Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa
File: aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa (raw, json)
Hash identifier: dwqb9Ov5XpFGp7S8lQqzgmveHqk0bE+uGG/E/IG1q9U=
Subject key identifier: 1E:35:DA:A4:B3:4E:4A:E4:D7:AE:F8:D4:77:A3:49:18:F8:E3:86:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D3E6910113B1CCFB6FE765BB64F7631D7777C7E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa
Signing time: Tue 21 Oct 2025 13:40:04 +0000
ROA not before: Tue 21 Oct 2025 13:40:04 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:3e:69:10:11:3b:1c:cf:b6:fe:76:5b:b6:4f:76:31:d7:77:7c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:40:04 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=37e4c0656766873c73d4b7a37ad754b9b1990fcfbeedc287810d356c2cca4ec2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7b:26:17:9d:f2:64:2c:10:96:5d:04:55:29:
3f:36:54:b6:4d:02:90:7a:2f:7d:19:42:08:5d:28:
24:22:dc:d3:c7:37:42:46:84:54:c4:42:2b:05:13:
f3:12:45:79:db:c3:4f:cb:69:1f:f7:06:21:80:77:
04:ff:4e:88:6e:52:d0:51:7e:b5:51:3e:cb:4d:48:
2f:34:21:77:fe:e1:50:22:40:30:b9:34:2b:9b:aa:
02:48:c2:c0:d0:23:dd:a7:d7:5b:bf:a4:52:bf:93:
82:2c:09:26:a5:8a:3e:81:dc:9f:37:9f:85:59:85:
80:45:04:46:fe:e9:1c:62:81:81:b1:fa:67:cf:d8:
96:92:e0:ff:b8:b0:61:4f:8c:97:02:f2:30:e7:9b:
e8:af:66:98:d7:fb:91:7e:94:7d:39:66:06:64:39:
2e:f0:99:04:5c:3d:02:5d:18:2b:4f:aa:c6:c9:81:
08:50:8e:3d:39:b3:13:29:6e:fc:ce:68:05:5d:34:
92:2f:ee:ed:61:40:29:8b:69:c6:ab:7d:13:09:b5:
2c:22:ef:10:1a:3f:90:0f:3d:88:cb:39:47:16:65:
2e:39:3d:34:cf:8e:e1:22:87:d6:98:39:a0:c4:13:
e1:02:86:80:d2:68:6f:5b:37:7a:4f:7a:a9:db:b3:
c6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:35:DA:A4:B3:4E:4A:E4:D7:AE:F8:D4:77:A3:49:18:F8:E3:86:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:9080::/48
Signature Algorithm: sha256WithRSAEncryption
18:29:68:02:f4:23:d5:1e:4c:38:35:3a:6f:8c:f0:8b:92:64:
e5:2e:fd:6e:c6:92:35:68:e6:7d:79:b8:8e:d8:66:ed:aa:ca:
1a:28:44:b2:df:f6:78:3d:0c:98:c9:63:e9:e8:56:cd:2e:a9:
2a:49:f0:ad:20:08:12:56:eb:fd:83:55:4e:fd:c7:c1:e8:6c:
ae:f6:ed:6c:8d:27:dd:97:dc:48:d6:b5:7d:1f:75:84:01:f3:
10:a1:78:a3:87:21:39:09:9f:c2:d7:3b:dc:46:59:69:89:6e:
0a:49:7f:17:d7:a2:60:76:84:e6:d5:0d:70:4b:98:04:f5:b6:
33:5b:cf:37:74:53:97:da:54:92:93:d3:d3:6e:f4:73:be:68:
89:17:ff:97:03:c0:6c:99:d2:1c:37:e5:2e:d8:b2:99:65:e7:
39:dc:29:4b:8f:3c:ed:01:25:4a:43:83:58:58:b0:26:85:35:
57:f5:dd:c5:a5:47:71:11:24:77:3d:37:86:2a:28:f6:c8:95:
4e:85:56:6b:ca:78:94:e1:2e:ed:f9:9e:4f:b2:41:8f:3a:55:
a4:9b:96:4c:0c:cc:f1:4e:96:27:d8:40:71:77:97:7e:cb:18:
55:7a:7a:cc:2c:ba:fa:82:43:a4:5f:a2:7d:52:50:90:73:3a:
f3:fd:ed:ec
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHT5pEBE7HM+2/nZbtk92Mdd3fH4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzQwMDRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3ZTRjMDY1Njc2Njg3M2M3M2Q0YjdhMzdhZDc1NGI5YjE5OTBmY2ZiZWVk
YzI4NzgxMGQzNTZjMmNjYTRlYzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJ7Jhed8mQsEJZdBFUpPzZUtk0CkHovfRlCCF0oJCLc08c3QkaEVMRCKwUT
8xJFedvDT8tpH/cGIYB3BP9OiG5S0FF+tVE+y01ILzQhd/7hUCJAMLk0K5uqAkjC
wNAj3afXW7+kUr+TgiwJJqWKPoHcnzefhVmFgEUERv7pHGKBgbH6Z8/YlpLg/7iw
YU+MlwLyMOeb6K9mmNf7kX6UfTlmBmQ5LvCZBFw9Al0YK0+qxsmBCFCOPTmzEylu
/M5oBV00ki/u7WFAKYtpxqt9Ewm1LCLvEBo/kA89iMs5RxZlLjk9NM+O4SKH1pg5
oMQT4QKGgNJob1s3ek96qduzxpcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQeNdqk
s05K5Neu+NR3o0kY+OOGKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWZmNTI1NzUtODg4Ny00NGY3LThiN2YtNDRmYmU0ZGRjZDRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAGCloAvQj1R5MODU6b4zwi5Jk5S79bsaSNWjm
fXm4jthm7arKGihEst/2eD0MmMlj6ehWzS6pKknwrSAIElbr/YNVTv3Hwehsrvbt
bI0n3ZfcSNa1fR91hAHzEKF4o4chOQmfwtc73EZZaYluCkl/F9eiYHaE5tUNcEuY
BPW2M1vPN3RTl9pUkpPT0270c75oiRf/lwPAbJnSHDflLtiymWXnOdwpS4887QEl
SkODWFiwJoU1V/XdxaVHcREkdz03hioo9siVToVWa8p4lOEu7fmeT7JBjzpVpJuW
TAzM8U6WJ9hAcXeXfssYVXp6zCy6+oJDpF+ifVJQkHM68/3t7A==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:21 2025 by rpki-client