87:2b:63:68:12:66:f9:9a:db:c7:6e:e1:81:d6:5f:09:f2:0e:
31:9d:12:a9:5f:00:c0:da:bd:2a:2b:d4:2e:18:8c:fa:5f:02:
99:8e:6e:72:af:71:2f:92:b6:cc:fc:e1:a4:7d:02:82:98:92:
1c:4f:6e:a6:a3:40:23:d0:84:39:fa:01:4b:d5:09:76:a0:03:
23:48:71:01:11:56:33:bb:87:fe:59:16:91:43:72:88:ca:18:
b0:03:ed:fd:54:fe:9b:97:f2:04:6f:30:74:55:25:8b:79:a6:
68:b7:da:a9:7d:20:7e:b6:83:46:93:26:c5:92:28:5a:0d:b3:
de:62:db:a0:01:a9:94:b0:fc:99:79:4e:e0:f2:16:8d:7f:00:
7c:9c:eb:d1:ea:d4:92:7b:12:ee:5b:ce:0c:eb:c6:3b:ac:de:
74:97:cc:73:cf:23:79:be:1c:6b:cf:b3:40:21:f1:ed:21:b0:
99:4e:d4:30:da:99:f6:33:c7:6b:5d:6a:14:43:f2:8e:95:5a:
dc:cb:a4:fd:86:84:5f:ff:28:08:01:54:f5:1e:a3:47:29:f2:
b3:40:d0:5d:77:0a:0a:78:0c:cd:60:a4:4c:5b:7b:8f:79:ed:
0b:c4:ed:e7:86:27:12:0d:01:15:27:0f:17:79:e1:9a:c1:83:
75:ff:d9:7b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYn4co9dRWdiaLS6jCaVmPQG4XhgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMxMTVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzMDg3YjBkMzQ0ZjExMzNiZTlmMjk0MTYzMWJhZDg3MDBjOGVlMDQzMTVh
NDg5OGRmZTAxYTZhNDgyMTdlODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCmaVmLdeML5kjY44xm4pF1ElQguWJhXYNJ9vT8e94AaorerQw1/R9CcYAX
ofRfb4zys41PRh71RA4JieiDX3EeWDVJFu6LregLFx3BQIg4evXiCkBX0QZUumjL
XlWMtnGJHFtQLznT4C6yQ/WzxL5H+DWzW6B844+8Z7fmNXUO2+Q4Mlehi3y+y/X1
WjiZ2e1k7tjEnJtU8MBA9+a0MCIaq64G+cAJxjIyrc3eCICJvr/OtESyZyQB9lZo
PAABfPwgVBmmFC8AP+aCV0Alxp09irm5TtSSdOTwxcGbYeJ0sDY3LrTDBmQEWSDC
QaXmVbq13sBZIex7ho3A1daEOl0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRnVeKW
sQaGV7AWJe/cpi2k00pT8zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg1NTdhODktYjQzMS00OWMzLWJjMGUtZDQ5ZTJkNGM3OWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
QDANBgkqhkiG9w0BAQsFAAOCAQEAhytjaBJm+Zrbx27hgdZfCfIOMZ0SqV8AwNq9
KivULhiM+l8CmY5ucq9xL5K2zPzhpH0CgpiSHE9upqNAI9CEOfoBS9UJdqADI0hx
ARFWM7uH/lkWkUNyiMoYsAPt/VT+m5fyBG8wdFUli3mmaLfaqX0gfraDRpMmxZIo
Wg2z3mLboAGplLD8mXlO4PIWjX8AfJzr0erUknsS7lvODOvGO6zedJfMc88jeb4c
a8+zQCHx7SGwmU7UMNqZ9jPHa11qFEPyjpVa3Muk/YaEX/8oCAFU9R6jRynys0DQ
XXcKCngMzWCkTFt7j3ntC8Tt54YnEg0BFScPF3nhmsGDdf/Zew==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:39 2025 by rpki-client