Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa
File: a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa (raw, json)
Hash identifier: KhGUfxqBMSjVDQMMnd86RpALAFdi5fN04MqmHpzydAE=
Subject key identifier: 1F:43:AF:B3:92:F9:B0:95:4C:FD:F0:BB:B3:CD:F1:7F:2A:27:E7:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6132CA167B27C9923D96CDEF4FE8798EB0A497BB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa
Signing time: Fri 24 Oct 2025 00:20:09 +0000
ROA not before: Fri 24 Oct 2025 00:20:09 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:80c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:32:ca:16:7b:27:c9:92:3d:96:cd:ef:4f:e8:79:8e:b0:a4:97:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:09 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=461b7b6c865538b0ea1e0d007aba23bffaf2495d02cf7b1e0a66d9e18881736d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e3:90:94:bd:52:53:95:36:02:93:80:4e:87:
03:66:93:e9:12:ea:90:1f:06:17:c1:8b:e4:c8:73:
4b:5d:65:5f:7e:46:f9:6b:e0:b4:bc:6d:9c:fb:68:
3e:14:b5:67:27:81:1f:ea:75:b1:76:8f:24:4c:c0:
09:6b:64:c4:22:31:3b:14:81:bb:08:6f:11:3f:5a:
c0:f5:f5:f8:a6:29:a2:54:32:75:f6:fa:de:91:02:
87:6d:6f:5b:db:d2:ed:59:83:08:d2:a1:43:d8:bd:
62:2c:a3:f6:89:41:07:46:70:e3:db:7f:ff:45:24:
67:ad:9d:a8:38:26:b9:8c:43:96:36:c3:88:15:46:
9a:3b:c0:d4:ab:da:79:61:b8:08:7a:04:04:b4:ca:
7b:dc:9b:fb:bb:d4:e8:93:fc:16:aa:d6:0d:fc:59:
38:b2:aa:58:9c:6e:2a:83:00:82:c1:21:99:89:09:
5d:b8:2f:e2:c3:6c:38:63:3d:df:05:a6:17:d9:09:
b9:4a:46:a9:ce:a9:04:86:55:09:ec:2a:d4:84:39:
8a:14:8a:00:9b:2a:b8:43:fa:36:09:f8:67:fc:e4:
0e:c7:1f:13:8e:bd:da:95:1d:b2:a5:0b:6b:5d:3c:
b0:09:64:6d:b7:a2:4a:5f:c6:4b:06:36:ff:e0:37:
5a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:43:AF:B3:92:F9:B0:95:4C:FD:F0:BB:B3:CD:F1:7F:2A:27:E7:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
2a:e4:c0:ee:61:61:14:35:0c:12:0f:8b:3a:2a:b5:23:ec:9e:
23:7c:3d:b3:18:ea:23:39:3d:5f:e0:b6:24:e4:35:1e:85:ce:
94:87:25:20:5d:5a:34:09:d7:c5:3b:4d:a6:e2:b5:80:95:6a:
d2:9f:97:76:55:94:86:82:5a:3b:ee:5b:55:21:0b:f7:fe:c7:
bf:74:b3:81:3e:53:0c:2f:49:af:25:e8:38:16:62:a1:57:7c:
b7:02:1c:89:6d:8d:1a:40:28:eb:7e:8f:ac:78:71:a4:b4:d7:
92:09:da:a4:27:e0:ab:8b:b5:dc:53:88:1d:28:29:89:e8:25:
8a:0c:bd:6b:92:9e:9c:d2:7e:1a:57:52:4c:bb:de:be:6b:fc:
bf:14:20:35:5b:f7:21:4f:4c:04:19:55:18:31:9e:92:16:62:
80:13:60:fb:3e:21:8e:42:93:ac:d2:50:08:8a:27:78:7e:a1:
ce:29:b4:41:9b:13:8b:3e:09:b9:a2:92:7d:23:d9:18:dd:0a:
27:84:71:78:63:b8:80:35:be:48:ab:f5:86:1b:2b:fa:e6:ec:
79:e7:f6:cd:c3:13:c8:16:bc:8d:92:8c:b3:88:ec:16:99:97:
36:65:63:ce:61:ba:66:6f:c1:63:75:90:47:16:17:fa:f7:80:
ee:26:f0:38
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYTLKFnsnyZI9ls3vT+h5jrCkl7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMDlaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2MWI3YjZjODY1NTM4YjBlYTFlMGQwMDdhYmEyM2JmZmFmMjQ5NWQwMmNm
N2IxZTBhNjZkOWUxODg4MTczNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnjkJS9UlOVNgKTgE6HA2aT6RLqkB8GF8GL5MhzS11lX35G+WvgtLxtnPto
PhS1ZyeBH+p1sXaPJEzACWtkxCIxOxSBuwhvET9awPX1+KYpolQydfb63pECh21v
W9vS7VmDCNKhQ9i9Yiyj9olBB0Zw49t//0UkZ62dqDgmuYxDljbDiBVGmjvA1Kva
eWG4CHoEBLTKe9yb+7vU6JP8FqrWDfxZOLKqWJxuKoMAgsEhmYkJXbgv4sNsOGM9
3wWmF9kJuUpGqc6pBIZVCewq1IQ5ihSKAJsquEP6Ngn4Z/zkDscfE4692pUdsqUL
a108sAlkbbeiSl/GSwY2/+A3WnMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQfQ6+z
kvmwlUz98LuzzfF/KifnQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTJhZTAxZjEtYWQyMC00ZTkyLTliYzYtZjAzZWRlOTdlMTZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DSA
wDANBgkqhkiG9w0BAQsFAAOCAQEAKuTA7mFhFDUMEg+LOiq1I+yeI3w9sxjqIzk9
X+C2JOQ1HoXOlIclIF1aNAnXxTtNpuK1gJVq0p+XdlWUhoJaO+5bVSEL9/7Hv3Sz
gT5TDC9JryXoOBZioVd8twIciW2NGkAo636PrHhxpLTXkgnapCfgq4u13FOIHSgp
iegligy9a5KenNJ+GldSTLvevmv8vxQgNVv3IU9MBBlVGDGekhZigBNg+z4hjkKT
rNJQCIoneH6hzim0QZsTiz4JuaKSfSPZGN0KJ4RxeGO4gDW+SKv1hhsr+ubseef2
zcMTyBa8jZKMs4jsFpmXNmVjzmG6Zm/BY3WQRxYX+veA7ibwOA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:22 2025 by rpki-client