Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
File: 60b690d0-a362-4547-bf57-d14f49f40869.roa (raw, json)
Hash identifier: DMMSS2ENKN9xg3UerKEg7nn6RF0ik3QlkfS3+l4uMvc=
Subject key identifier: 8E:A3:9A:BD:13:52:68:14:00:A0:41:51:D2:D2:72:55:C3:2C:44:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 551CAFD3F27799E6A13767B0B74E7796826E45AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
Signing time: Tue 21 Oct 2025 13:20:06 +0000
ROA not before: Tue 21 Oct 2025 13:20:06 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:1c:af:d3:f2:77:99:e6:a1:37:67:b0:b7:4e:77:96:82:6e:45:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:06 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=700ffd7f86e8cc6995f543ef3310ece2bd7f5631bb7a80626626060e58d75c48, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c3:69:ef:65:99:62:90:a3:b9:7d:90:01:4a:
ab:13:0c:df:4c:0d:ba:29:84:a6:fc:ab:ea:41:75:
d8:67:ef:a5:cb:c6:9b:1c:2f:35:c4:c5:ba:9a:0c:
50:59:5b:dd:dc:1a:76:0e:1a:d4:3c:b3:8a:7f:33:
38:ae:4b:5f:db:fb:c7:dc:f5:ee:ad:95:be:8f:51:
13:6f:4e:3e:91:04:0d:1e:67:0e:95:71:5d:68:39:
15:1d:95:41:3b:8e:76:b4:4f:54:90:ee:49:54:91:
cd:be:49:90:67:c1:49:ca:68:40:cb:4f:9a:ba:d4:
36:29:01:f8:74:62:fe:48:b4:17:e9:a5:61:c9:20:
92:40:32:71:a4:6e:2c:70:7d:da:9f:07:c9:8c:18:
0e:aa:72:cc:44:a3:7f:a0:7c:2c:a2:cf:f4:ec:8a:
61:df:b7:55:8d:7c:f7:ad:f7:df:1e:41:db:17:66:
8a:49:46:6e:a6:03:96:d4:13:6b:7b:f5:40:6a:a0:
d1:3d:0e:99:50:45:26:45:1c:96:42:18:c6:9c:8b:
36:d0:96:bb:9c:7f:21:5c:c8:d1:5e:cf:26:5e:22:
29:c5:72:43:e4:8e:a8:03:e1:dd:ea:13:8c:18:17:
8e:f8:b4:80:94:6b:9a:7a:01:e8:51:b3:11:4f:99:
c4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A3:9A:BD:13:52:68:14:00:A0:41:51:D2:D2:72:55:C3:2C:44:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:400::/38
Signature Algorithm: sha256WithRSAEncryption
c1:08:ef:ee:06:aa:d2:d1:f0:0c:8d:ca:d5:15:be:82:15:40:
84:ea:01:8b:99:8b:3c:df:66:9c:b3:23:39:5d:fa:48:45:ff:
8c:c7:80:6b:bf:05:36:be:ad:b6:de:e0:8f:15:7c:ee:97:2d:
81:e2:a8:eb:a4:61:71:2f:bc:57:ab:5b:e9:dc:6d:03:35:f2:
32:01:4f:01:48:cb:ea:42:31:39:f9:eb:32:09:03:8a:16:9f:
ba:53:09:fe:40:6a:c2:cb:1d:52:90:f7:7b:ca:d7:ec:d9:59:
43:e6:84:15:e3:f1:b5:63:b5:9a:7a:35:3e:c6:50:a4:35:ff:
a9:1c:de:ea:6a:0c:c3:d8:19:75:91:97:0e:a8:ff:d8:b9:9a:
4e:52:4f:2b:0c:b4:e1:7c:af:c1:33:3d:fc:79:9b:a9:61:f2:
ee:9e:8e:76:bb:7c:87:c5:2a:c6:f4:80:1f:11:44:65:bd:63:
0a:db:6b:d2:15:d7:c2:fc:8b:73:3d:8c:28:3d:aa:42:fd:65:
e5:e7:d2:9e:24:7f:4e:3c:8a:f7:ef:ab:70:8a:9c:fa:16:7c:
d2:93:e5:ef:92:1a:2d:b1:81:25:66:eb:d9:d9:1c:3e:9d:3c:
95:63:dc:5a:ff:74:af:bc:8d:a5:dc:c2:de:5f:b2:b6:a5:cc:
e6:0c:f5:66
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVRyv0/J3meahN2ewt053loJuRa0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwMDZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwMGZmZDdmODZlOGNjNjk5NWY1NDNlZjMzMTBlY2UyYmQ3ZjU2MzFiYjdh
ODA2MjY2MjYwNjBlNThkNzVjNDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzDae9lmWKQo7l9kAFKqxMM30wNuimEpvyr6kF12GfvpcvGmxwvNcTFupoM
UFlb3dwadg4a1Dyzin8zOK5LX9v7x9z17q2Vvo9RE29OPpEEDR5nDpVxXWg5FR2V
QTuOdrRPVJDuSVSRzb5JkGfBScpoQMtPmrrUNikB+HRi/ki0F+mlYckgkkAycaRu
LHB92p8HyYwYDqpyzESjf6B8LKLP9OyKYd+3VY1896333x5B2xdmiklGbqYDltQT
a3v1QGqg0T0OmVBFJkUclkIYxpyLNtCWu5x/IVzI0V7PJl4iKcVyQ+SOqAPh3eoT
jBgXjvi0gJRrmnoB6FGzEU+ZxIkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSOo5q9
E1JoFACgQVHS0nJVwyxEXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjBiNjkwZDAtYTM2Mi00NTQ3LWJmNTctZDE0ZjQ5ZjQwODY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgE
MA0GCSqGSIb3DQEBCwUAA4IBAQDBCO/uBqrS0fAMjcrVFb6CFUCE6gGLmYs832ac
syM5XfpIRf+Mx4BrvwU2vq223uCPFXzuly2B4qjrpGFxL7xXq1vp3G0DNfIyAU8B
SMvqQjE5+esyCQOKFp+6Uwn+QGrCyx1SkPd7ytfs2VlD5oQV4/G1Y7WaejU+xlCk
Nf+pHN7qagzD2Bl1kZcOqP/YuZpOUk8rDLThfK/BMz38eZupYfLuno52u3yHxSrG
9IAfEURlvWMK22vSFdfC/ItzPYwoPapC/WXl59KeJH9OPIr376twipz6FnzSk+Xv
khotsYElZuvZ2Rw+nTyVY9xa/3SvvI2l3MLeX7K2pczmDPVm
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:59 2025 by rpki-client