Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
File: 91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa (raw, json)
Hash identifier: c2TfjL6mA9p5uD9qLZcuMd54ROhfvVNwNZLZrwZajno=
Subject key identifier: B6:64:B2:A1:12:B7:13:38:3B:B2:B7:0D:59:18:83:D5:18:BB:02:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F6AEF98C18332C69541757B7EB3F845EA9F98AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
Signing time: Tue 21 Oct 2025 13:20:52 +0000
ROA not before: Tue 21 Oct 2025 13:20:52 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:6a:ef:98:c1:83:32:c6:95:41:75:7b:7e:b3:f8:45:ea:9f:98:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:52 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=ea6b349ca1b7572e71320b9e944f3429e0bd90e7d4bc40906c3b3bb120999516, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4f:5c:d1:3f:76:54:2f:bb:dc:24:08:5c:ca:
11:c9:09:51:da:03:5c:48:21:5a:6f:a4:b3:ef:6f:
08:db:38:35:e9:8d:75:25:3e:72:3f:29:5f:40:36:
7a:79:62:d6:af:01:f0:db:aa:cf:60:28:54:cf:30:
dd:24:4a:f4:65:6c:08:1a:fe:7b:ee:45:1e:3a:4b:
7c:22:5a:47:c8:c6:85:97:af:e3:d2:51:ac:f2:d8:
8e:ae:e8:39:bc:da:fd:c2:79:2e:ac:86:7c:b3:cf:
6d:d3:93:4e:f2:96:fd:29:6e:d1:a5:d0:eb:53:59:
93:51:6e:03:07:b4:3b:c3:b9:15:a0:67:68:14:fb:
f7:13:fa:40:4e:e7:95:18:38:75:9e:7e:43:3f:7d:
4a:42:8d:08:ae:d3:b0:e8:70:2f:d1:b7:ca:38:41:
ad:74:a9:6c:9a:f4:04:2c:f9:22:44:bf:8b:c4:8a:
77:9e:53:88:6c:9e:43:48:18:83:ac:d9:22:c9:8e:
85:3c:f7:94:76:0f:80:3f:f7:57:d3:ff:c0:f1:c5:
61:03:ba:5e:1e:e8:dc:d2:1d:ad:50:09:13:75:3f:
68:ba:dd:06:a3:bf:4c:64:08:9a:31:ea:64:0c:50:
e3:f1:a7:fb:f8:17:8c:09:fe:c2:e4:78:da:39:58:
34:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:64:B2:A1:12:B7:13:38:3B:B2:B7:0D:59:18:83:D5:18:BB:02:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8080::/48
Signature Algorithm: sha256WithRSAEncryption
69:07:c4:a5:b6:48:f8:1c:e3:ee:da:d5:aa:30:43:f9:b3:c7:
66:31:60:e5:fe:dd:cb:ee:d0:b0:5b:2d:fe:80:0d:ff:97:14:
97:3d:f4:ce:e2:ac:d0:f8:52:01:ba:17:93:44:39:8f:44:32:
b2:ed:33:44:dd:93:10:5c:9c:c6:50:6a:6d:d5:cd:d0:78:ea:
fa:9c:65:20:e8:53:28:db:bf:cf:5b:2d:b4:65:db:29:49:52:
a6:0e:38:b3:bb:29:37:a5:17:7a:40:3a:a5:34:b0:54:b8:5c:
57:c7:dc:1e:e4:5e:61:20:f7:f9:c6:f5:81:b4:4e:08:c0:2c:
04:4a:e0:1a:bd:82:9c:89:9c:26:df:fe:4b:39:ce:b7:23:51:
90:87:ab:4c:29:fd:81:99:f5:2c:d4:3e:7f:66:ae:19:30:ab:
5e:63:bd:5d:59:88:c9:94:dd:98:0b:54:a4:05:72:9e:4f:e2:
a0:f5:6c:a7:40:47:8e:91:38:74:b4:05:d2:bb:05:e3:c3:78:
ab:c1:a9:d3:7d:d2:2d:03:e2:46:40:42:5f:b2:88:7c:69:44:
3e:ad:5c:79:7d:b9:43:b5:2f:a2:60:67:2d:86:e4:74:f1:9e:
28:81:c2:24:c2:54:f9:ee:72:71:bb:be:5c:51:23:c2:c0:01:
d4:89:42:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUf2rvmMGDMsaVQXV7frP4ReqfmKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwNTJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhNmIzNDljYTFiNzU3MmU3MTMyMGI5ZTk0NGYzNDI5ZTBiZDkwZTdkNGJj
NDA5MDZjM2IzYmIxMjA5OTk1MTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVPXNE/dlQvu9wkCFzKEckJUdoDXEghWm+ks+9vCNs4NemNdSU+cj8pX0A2
enli1q8B8Nuqz2AoVM8w3SRK9GVsCBr+e+5FHjpLfCJaR8jGhZev49JRrPLYjq7o
Obza/cJ5LqyGfLPPbdOTTvKW/Slu0aXQ61NZk1FuAwe0O8O5FaBnaBT79xP6QE7n
lRg4dZ5+Qz99SkKNCK7TsOhwL9G3yjhBrXSpbJr0BCz5IkS/i8SKd55TiGyeQ0gY
g6zZIsmOhTz3lHYPgD/3V9P/wPHFYQO6Xh7o3NIdrVAJE3U/aLrdBqO/TGQImjHq
ZAxQ4/Gn+/gXjAn+wuR42jlYNFECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS2ZLKh
ErcTODuytw1ZGIPVGLsCbjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTFlZTM2NTUtZGNiNC00MWM2LWI0YTQtMjcwY2E1Y2FjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
gDANBgkqhkiG9w0BAQsFAAOCAQEAaQfEpbZI+Bzj7trVqjBD+bPHZjFg5f7dy+7Q
sFst/oAN/5cUlz30zuKs0PhSAboXk0Q5j0Qysu0zRN2TEFycxlBqbdXN0Hjq+pxl
IOhTKNu/z1sttGXbKUlSpg44s7spN6UXekA6pTSwVLhcV8fcHuReYSD3+cb1gbRO
CMAsBErgGr2CnImcJt/+SznOtyNRkIerTCn9gZn1LNQ+f2auGTCrXmO9XVmIyZTd
mAtUpAVynk/ioPVsp0BHjpE4dLQF0rsF48N4q8Gp033SLQPiRkBCX7KIfGlEPq1c
eX25Q7UvomBnLYbkdPGeKIHCJMJU+e5ycbu+XFEjwsAB1IlCzw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:37 2025 by rpki-client