Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
File: 70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa (raw, json)
Hash identifier: RH4ZTKbTWgDC5ZnmAt8v4m+hvXoobMgCDMfZmqb30+g=
Subject key identifier: 76:DC:19:88:C8:D0:49:C9:B6:2D:51:F9:D8:A2:62:DF:69:30:AC:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4904C1212F971EB66F46F4FF05F2A5B0FF0A4DB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
Signing time: Tue 21 Oct 2025 14:00:56 +0000
ROA not before: Tue 21 Oct 2025 14:00:56 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:04:c1:21:2f:97:1e:b6:6f:46:f4:ff:05:f2:a5:b0:ff:0a:4d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:00:56 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=17c52636a3f5c0a195806590999c32cf6553052d88426d379e23a6f27076fbee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a4:f7:b4:30:7b:c1:70:43:58:7a:52:d4:a6:
91:90:a4:dd:28:d6:d2:d6:5f:7c:24:17:87:ae:0c:
46:d8:70:d7:bc:1d:cd:4a:59:d4:79:c4:68:f2:8e:
16:4d:2d:db:19:9e:98:d0:21:29:f0:ef:26:94:bb:
2d:42:15:ef:0b:cb:71:9f:cb:e6:f8:84:c9:84:88:
80:86:69:a6:22:15:04:cf:f7:e2:9a:23:ad:bf:a0:
03:57:d4:1d:d5:81:cd:65:b7:b3:82:3b:b9:fc:73:
94:fe:6f:89:0b:30:c2:72:e9:3d:56:b4:c5:0c:6e:
56:22:16:48:f9:97:6e:ea:b8:db:0a:4e:67:27:10:
9d:44:f7:6b:c0:2a:1e:49:7c:6d:d6:91:22:9c:93:
d4:7e:f0:bd:ed:ce:ea:49:36:67:93:0b:85:06:bd:
1d:90:6e:9d:20:bd:b8:73:93:70:eb:d3:b0:a5:43:
cf:0b:fe:5c:b1:f8:e8:c0:f9:2b:d0:ea:3e:dd:d1:
b7:c4:1c:8f:f6:8b:c2:f8:ef:6c:f9:df:14:9a:ff:
cb:33:55:eb:b0:dc:e7:57:76:d6:7e:2a:22:fc:69:
75:36:d6:79:3d:08:e6:42:3c:7f:52:ba:e5:c0:27:
a6:d9:ed:3f:ad:63:3f:7d:f1:25:f1:a9:27:3f:7a:
2b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:DC:19:88:C8:D0:49:C9:B6:2D:51:F9:D8:A2:62:DF:69:30:AC:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:e000::/40
Signature Algorithm: sha256WithRSAEncryption
93:f2:7f:7b:8b:2a:1d:6a:fd:4c:81:21:e3:24:7c:29:71:5f:
ee:b5:df:33:fb:98:4c:39:d7:4d:b5:77:33:4a:74:04:a5:d2:
a8:93:a6:75:6e:eb:ab:d5:91:42:d2:55:f5:b2:69:f9:21:ee:
f9:8f:9a:3d:26:46:2e:12:7f:1c:a2:a2:d8:d9:1a:39:d3:4f:
62:c1:be:4b:90:d3:0a:31:3f:fe:db:a5:7c:bd:28:ed:33:03:
5e:44:71:41:a1:75:b3:e2:c5:41:a6:ee:84:64:3d:c2:f1:52:
e3:ee:fd:cf:46:4c:c6:52:25:46:8b:3b:4f:d2:0f:ce:0d:da:
13:20:31:e4:62:45:6e:85:9c:39:af:de:1e:f3:78:75:48:90:
42:5a:67:a6:03:fb:46:ec:38:b5:69:ec:1e:2f:98:06:57:55:
2c:5b:72:a9:9f:7f:8b:85:75:26:05:da:69:73:02:9f:84:09:
6a:c0:c7:04:f3:26:20:67:3c:0c:33:d2:dc:de:4f:15:69:32:
eb:00:a2:5a:45:42:53:8f:38:dc:9f:12:90:4a:12:b0:06:66:
c6:8c:dd:41:8a:54:bb:14:d3:b9:32:cc:0c:16:01:51:70:20:
5c:b7:27:e2:43:9c:1e:e8:36:a7:b1:61:4e:0a:8c:fd:af:ea:
e3:42:c8:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSQTBIS+XHrZvRvT/BfKlsP8KTbcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDAwNTZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3YzUyNjM2YTNmNWMwYTE5NTgwNjU5MDk5OWMzMmNmNjU1MzA1MmQ4ODQy
NmQzNzllMjNhNmYyNzA3NmZiZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKk97Qwe8FwQ1h6UtSmkZCk3SjW0tZffCQXh64MRthw17wdzUpZ1HnEaPKO
Fk0t2xmemNAhKfDvJpS7LUIV7wvLcZ/L5viEyYSIgIZppiIVBM/34pojrb+gA1fU
HdWBzWW3s4I7ufxzlP5viQswwnLpPVa0xQxuViIWSPmXbuq42wpOZycQnUT3a8Aq
Hkl8bdaRIpyT1H7wve3O6kk2Z5MLhQa9HZBunSC9uHOTcOvTsKVDzwv+XLH46MD5
K9DqPt3Rt8Qcj/aLwvjvbPnfFJr/yzNV67Dc51d21n4qIvxpdTbWeT0I5kI8f1K6
5cAnptntP61jP33xJfGpJz96K9kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR23BmI
yNBJybYtUfnYomLfaTCsXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzBhMmJjNmYtYWUwZi00ZjEzLTk0OTktNzhjNTA1YTVmN2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fjg
MA0GCSqGSIb3DQEBCwUAA4IBAQCT8n97iyodav1MgSHjJHwpcV/utd8z+5hMOddN
tXczSnQEpdKok6Z1buur1ZFC0lX1smn5Ie75j5o9JkYuEn8coqLY2Ro5009iwb5L
kNMKMT/+26V8vSjtMwNeRHFBoXWz4sVBpu6EZD3C8VLj7v3PRkzGUiVGiztP0g/O
DdoTIDHkYkVuhZw5r94e83h1SJBCWmemA/tG7Di1aeweL5gGV1UsW3Kpn3+LhXUm
BdppcwKfhAlqwMcE8yYgZzwMM9Lc3k8VaTLrAKJaRUJTjzjcnxKQShKwBmbGjN1B
ilS7FNO5MswMFgFRcCBctyfiQ5we6DansWFOCoz9r+rjQshX
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:10 2025 by rpki-client