Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
File: 6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa (raw, json)
Hash identifier: OjHCXBCTWeqbdZ3O6prPjEXTJ6m//xF2Lqbnb2afpFc=
Subject key identifier: 43:AA:D4:E5:B4:F2:E7:90:B3:24:5B:07:68:11:05:44:15:8A:14:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DD228266D16615106FEB36C79781DAC363F4956
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
Signing time: Tue 21 Oct 2025 14:30:15 +0000
ROA not before: Tue 21 Oct 2025 14:30:15 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:d2:28:26:6d:16:61:51:06:fe:b3:6c:79:78:1d:ac:36:3f:49:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:30:15 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=88835fdb90232c021252374e403cb7c57627f6199c8bc1950eb54f88a07d1ec9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3c:4d:01:2e:3d:f2:77:3f:5e:a7:2f:ee:b8:
2d:17:c8:00:07:57:c0:f1:7e:69:f8:9a:b1:e5:25:
6b:a4:da:a9:6e:01:ae:73:a8:c2:61:cd:7c:5e:1c:
8b:2e:5d:64:31:14:be:4a:02:73:72:92:1c:1e:e1:
50:60:30:d3:86:e0:a6:04:09:0f:ce:81:02:c4:ab:
aa:6e:b5:b7:a9:98:c8:64:d6:f0:3b:2c:a0:0f:98:
1d:bb:f3:1a:b8:b6:c3:f9:fe:a9:5c:c4:3b:b4:ff:
f4:e4:d9:90:67:fc:d3:59:c2:d7:90:b7:dd:2d:22:
ad:19:be:d0:13:c3:33:da:df:ec:aa:3b:cc:ef:24:
e1:9b:f5:9c:7c:bc:4d:fc:0f:fb:4f:f1:22:66:76:
46:a2:89:bb:6d:08:31:9f:10:07:a3:89:f3:40:7c:
85:a3:b0:69:2a:de:68:17:c1:0e:1f:b6:d2:a9:07:
db:db:fc:09:77:6b:47:36:53:7e:e1:38:1d:a8:4a:
cc:40:51:46:d3:1a:26:b9:88:a7:89:45:2d:30:20:
37:c2:f3:e6:39:61:b3:8c:2a:e9:1f:05:6a:bc:98:
78:a0:b5:b3:73:2a:7e:1b:93:64:06:24:b0:49:40:
e1:ae:7b:0c:16:5a:a2:8f:38:61:24:d2:9b:6f:25:
72:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AA:D4:E5:B4:F2:E7:90:B3:24:5B:07:68:11:05:44:15:8A:14:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/36
Signature Algorithm: sha256WithRSAEncryption
b3:01:42:b7:dc:2a:b3:fa:8a:12:a1:7c:9d:d3:71:33:39:6c:
3e:f7:a0:d1:9c:7c:7f:6a:9a:55:b4:7d:a2:98:fd:77:a9:b6:
93:58:09:59:a2:18:84:14:d3:09:52:88:e9:e8:72:de:ba:0a:
66:f1:04:20:7e:1c:18:85:a1:a7:3c:fc:6a:6d:32:57:61:9f:
88:57:3c:bc:2d:60:65:ed:25:1a:85:ac:4a:e9:e8:91:93:c2:
7e:2c:5c:01:60:ea:b3:6f:d9:0f:25:bf:d1:20:ec:91:9c:86:
46:4a:60:79:65:6c:d3:d5:bb:56:d4:82:50:e2:f7:26:6e:cd:
5b:99:75:9d:f4:1d:f5:b9:34:d9:e2:d1:c9:94:90:ce:3f:6b:
ae:2d:b7:bb:04:23:ba:b4:8e:35:f6:76:94:ff:86:0c:72:2e:
c7:55:43:69:c2:8d:0f:83:97:6b:52:aa:06:5e:da:5f:da:f0:
1a:8f:a7:58:c0:5d:e3:a0:d6:0d:36:3c:d4:6a:c5:0d:80:ef:
ec:f0:85:05:d9:1f:ab:a3:58:2a:f4:ea:55:19:d4:e7:59:01:
0c:be:a9:d9:ae:0f:9c:4d:43:dd:e5:40:cf:4c:73:67:4f:63:
58:df:36:71:1a:ce:3a:a9:4b:9e:30:6a:dd:eb:fc:a0:02:79:
8d:81:36:88
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULdIoJm0WYVEG/rNseXgdrDY/SVYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMwMTVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4ODM1ZmRiOTAyMzJjMDIxMjUyMzc0ZTQwM2NiN2M1NzYyN2Y2MTk5Yzhi
YzE5NTBlYjU0Zjg4YTA3ZDFlYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQ8TQEuPfJ3P16nL+64LRfIAAdXwPF+afiaseUla6TaqW4BrnOowmHNfF4c
iy5dZDEUvkoCc3KSHB7hUGAw04bgpgQJD86BAsSrqm61t6mYyGTW8DssoA+YHbvz
Gri2w/n+qVzEO7T/9OTZkGf801nC15C33S0irRm+0BPDM9rf7Ko7zO8k4Zv1nHy8
TfwP+0/xImZ2RqKJu20IMZ8QB6OJ80B8haOwaSreaBfBDh+20qkH29v8CXdrRzZT
fuE4HahKzEBRRtMaJrmIp4lFLTAgN8Lz5jlhs4wq6R8FaryYeKC1s3MqfhuTZAYk
sElA4a57DBZaoo84YSTSm28lcgkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRDqtTl
tPLnkLMkWwdoEQVEFYoUVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU1OGZhMTctMGNmYy00YTA2LThkNDgtNDdkOTZjMGQ0OWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQCzAUK33Cqz+ooSoXyd03EzOWw+96DRnHx/appV
tH2imP13qbaTWAlZohiEFNMJUojp6HLeugpm8QQgfhwYhaGnPPxqbTJXYZ+IVzy8
LWBl7SUahaxK6eiRk8J+LFwBYOqzb9kPJb/RIOyRnIZGSmB5ZWzT1btW1IJQ4vcm
bs1bmXWd9B31uTTZ4tHJlJDOP2uuLbe7BCO6tI419naU/4YMci7HVUNpwo0Pg5dr
UqoGXtpf2vAaj6dYwF3joNYNNjzUasUNgO/s8IUF2R+ro1gq9OpVGdTnWQEMvqnZ
rg+cTUPd5UDPTHNnT2NY3zZxGs46qUueMGrd6/ygAnmNgTaI
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:20 2025 by rpki-client