Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee98048-5141-4b16-8b8c-269a397f53ce.roa
File: 6ee98048-5141-4b16-8b8c-269a397f53ce.roa (raw, json)
Hash identifier: V5NwGqCmVvwJnuGi0V1XSiYeQOvBNpHwbaFRI4nSVUE=
Subject key identifier: 2E:D8:7D:69:C7:92:73:03:8C:77:37:79:D6:00:2E:6E:87:A1:EE:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77B3B3B7B7018CE6D8AC06DBA6FA682C70FBB79A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee98048-5141-4b16-8b8c-269a397f53ce.roa
Signing time: Tue 21 Oct 2025 14:00:39 +0000
ROA not before: Tue 21 Oct 2025 14:00:39 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:b3:b3:b7:b7:01:8c:e6:d8:ac:06:db:a6:fa:68:2c:70:fb:b7:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:00:39 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=dadcb2e862c939997e24cc12dde98c018d3bcdc5da724ab524666cbeb8afda42, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b2:e0:c9:2a:e9:37:90:9f:d2:c1:cd:bf:c8:
a3:7f:bb:c8:51:a9:c5:58:ba:04:3f:4f:ea:d3:4e:
56:b6:69:02:cb:74:76:c6:15:6d:61:18:71:dd:38:
00:d2:95:5f:a6:77:2f:98:6d:e1:82:a9:52:75:af:
ef:92:91:fd:dc:11:a5:02:b7:5e:9a:7d:53:01:43:
63:47:78:4a:95:1c:0e:8e:d1:9e:24:bb:05:e2:78:
42:09:6f:96:b5:c1:ce:6e:15:59:30:ef:9f:6f:b8:
3c:a0:80:d7:6b:0e:e1:70:16:dc:6b:66:af:d7:a0:
4c:2d:76:00:f9:0c:5f:d7:29:a8:26:98:98:73:d4:
eb:e1:9c:f6:c1:f0:d3:55:cb:99:cd:18:37:5f:75:
13:48:df:03:b1:f1:3a:78:c7:00:d1:90:33:46:41:
6d:d7:3a:00:3c:c6:60:21:84:fa:1a:c7:e9:77:9d:
19:2d:bf:e2:cd:31:3f:5a:75:8b:c0:ce:69:25:6e:
dd:92:ea:a0:c2:b5:f8:91:c0:be:68:d6:b1:06:8f:
bd:a2:34:c3:4a:dc:41:49:29:c0:39:d9:06:4a:44:
f1:7d:bd:08:d4:ea:e5:c3:20:a5:04:d2:82:8a:11:
15:ac:91:54:f9:49:ca:83:b5:0c:89:28:6b:43:38:
51:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D8:7D:69:C7:92:73:03:8C:77:37:79:D6:00:2E:6E:87:A1:EE:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee98048-5141-4b16-8b8c-269a397f53ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4080::/48
Signature Algorithm: sha256WithRSAEncryption
2e:17:70:34:32:1a:8d:88:ac:20:ec:54:dd:c7:ac:95:6b:70:
31:dd:61:bd:9c:7e:8a:df:2b:26:b1:ef:12:31:2e:88:9d:28:
3b:fd:8b:c8:39:ef:53:c3:94:5f:84:11:8e:09:8b:0f:8f:42:
fb:94:d4:c2:79:bc:72:9c:5c:d6:58:b3:47:70:34:9b:e5:9f:
1a:0c:26:16:9f:b0:36:0d:db:3a:94:59:28:22:95:d8:6b:4e:
8b:80:66:f8:cb:ce:66:8b:df:14:3a:6e:c5:ca:c5:96:1d:87:
3a:cd:14:91:d0:4c:fd:58:a1:f3:26:43:aa:27:61:ce:f5:34:
ff:6d:67:ff:bc:de:0a:cd:c5:86:a8:a0:65:f8:f4:81:37:44:
ac:29:36:42:b4:4d:3e:51:5c:0c:25:09:2c:4f:38:3a:f4:fd:
b3:5b:e8:80:fa:35:74:1b:2c:eb:7e:dc:1f:2c:f3:ca:30:fa:
04:0c:b9:88:0e:60:a9:fe:2a:bc:a7:41:36:06:aa:57:2d:48:
75:77:27:16:a9:c4:f2:9e:73:6a:62:40:c0:2a:fa:67:ff:56:
4b:d2:a4:53:97:b1:d3:7f:de:72:d7:79:77:28:5f:eb:4a:54:
06:ac:af:6a:fd:c5:a4:6f:36:a3:d9:12:48:90:54:d6:5d:8d:
56:e2:f1:0e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd7Ozt7cBjObYrAbbpvpoLHD7t5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDAwMzlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhZGNiMmU4NjJjOTM5OTk3ZTI0Y2MxMmRkZTk4YzAxOGQzYmNkYzVkYTcy
NGFiNTI0NjY2Y2JlYjhhZmRhNDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSy4Mkq6TeQn9LBzb/Io3+7yFGpxVi6BD9P6tNOVrZpAst0dsYVbWEYcd04
ANKVX6Z3L5ht4YKpUnWv75KR/dwRpQK3Xpp9UwFDY0d4SpUcDo7RniS7BeJ4Qglv
lrXBzm4VWTDvn2+4PKCA12sO4XAW3Gtmr9egTC12APkMX9cpqCaYmHPU6+Gc9sHw
01XLmc0YN191E0jfA7HxOnjHANGQM0ZBbdc6ADzGYCGE+hrH6XedGS2/4s0xP1p1
i8DOaSVu3ZLqoMK1+JHAvmjWsQaPvaI0w0rcQUkpwDnZBkpE8X29CNTq5cMgpQTS
gooRFayRVPlJyoO1DIkoa0M4UZcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQu2H1p
x5JzA4x3N3nWAC5uh6HuijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVlOTgwNDgtNTE0MS00YjE2LThiOGMtMjY5YTM5N2Y1M2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
gDANBgkqhkiG9w0BAQsFAAOCAQEALhdwNDIajYisIOxU3ceslWtwMd1hvZx+it8r
JrHvEjEuiJ0oO/2LyDnvU8OUX4QRjgmLD49C+5TUwnm8cpxc1lizR3A0m+WfGgwm
Fp+wNg3bOpRZKCKV2GtOi4Bm+MvOZovfFDpuxcrFlh2HOs0UkdBM/Vih8yZDqidh
zvU0/21n/7zeCs3FhqigZfj0gTdErCk2QrRNPlFcDCUJLE84OvT9s1vogPo1dBss
637cHyzzyjD6BAy5iA5gqf4qvKdBNgaqVy1IdXcnFqnE8p5zamJAwCr6Z/9WS9Kk
U5ex03/ectd5dyhf60pUBqyvav3FpG82o9kSSJBU1l2NVuLxDg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:31 2025 by rpki-client