Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
File: ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa (raw, json)
Hash identifier: JPRcTLe7Ui1Zc8ek+JBzSb3Ju6KKHc2M8JUWJAxQLH4=
Subject key identifier: 77:D2:F2:6A:7E:8A:2C:ED:0B:C1:FD:6B:8E:74:52:D9:88:22:16:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A9A9AA2B71801A89078A0A46DD412D5EDAF50C0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
Signing time: Tue 21 Oct 2025 14:10:45 +0000
ROA not before: Tue 21 Oct 2025 14:10:45 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:9a:9a:a2:b7:18:01:a8:90:78:a0:a4:6d:d4:12:d5:ed:af:50:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:10:45 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=db11ef117f6e7574a557598d9e6e4ae3f9e6a9ae2de3a0b0d5ddebdceedc29be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:aa:44:6f:d2:08:20:a2:49:30:c1:82:73:23:
26:a9:27:2b:b3:0a:11:d1:35:12:69:fd:4a:89:fa:
d3:36:c2:e6:b3:33:6a:d5:ec:10:0d:74:9a:89:54:
2c:18:3d:e8:40:c9:07:bd:e5:2f:a6:d3:06:58:0a:
28:0d:a6:c1:00:66:0a:cf:b6:16:f8:f3:42:f1:79:
34:9b:76:d5:83:ca:fd:b2:fc:e3:fa:ca:59:88:71:
38:20:89:05:52:05:e7:a7:84:24:24:8d:40:ed:55:
a5:31:eb:be:d9:4c:f4:0b:56:7a:e2:75:e9:fd:78:
52:70:85:55:d7:c8:78:62:8b:04:6e:b6:a7:fd:a0:
d4:23:44:70:3d:67:2a:47:53:af:bb:b1:a8:be:d1:
3a:90:ac:1d:58:3d:92:2e:93:cc:5c:89:39:8d:8f:
84:c7:63:3d:77:9b:f6:4d:a1:6f:d3:78:06:a0:2b:
66:20:6d:4f:c6:9d:98:75:b6:5e:ea:e5:91:86:e9:
84:ff:c3:fc:30:02:c2:0e:d5:10:98:ce:7c:5f:f9:
55:92:ee:0c:c0:e9:91:4b:27:96:1a:c8:59:f3:fa:
e4:ee:c0:d4:53:c7:9f:5b:8e:44:16:e5:95:32:96:
84:37:e5:51:b9:87:20:f4:81:de:7d:4f:8c:1a:48:
a4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D2:F2:6A:7E:8A:2C:ED:0B:C1:FD:6B:8E:74:52:D9:88:22:16:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
79:85:45:71:c9:2e:70:24:0b:cb:fe:76:f3:3e:e5:7e:5c:7a:
9d:62:ee:cf:f3:f8:c7:84:9b:1e:1c:b0:bb:7c:24:ae:d3:e9:
ed:23:77:1b:e8:86:32:b0:54:6d:27:ee:c9:72:e6:4f:94:fb:
38:01:49:99:a5:55:b2:83:84:59:a1:29:76:a5:f7:dc:9e:e8:
5f:fa:7f:e2:b0:6c:3c:c7:42:75:bb:c6:13:2b:cb:33:c5:58:
1d:c0:42:a3:7c:46:b3:46:ca:aa:5a:9f:92:5f:da:75:13:70:
3c:90:48:83:c9:8b:f6:85:7f:07:a4:fe:a4:23:75:08:d3:66:
d3:83:71:64:18:5a:28:3b:b0:e7:54:84:ca:34:6f:da:3d:bc:
75:bd:6b:a1:f2:2e:b0:64:54:b8:f0:06:53:71:d6:4e:75:3e:
89:aa:09:ea:f8:12:ad:51:26:12:e7:5c:ba:5a:32:72:16:06:
4a:ad:40:24:4e:d7:51:88:b1:a9:38:e4:d0:42:89:99:dd:60:
d1:94:4b:22:a0:94:85:a8:a3:24:b7:15:23:af:37:80:46:b3:
cd:45:b5:b3:91:96:48:b5:08:d9:52:1d:9d:73:53:d6:16:dd:
bb:bb:e0:80:2b:e0:24:48:07:9a:1e:bc:e0:f2:5d:b0:41:73:
d8:8f:75:bb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKpqaorcYAaiQeKCkbdQS1e2vUMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDEwNDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiMTFlZjExN2Y2ZTc1NzRhNTU3NTk4ZDllNmU0YWUzZjllNmE5YWUyZGUz
YTBiMGQ1ZGRlYmRjZWVkYzI5YmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2qRG/SCCCiSTDBgnMjJqknK7MKEdE1Emn9Son60zbC5rMzatXsEA10molU
LBg96EDJB73lL6bTBlgKKA2mwQBmCs+2FvjzQvF5NJt21YPK/bL84/rKWYhxOCCJ
BVIF56eEJCSNQO1VpTHrvtlM9AtWeuJ16f14UnCFVdfIeGKLBG62p/2g1CNEcD1n
KkdTr7uxqL7ROpCsHVg9ki6TzFyJOY2PhMdjPXeb9k2hb9N4BqArZiBtT8admHW2
XurlkYbphP/D/DACwg7VEJjOfF/5VZLuDMDpkUsnlhrIWfP65O7A1FPHn1uORBbl
lTKWhDflUbmHIPSB3n1PjBpIpNECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR30vJq
foos7QvB/WuOdFLZiCIWLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIyMzJiODYtOWJkNi00MDljLThkZTUtOTJiZmZmMmE4YjVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
wDANBgkqhkiG9w0BAQsFAAOCAQEAeYVFcckucCQLy/528z7lflx6nWLuz/P4x4Sb
Hhywu3wkrtPp7SN3G+iGMrBUbSfuyXLmT5T7OAFJmaVVsoOEWaEpdqX33J7oX/p/
4rBsPMdCdbvGEyvLM8VYHcBCo3xGs0bKqlqfkl/adRNwPJBIg8mL9oV/B6T+pCN1
CNNm04NxZBhaKDuw51SEyjRv2j28db1rofIusGRUuPAGU3HWTnU+iaoJ6vgSrVEm
EudculoychYGSq1AJE7XUYixqTjk0EKJmd1g0ZRLIqCUhaijJLcVI683gEazzUW1
s5GWSLUI2VIdnXNT1hbdu7vggCvgJEgHmh684PJdsEFz2I91uw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:20 2025 by rpki-client