Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
File: 5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa (raw, json)
Hash identifier: +k+2+P1JmwV15xf7+JwZzfvn/u4w8xKfTv1M2LuyluA=
Subject key identifier: FD:CA:38:08:04:4E:C5:A1:28:B7:EE:D7:22:A2:B6:A7:E7:43:4C:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35DC0B5D01274CFD8EB4616A30DFD15CCD5FDA7D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
Signing time: Tue 21 Oct 2025 14:20:41 +0000
ROA not before: Tue 21 Oct 2025 14:20:41 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:dc:0b:5d:01:27:4c:fd:8e:b4:61:6a:30:df:d1:5c:cd:5f:da:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:20:41 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=46bb11cfacea151e62b27eeb5fe2393009322bc839ae8d83d0e6010c54452d7c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:25:a8:62:ed:76:2b:66:63:c2:3d:8f:47:54:
0f:85:c3:a3:bd:81:9b:b0:c1:70:af:dc:56:b4:79:
b8:d4:d7:1b:e6:0a:79:2e:cf:a9:96:85:eb:cc:83:
f4:8d:0c:b6:be:e6:13:dd:ca:6b:02:83:06:32:b2:
1f:0a:f4:2f:5f:7c:c6:ee:83:41:0e:5d:2a:42:db:
04:ca:7e:42:5b:f8:bb:04:bd:fa:1a:bd:0b:37:a5:
4e:21:ee:ec:6c:9a:c7:43:d7:7b:40:87:20:b0:ce:
9a:ef:d0:de:c2:f1:97:6a:35:93:cf:d5:4f:78:e6:
9f:13:98:31:d5:35:ea:2d:de:81:c5:f8:0d:83:cc:
0b:c3:f0:ab:f1:3b:98:49:ad:fa:ad:a2:de:93:c7:
1f:4e:c6:9e:cb:cb:04:4d:5d:c9:1b:76:5e:5b:ec:
2c:8d:73:9e:83:c4:6b:bc:26:e0:1e:8f:9c:6d:3e:
fa:01:1a:8a:8a:50:22:66:d4:21:05:ee:15:1f:48:
24:19:a1:57:40:06:6f:46:85:f7:1d:fc:2f:3b:2a:
ae:d7:3f:7e:a8:a8:7d:d3:94:12:3f:9c:d8:6c:e8:
df:93:09:a5:e4:5e:9a:f0:fe:9a:2d:4d:89:ef:d3:
1f:84:a7:a0:7f:be:7c:9e:82:20:32:7e:d9:70:f6:
69:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:CA:38:08:04:4E:C5:A1:28:B7:EE:D7:22:A2:B6:A7:E7:43:4C:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025:1000::/36
Signature Algorithm: sha256WithRSAEncryption
11:50:65:02:ff:cf:1e:8b:43:4e:14:6f:70:22:3d:a2:47:da:
81:8d:a1:0e:43:05:83:e1:23:78:35:ee:92:e7:ca:f1:91:01:
85:5e:93:4f:bb:b5:9a:c4:05:1d:7e:5b:7e:ac:0d:3e:6d:36:
90:1b:d9:b2:d4:c8:a0:20:0a:2d:e5:43:3d:05:51:d9:d1:a2:
f0:4e:2a:0b:12:fe:cb:cf:df:3d:98:21:96:d3:7d:86:bf:47:
c4:53:9c:db:b7:8e:94:98:92:60:95:84:93:73:93:f3:71:4a:
d2:56:ee:c1:75:50:fd:a6:bb:8c:91:6a:92:33:39:8b:ea:55:
20:f9:dd:63:f2:b5:29:e7:c1:0d:ec:87:95:ab:28:74:ed:e0:
14:fe:27:f1:72:dc:86:41:d8:52:da:73:32:0d:e1:95:27:ee:
53:d7:be:5e:05:58:57:f5:7d:b3:49:c0:a0:e8:b4:fc:dd:c7:
a5:4d:5c:45:44:cc:c6:59:8d:65:74:6a:7c:ad:2f:ef:63:34:
a3:85:9b:f3:5e:12:c9:0d:5e:5b:3d:99:31:b8:61:ab:38:3c:
ac:07:db:48:db:ff:8a:d9:80:99:a1:41:60:93:dc:4f:97:59:
7c:d1:8d:89:1d:a0:b5:99:46:a9:ba:2a:c7:54:6f:26:69:d4:
b5:a2:0b:2b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNdwLXQEnTP2OtGFqMN/RXM1f2n0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIwNDFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2YmIxMWNmYWNlYTE1MWU2MmIyN2VlYjVmZTIzOTMwMDkzMjJiYzgzOWFl
OGQ4M2QwZTYwMTBjNTQ0NTJkN2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMlqGLtditmY8I9j0dUD4XDo72Bm7DBcK/cVrR5uNTXG+YKeS7PqZaF68yD
9I0Mtr7mE93KawKDBjKyHwr0L198xu6DQQ5dKkLbBMp+Qlv4uwS9+hq9CzelTiHu
7Gyax0PXe0CHILDOmu/Q3sLxl2o1k8/VT3jmnxOYMdU16i3egcX4DYPMC8Pwq/E7
mEmt+q2i3pPHH07GnsvLBE1dyRt2XlvsLI1znoPEa7wm4B6PnG0++gEaiopQImbU
IQXuFR9IJBmhV0AGb0aF9x38Lzsqrtc/fqiofdOUEj+c2Gzo35MJpeRemvD+mi1N
ie/TH4SnoH++fJ6CIDJ+2XD2aZsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT9yjgI
BE7FoSi37tcioran50NMrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWE1ODVlOWQtOGJmMC00YmMxLWFkN2ItYjZjM2UwYmY5YjkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQARUGUC/88ei0NOFG9wIj2iR9qBjaEOQwWD4SN4
Ne6S58rxkQGFXpNPu7WaxAUdflt+rA0+bTaQG9my1MigIAot5UM9BVHZ0aLwTioL
Ev7Lz989mCGW032Gv0fEU5zbt46UmJJglYSTc5PzcUrSVu7BdVD9pruMkWqSMzmL
6lUg+d1j8rUp58EN7IeVqyh07eAU/ifxctyGQdhS2nMyDeGVJ+5T175eBVhX9X2z
ScCg6LT83celTVxFRMzGWY1ldGp8rS/vYzSjhZvzXhLJDV5bPZkxuGGrODysB9tI
2/+K2YCZoUFgk9xPl1l80Y2JHaC1mUapuirHVG8madS1ogsr
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:17 2025 by rpki-client