Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
File: 979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa (raw, json)
Hash identifier: SCXyjlAp0Ywz8VzLbZm3jMBEFUuC1KsJN2Bgc8So2y4=
Subject key identifier: 0C:7C:75:01:14:EE:3B:E2:6B:0F:BE:FE:44:50:EE:B3:12:9A:35:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23543E079C2A80ADA30C39DEF6286434D0DE34FD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
Signing time: Tue 21 Oct 2025 13:30:40 +0000
ROA not before: Tue 21 Oct 2025 13:30:40 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:54:3e:07:9c:2a:80:ad:a3:0c:39:de:f6:28:64:34:d0:de:34:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:30:40 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=faaf04e6974f8f5cf0c32a8ebc7abd465bf8dcceaf102b005bd8eee07bb8e888, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f2:93:39:93:4a:99:f8:c3:80:41:aa:35:bb:
41:76:07:59:b3:d0:d5:be:d1:67:74:50:7c:fc:67:
50:1f:cc:5f:ad:4d:32:1f:b8:cd:45:63:d7:5f:9b:
b5:fc:a2:3d:9e:08:df:8f:06:bd:67:23:13:1c:b4:
56:9d:76:5e:26:4d:d3:39:da:08:74:08:d5:91:01:
d4:4e:6b:af:a5:82:e9:8b:8c:11:5a:07:84:d2:8a:
ee:9d:18:c8:df:8f:96:a7:82:3f:ff:22:eb:bf:20:
2b:c2:e6:e3:a0:11:00:8d:b7:f9:34:99:09:4b:ca:
30:8d:ca:c4:fe:2e:57:37:cd:b0:6a:ea:7c:83:11:
6b:55:4a:6f:aa:58:07:8a:13:44:93:ee:ed:55:ae:
44:0e:ae:89:30:5a:4a:a0:41:01:be:7c:ac:05:c5:
b2:b8:11:d6:5f:4b:f1:03:c6:96:23:8f:50:a0:f2:
29:c5:d4:e9:2d:b8:b8:9e:24:8b:2c:76:b4:2b:e1:
c7:32:72:37:bf:2b:77:5c:f4:a8:c2:1d:d5:19:e8:
27:5d:82:b3:9c:08:31:82:08:12:3e:dc:87:8e:da:
a9:28:0a:bb:fb:6b:35:9c:b7:75:02:67:81:e7:9e:
e8:ee:a4:5e:a1:0e:81:f9:38:82:2a:36:98:a0:23:
d7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:7C:75:01:14:EE:3B:E2:6B:0F:BE:FE:44:50:EE:B3:12:9A:35:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8040::/48
Signature Algorithm: sha256WithRSAEncryption
72:3d:3c:4e:9a:16:a2:a5:b8:43:f5:a2:2b:8a:82:92:22:2f:
5a:95:b6:a3:66:1e:74:68:8c:29:08:b7:1e:45:73:6d:0b:13:
b3:b8:20:a8:dd:45:d4:2f:5c:0a:e0:06:bd:02:4c:94:17:8f:
b9:fa:02:39:6f:1b:d1:38:11:ed:de:01:3a:0e:99:74:6b:98:
8d:5f:73:6f:e9:fa:d7:9a:1e:dd:d4:36:aa:b3:f2:83:52:7a:
c3:86:be:9c:28:f0:88:f5:16:ae:d5:6d:86:1e:5c:3c:c5:18:
32:db:f7:f8:b4:1b:7b:c7:b7:eb:1a:eb:f2:40:03:73:55:3f:
06:ef:46:53:ee:8b:40:74:fa:78:b1:70:87:24:1f:03:3d:19:
23:f0:65:87:1e:c3:08:27:ce:38:ff:ca:68:82:97:2a:c2:d2:
e3:a7:65:b7:bd:e2:20:12:56:96:a9:0c:15:b4:d0:c0:d6:17:
1d:ec:f7:f5:03:b4:7b:a0:41:e5:81:2f:45:7f:a3:99:12:2f:
7b:18:d3:c4:b9:d2:79:a9:b0:b3:79:13:b4:77:93:61:58:ab:
fd:d9:21:0f:dc:18:f5:2e:86:86:cf:90:f1:a7:5b:1f:1f:f0:
57:c9:1a:44:19:b1:9f:11:bd:c3:fa:d0:fb:59:e2:2a:ea:c7:
db:27:d9:45
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUI1Q+B5wqgK2jDDne9ihkNNDeNP0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMwNDBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhYWYwNGU2OTc0ZjhmNWNmMGMzMmE4ZWJjN2FiZDQ2NWJmOGRjY2VhZjEw
MmIwMDViZDhlZWUwN2JiOGU4ODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANfykzmTSpn4w4BBqjW7QXYHWbPQ1b7RZ3RQfPxnUB/MX61NMh+4zUVj11+b
tfyiPZ4I348GvWcjExy0Vp12XiZN0znaCHQI1ZEB1E5rr6WC6YuMEVoHhNKK7p0Y
yN+PlqeCP/8i678gK8Lm46ARAI23+TSZCUvKMI3KxP4uVzfNsGrqfIMRa1VKb6pY
B4oTRJPu7VWuRA6uiTBaSqBBAb58rAXFsrgR1l9L8QPGliOPUKDyKcXU6S24uJ4k
iyx2tCvhxzJyN78rd1z0qMId1RnoJ12Cs5wIMYIIEj7ch47aqSgKu/trNZy3dQJn
geee6O6kXqEOgfk4gio2mKAj16UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQMfHUB
FO474msPvv5EUO6zEpo1AzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc5YmM3M2YtN2Q4Ny00Y2ZhLTkzYmQtMDM3OGNmMWQ2YWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
QDANBgkqhkiG9w0BAQsFAAOCAQEAcj08TpoWoqW4Q/WiK4qCkiIvWpW2o2YedGiM
KQi3HkVzbQsTs7ggqN1F1C9cCuAGvQJMlBePufoCOW8b0TgR7d4BOg6ZdGuYjV9z
b+n615oe3dQ2qrPyg1J6w4a+nCjwiPUWrtVthh5cPMUYMtv3+LQbe8e36xrr8kAD
c1U/Bu9GU+6LQHT6eLFwhyQfAz0ZI/Blhx7DCCfOOP/KaIKXKsLS46dlt73iIBJW
lqkMFbTQwNYXHez39QO0e6BB5YEvRX+jmRIvexjTxLnSeamws3kTtHeTYVir/dkh
D9wY9S6Ghs+Q8adbHx/wV8kaRBmxnxG9w/rQ+1niKurH2yfZRQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:09 2025 by rpki-client