Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81554ff4-a7f9-41e4-90e9-b3761d63cb58.roa
File: 81554ff4-a7f9-41e4-90e9-b3761d63cb58.roa (raw, json)
Hash identifier: /2DghdTQBMrYuxP7rQyFi12Q7LhEmOGtLNj/lGKQrgs=
Subject key identifier: F2:27:AC:DC:82:F4:FC:EA:73:AA:7B:8A:CC:33:4B:9A:52:73:71:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B0847500BACE612ABEC4967A9494465A2C173B0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81554ff4-a7f9-41e4-90e9-b3761d63cb58.roa
Signing time: Tue 21 Oct 2025 14:40:05 +0000
ROA not before: Tue 21 Oct 2025 14:40:05 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:08:47:50:0b:ac:e6:12:ab:ec:49:67:a9:49:44:65:a2:c1:73:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:40:05 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=cfc768d0f153460a11391a2cb08de160e57a5c9f1dc00fa57af2270a3364a8f1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9b:ef:30:4a:d3:3a:f9:2a:9b:75:72:ce:ee:
8d:eb:b4:6c:4e:e2:dc:83:83:d1:87:a5:2d:7a:d5:
6d:fb:70:63:50:78:9e:4f:5d:4c:0e:2a:d4:3f:aa:
d7:29:f4:3d:36:9d:9b:c8:d1:8a:70:be:e9:df:f9:
ae:54:62:be:9d:14:39:6c:63:9d:f5:55:b0:96:d4:
a9:dd:50:3d:42:37:ec:72:95:eb:50:ef:40:26:05:
36:52:6a:5d:2a:d8:54:48:53:1c:7a:76:23:7e:05:
58:3d:59:22:20:03:cd:15:db:4c:17:62:90:5a:af:
1e:58:28:85:f3:51:ac:f1:43:5a:21:85:6c:4a:7f:
af:b4:20:a0:62:87:31:a7:33:cf:bf:47:b3:30:6e:
b7:8f:29:5d:b3:59:90:bf:6c:a4:6f:68:06:9f:b0:
01:41:77:4e:49:fb:eb:8c:d2:eb:64:5c:97:f0:d2:
7e:94:7c:71:fa:51:b1:cd:1f:b7:4a:c6:82:4c:a0:
77:e5:f2:a1:61:91:9e:1b:6a:62:2d:e1:e7:36:b8:
03:41:fc:b5:3d:9a:bf:da:df:71:66:1e:a4:e6:1e:
8a:82:2f:ca:06:c2:77:0b:2e:c4:a3:ee:9a:1e:a1:
61:14:e0:4f:dc:5e:72:44:10:36:79:5d:d2:50:38:
ec:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:27:AC:DC:82:F4:FC:EA:73:AA:7B:8A:CC:33:4B:9A:52:73:71:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81554ff4-a7f9-41e4-90e9-b3761d63cb58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e040::/48
Signature Algorithm: sha256WithRSAEncryption
5c:14:4a:e2:ad:20:ce:d3:71:f0:70:5c:64:b2:ff:7c:d7:4c:
42:21:50:8b:f0:1e:98:32:21:82:96:a9:da:71:f4:15:79:b0:
99:ad:b2:56:c8:10:4c:65:f5:b8:96:60:c7:07:d7:ae:3a:8b:
f4:c5:14:20:76:c4:34:cc:3b:ee:a0:12:de:84:85:75:be:12:
7a:b2:f4:1f:b7:f0:2b:f3:23:2c:5a:62:ba:de:a1:94:4e:01:
5c:77:ce:fa:d1:bf:d2:38:77:ca:77:3b:83:ec:07:d8:75:04:
e0:e5:8d:a6:63:be:19:44:fc:c9:e0:7a:8f:f2:75:98:ca:8f:
c7:3e:91:13:b6:4c:bd:e9:af:8b:87:bc:6a:b0:f9:df:f4:8f:
5f:34:4b:cd:91:9d:20:2e:7d:26:16:d5:a2:aa:04:35:68:c4:
c5:92:ed:c4:38:76:01:a2:5e:c0:fe:04:57:2e:95:a8:e9:10:
33:a0:a8:c4:c2:ee:c5:32:f0:bf:6f:ae:df:3b:9b:e6:bf:52:
64:1f:fd:d3:fd:a0:47:22:37:f2:a8:43:96:1c:42:5f:50:b4:
12:74:3a:da:2e:65:99:43:dd:c0:ef:6c:a2:30:42:0f:44:05:
67:f5:bb:31:05:19:a0:e7:68:9c:49:81:a6:1c:65:96:90:ed:
de:2f:42:2e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKwhHUAus5hKr7ElnqUlEZaLBc7AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDQwMDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmYzc2OGQwZjE1MzQ2MGExMTM5MWEyY2IwOGRlMTYwZTU3YTVjOWYxZGMw
MGZhNTdhZjIyNzBhMzM2NGE4ZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmb7zBK0zr5Kpt1cs7ujeu0bE7i3IOD0YelLXrVbftwY1B4nk9dTA4q1D+q
1yn0PTadm8jRinC+6d/5rlRivp0UOWxjnfVVsJbUqd1QPUI37HKV61DvQCYFNlJq
XSrYVEhTHHp2I34FWD1ZIiADzRXbTBdikFqvHlgohfNRrPFDWiGFbEp/r7QgoGKH
Maczz79HszBut48pXbNZkL9spG9oBp+wAUF3Tkn764zS62Rcl/DSfpR8cfpRsc0f
t0rGgkygd+XyoWGRnhtqYi3h5za4A0H8tT2av9rfcWYepOYeioIvygbCdwsuxKPu
mh6hYRTgT9xeckQQNnld0lA47DsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTyJ6zc
gvT86nOqe4rMM0uaUnNxdzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODE1NTRmZjQtYTdmOS00MWU0LTkwZTktYjM3NjFkNjNjYjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg
QDANBgkqhkiG9w0BAQsFAAOCAQEAXBRK4q0gztNx8HBcZLL/fNdMQiFQi/AemDIh
gpap2nH0FXmwma2yVsgQTGX1uJZgxwfXrjqL9MUUIHbENMw77qAS3oSFdb4SerL0
H7fwK/MjLFpiut6hlE4BXHfO+tG/0jh3ync7g+wH2HUE4OWNpmO+GUT8yeB6j/J1
mMqPxz6RE7ZMvemvi4e8arD53/SPXzRLzZGdIC59JhbVoqoENWjExZLtxDh2AaJe
wP4EVy6VqOkQM6CoxMLuxTLwv2+u3zub5r9SZB/90/2gRyI38qhDlhxCX1C0EnQ6
2i5lmUPdwO9sojBCD0QFZ/W7MQUZoOdonEmBphxllpDt3i9CLg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:33 2025 by rpki-client