Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
File: 9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa (raw, json)
Hash identifier: u0mHnmB4G62E5Bt5P0lvCvWzb1WGR8xGUodLxvfyBNM=
Subject key identifier: 65:9E:19:3D:82:3E:56:28:77:54:F7:62:95:52:09:AC:55:D4:F3:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2EFB817CD8BF74F566131E3B31B7A75CDEBB5412
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
Signing time: Tue 21 Oct 2025 13:50:05 +0000
ROA not before: Tue 21 Oct 2025 13:50:05 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:fb:81:7c:d8:bf:74:f5:66:13:1e:3b:31:b7:a7:5c:de:bb:54:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:05 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=1ebba8e59d9dc4edcdbadc8acc349d7fef3945345e3c1b63a9b08c5f7e6af7a0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:64:b8:66:71:a8:ed:eb:dc:ed:26:96:ae:79:
2d:50:7e:c0:d3:cc:e4:8f:29:41:0b:92:34:12:55:
da:7d:b0:ee:8d:b5:af:a3:cc:60:3c:f1:95:a9:99:
90:f2:03:7a:43:ef:c9:61:c7:22:77:de:b0:d6:3c:
46:ed:34:60:f2:39:9d:c2:18:43:29:3d:8a:ed:0b:
67:c4:8e:4d:02:03:21:bd:1d:d6:03:03:78:6d:20:
fd:37:c6:ed:a5:a7:cd:b5:7e:ab:30:fb:dc:a7:ba:
a1:a4:72:1b:c0:cd:56:46:88:b1:83:f7:26:ec:64:
ec:c1:91:2a:aa:40:b2:63:cd:5f:4a:fd:fa:ec:b5:
02:8e:e3:3c:e9:68:ae:a2:fa:ac:4a:ab:7c:80:98:
c4:77:64:5d:da:54:72:19:f2:96:5e:cf:17:3b:43:
a0:64:38:39:c4:df:fb:b3:55:a8:b6:34:59:c6:fc:
b5:51:42:74:e0:41:ae:42:5e:94:93:41:98:1c:8f:
c5:6b:d5:74:47:f4:39:cf:85:35:58:67:2b:1c:0c:
f2:af:58:81:95:c8:7f:4f:ba:5d:06:2e:3c:05:43:
a8:8b:0c:be:db:13:d0:5f:58:ce:34:81:1d:a5:de:
ac:97:1f:28:3c:f2:79:9d:9e:c6:ee:5e:2b:54:34:
03:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:9E:19:3D:82:3E:56:28:77:54:F7:62:95:52:09:AC:55:D4:F3:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070::/32
Signature Algorithm: sha256WithRSAEncryption
57:69:77:d8:60:02:58:f4:27:2f:08:70:a1:fb:07:1b:64:cf:
30:5a:d7:a7:67:cc:74:e9:7b:c0:5e:1c:83:e3:9e:33:2c:ed:
e3:e8:b2:99:f5:29:c5:77:fb:61:7d:22:ba:dd:b4:0f:79:fe:
5b:88:ba:ec:98:b2:3e:a3:57:0c:b8:6c:1a:fc:02:18:dc:1a:
08:dc:7a:81:8d:7c:40:51:c4:dd:e0:10:c4:b9:9f:5f:55:3d:
7b:c9:ba:85:7a:4c:56:c7:d7:a6:15:e5:1b:78:88:52:96:7e:
90:ac:b0:3d:dc:4e:80:19:3d:32:6a:d9:d7:0b:64:27:a6:6a:
75:8e:63:0d:52:4c:a8:cb:12:57:8d:df:fb:ae:2a:38:d9:05:
38:25:f4:24:bc:b7:a6:ac:cb:02:5e:9a:cf:67:16:a0:09:a8:
62:60:32:77:9a:35:f5:2c:1d:fb:1b:b7:2d:64:ce:3e:e5:f7:
76:98:6c:e6:74:ab:6e:ad:0e:be:29:71:26:1b:59:13:c2:30:
96:90:99:1c:17:8d:91:87:82:10:86:dc:fc:21:46:bf:23:05:
c0:75:63:93:65:0c:31:b8:49:58:1b:2c:11:f6:6e:6d:a9:60:
47:e1:93:b4:77:4e:b7:fe:1d:57:0b:b0:56:e8:77:f6:ae:89:
ab:d0:36:58
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIULvuBfNi/dPVmEx47MbenXN67VBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwMDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlYmJhOGU1OWQ5ZGM0ZWRjZGJhZGM4YWNjMzQ5ZDdmZWYzOTQ1MzQ1ZTNj
MWI2M2E5YjA4YzVmN2U2YWY3YTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRkuGZxqO3r3O0mlq55LVB+wNPM5I8pQQuSNBJV2n2w7o21r6PMYDzxlamZ
kPIDekPvyWHHInfesNY8Ru00YPI5ncIYQyk9iu0LZ8SOTQIDIb0d1gMDeG0g/TfG
7aWnzbV+qzD73Ke6oaRyG8DNVkaIsYP3Juxk7MGRKqpAsmPNX0r9+uy1Ao7jPOlo
rqL6rEqrfICYxHdkXdpUchnyll7PFztDoGQ4OcTf+7NVqLY0Wcb8tVFCdOBBrkJe
lJNBmByPxWvVdEf0Oc+FNVhnKxwM8q9YgZXIf0+6XQYuPAVDqIsMvtsT0F9YzjSB
HaXerJcfKDzyeZ2exu5eK1Q0A+cCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRlnhk9
gj5WKHdU92KVUgmsVdTzzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTExOWEwMWUtMmJiNC00ZDY5LTkzMjUtNWY0YWE4ZmI4YmU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HAw
DQYJKoZIhvcNAQELBQADggEBAFdpd9hgAlj0Jy8IcKH7BxtkzzBa16dnzHTpe8Be
HIPjnjMs7ePospn1KcV3+2F9IrrdtA95/luIuuyYsj6jVwy4bBr8AhjcGgjceoGN
fEBRxN3gEMS5n19VPXvJuoV6TFbH16YV5Rt4iFKWfpCssD3cToAZPTJq2dcLZCem
anWOYw1STKjLEleN3/uuKjjZBTgl9CS8t6asywJems9nFqAJqGJgMneaNfUsHfsb
ty1kzj7l93aYbOZ0q26tDr4pcSYbWRPCMJaQmRwXjZGHghCG3PwhRr8jBcB1Y5Nl
DDG4SVgbLBH2bm2pYEfhk7R3Trf+HVcLsFbod/auiavQNlg=
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:12 2025 by rpki-client