Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
File: b01a5a70-e8bc-4c88-8f86-597d891eae77.roa (raw, json)
Hash identifier: E9ec1GMSRhssNZMqKKJ8qvRwJ7gIqW6Ii6QUR3sO3Mg=
Subject key identifier: DE:BC:92:18:72:FF:47:4C:12:26:6E:5C:51:E8:62:9A:F8:62:89:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39FB8F1B2BC10EB4B718CA83BE9AF2BE3CF62229
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
Signing time: Tue 21 Oct 2025 14:21:01 +0000
ROA not before: Tue 21 Oct 2025 14:21:01 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:fb:8f:1b:2b:c1:0e:b4:b7:18:ca:83:be:9a:f2:be:3c:f6:22:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:21:01 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=7991f162e54586c3d5bb982dd305d961dffb7cab33db95a4c257537d3f0251a0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:14:e3:50:93:4f:25:01:b6:b5:70:d4:6d:97:
10:e2:24:a4:37:6d:a1:b6:e6:5f:ed:b9:23:2d:d5:
83:17:aa:a9:22:7d:ae:c2:53:92:ed:c2:e0:04:3a:
84:a7:82:f0:59:11:7c:f9:74:3d:95:9a:62:59:4c:
75:86:12:cb:87:99:ed:67:83:50:52:43:73:75:33:
fe:6a:28:77:ff:d7:7b:60:4f:31:ef:f4:de:58:4f:
60:ac:bd:c5:74:19:08:56:fe:37:f2:52:23:39:db:
0b:97:1a:23:b8:c3:4a:c9:e9:2d:a6:3c:d2:e0:79:
fc:e4:29:74:af:38:1b:db:08:7a:db:ec:60:7e:2f:
3c:83:c1:25:4d:fa:43:a0:8c:0c:04:9a:18:f5:dc:
20:ba:ac:c3:9b:e8:83:59:8c:47:fc:bc:24:bb:24:
2a:2e:27:bf:82:ca:60:6d:45:3b:56:f9:ce:fa:a6:
8d:ca:5d:0e:4b:91:c4:5f:8f:80:d5:7b:1d:2a:9b:
bb:7c:6a:0c:ca:c5:58:e1:cd:e4:df:73:b3:c5:bb:
15:07:ed:5a:bb:d1:ac:49:33:35:69:81:26:48:bc:
45:7e:a1:99:8f:16:80:3a:83:9e:85:cc:aa:c6:15:
b5:0c:52:2d:6d:71:be:fa:1f:63:5c:33:61:75:fa:
71:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BC:92:18:72:FF:47:4C:12:26:6E:5C:51:E8:62:9A:F8:62:89:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2080::/48
Signature Algorithm: sha256WithRSAEncryption
91:f7:fe:c8:ee:3b:ae:1d:00:43:8c:f5:d5:c4:c5:db:1a:19:
32:c9:2c:af:a4:f4:0e:bc:1c:67:48:3e:b4:3f:9e:67:5f:60:
69:0d:04:cb:4c:ec:ee:7f:24:e2:f4:56:dd:48:60:ee:5c:25:
41:da:89:c1:90:ff:0e:51:6c:25:1f:79:9f:8e:e1:0e:e3:c1:
d1:06:a0:23:6e:fe:dc:5e:e3:9d:20:47:3c:15:4d:f0:4f:f6:
ae:a1:98:22:b8:9e:bf:97:e1:6b:38:13:29:75:46:9f:be:76:
15:4d:9c:18:0e:f1:3c:14:93:8b:9e:88:fa:8a:51:1b:b8:f5:
68:b6:2c:5b:d4:5a:87:02:a3:38:c1:96:8e:d9:3b:8d:34:9f:
ae:a9:c4:0a:2e:46:1c:9e:3b:b7:5b:72:94:58:b2:87:93:bb:
db:a8:cb:b4:c4:e7:b5:5a:5a:60:e3:6f:b2:cb:a1:39:90:08:
4e:f8:aa:ac:83:cf:36:98:1a:03:95:f5:53:7d:f9:fe:31:42:
b9:ec:8b:7a:6f:d5:d7:e5:66:81:46:d0:08:ff:56:9a:09:e1:
f2:e5:17:11:5d:d2:22:85:6a:6c:e9:f3:58:82:7e:4c:99:ca:
90:cc:8d:aa:40:02:28:a6:a6:45:be:ce:e3:2f:d2:f0:17:c2:
82:74:26:6a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOfuPGyvBDrS3GMqDvpryvjz2IikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIxMDFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5OTFmMTYyZTU0NTg2YzNkNWJiOTgyZGQzMDVkOTYxZGZmYjdjYWIzM2Ri
OTVhNGMyNTc1MzdkM2YwMjUxYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQU41CTTyUBtrVw1G2XEOIkpDdtobbmX+25Iy3VgxeqqSJ9rsJTku3C4AQ6
hKeC8FkRfPl0PZWaYllMdYYSy4eZ7WeDUFJDc3Uz/mood//Xe2BPMe/03lhPYKy9
xXQZCFb+N/JSIznbC5caI7jDSsnpLaY80uB5/OQpdK84G9sIetvsYH4vPIPBJU36
Q6CMDASaGPXcILqsw5vog1mMR/y8JLskKi4nv4LKYG1FO1b5zvqmjcpdDkuRxF+P
gNV7HSqbu3xqDMrFWOHN5N9zs8W7FQftWrvRrEkzNWmBJki8RX6hmY8WgDqDnoXM
qsYVtQxSLW1xvvofY1wzYXX6cckCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTevJIY
cv9HTBImblxR6GKa+GKJ0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjAxYTVhNzAtZThiYy00Yzg4LThmODYtNTk3ZDg5MWVhZTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
gDANBgkqhkiG9w0BAQsFAAOCAQEAkff+yO47rh0AQ4z11cTF2xoZMsksr6T0Drwc
Z0g+tD+eZ19gaQ0Ey0zs7n8k4vRW3Uhg7lwlQdqJwZD/DlFsJR95n47hDuPB0Qag
I27+3F7jnSBHPBVN8E/2rqGYIriev5fhazgTKXVGn752FU2cGA7xPBSTi56I+opR
G7j1aLYsW9RahwKjOMGWjtk7jTSfrqnECi5GHJ47t1tylFiyh5O726jLtMTntVpa
YONvssuhOZAITviqrIPPNpgaA5X1U335/jFCueyLem/V1+VmgUbQCP9Wmgnh8uUX
EV3SIoVqbOnzWIJ+TJnKkMyNqkACKKamRb7O4y/S8BfCgnQmag==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:17 2025 by rpki-client