Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6b5f2f6-236d-447e-aeb1-24c947937396.roa
File: b6b5f2f6-236d-447e-aeb1-24c947937396.roa (raw, json)
Hash identifier: pstkdLaukzXOh2a5x3EdT5aS66bJ68EzU21DTPF4u/c=
Subject key identifier: 17:7A:5A:DB:A4:81:C8:AE:96:D8:AB:97:75:B4:F4:D8:56:C4:1A:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3BB3ECCA49FB634FF18EB75930D2A28B00EA159F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6b5f2f6-236d-447e-aeb1-24c947937396.roa
Signing time: Fri 24 Oct 2025 00:20:14 +0000
ROA not before: Fri 24 Oct 2025 00:20:14 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:b3:ec:ca:49:fb:63:4f:f1:8e:b7:59:30:d2:a2:8b:00:ea:15:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:14 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=ebb516c43ef008dc1a3742f8b33c1aa2642d981f291b786201d27fa3bf1c6bee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3c:7b:86:8e:dc:0b:86:f7:13:d5:b4:6f:61:
6b:fa:d4:d8:08:e3:95:de:bf:6f:12:64:fb:e5:1c:
a2:fe:21:50:93:b3:76:f3:bc:a6:0a:0b:9d:b6:48:
c5:8b:46:6d:79:bb:e7:2b:96:11:cf:4d:2b:1f:cc:
02:a7:6b:49:86:67:b7:ec:8b:ba:1c:61:0f:ae:46:
cc:38:9b:3b:8b:64:1c:bc:ba:f8:0e:c9:36:cc:1c:
a4:05:ac:40:74:65:fa:9d:5f:93:cd:5a:11:36:dc:
f1:98:1a:93:76:10:9c:05:f2:b4:ee:e9:02:46:4f:
b9:9a:0e:f7:65:e7:cf:ca:67:8f:41:9b:4f:25:ca:
02:d4:43:0f:ee:df:ed:48:61:5d:89:95:dd:69:f1:
6a:a4:09:11:8b:e2:bb:18:8b:5d:93:8c:5f:b7:69:
ff:a0:0b:13:e0:ce:52:44:bf:da:7c:b5:0b:d2:0e:
3c:2b:20:2f:45:95:f6:39:72:7b:b8:e6:ad:e4:d2:
08:82:72:75:2d:62:4f:cd:1a:a0:8e:14:9e:75:9b:
95:4c:ba:51:0d:ba:e8:a5:de:1c:05:b2:7c:e1:16:
24:f0:a6:c3:cc:13:dd:5d:87:88:96:46:3f:4c:13:
bd:38:0b:24:9e:f3:80:b6:c6:a9:a0:10:b8:84:4e:
a5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:7A:5A:DB:A4:81:C8:AE:96:D8:AB:97:75:B4:F4:D8:56:C4:1A:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6b5f2f6-236d-447e-aeb1-24c947937396.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
97:71:0c:d0:f4:3a:b7:e8:a1:ef:e9:52:38:90:fa:a9:50:00:
4f:13:c7:0e:96:af:dc:b4:ad:de:b3:cd:6a:4a:74:0f:00:77:
68:80:c7:0c:4d:21:93:90:56:63:ec:5f:7d:20:45:ea:bd:8a:
7b:77:4b:92:7a:5c:26:84:10:b4:1b:2f:6e:67:c6:ef:81:64:
9e:5e:11:2c:46:22:9b:c1:35:62:af:df:58:1d:e2:cb:b4:53:
a1:bf:2a:95:17:31:fd:2c:e9:5c:83:7f:40:71:e9:d4:09:84:
bc:64:c4:18:07:c3:1f:d1:f5:90:98:9d:03:24:e8:22:ec:e6:
14:e3:63:55:3a:2c:2e:2e:76:d8:1c:d6:0c:22:05:7e:9e:66:
74:90:f3:5f:bb:97:db:2f:b2:2c:fb:1f:7b:6c:0e:45:2e:72:
fa:74:23:20:17:a5:c2:92:65:1f:f6:c1:70:d0:6f:e3:42:7f:
8f:a8:1c:cb:26:c4:ab:48:08:7a:66:0f:fb:94:89:69:2b:9f:
bb:7b:17:e0:d9:c7:09:1a:98:3a:46:7f:bf:6e:58:f4:89:47:
15:86:58:b3:7a:ca:08:0c:82:aa:e5:f7:48:8b:fa:5a:d3:ab:
69:b9:3a:b1:03:2f:b0:ff:19:36:30:88:58:e5:2b:3c:19:ec:
02:2e:fd:4e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUO7Psykn7Y0/xjrdZMNKiiwDqFZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMTRaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGViYjUxNmM0M2VmMDA4ZGMxYTM3NDJmOGIzM2MxYWEyNjQyZDk4MWYyOTFi
Nzg2MjAxZDI3ZmEzYmYxYzZiZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM88e4aO3AuG9xPVtG9ha/rU2Ajjld6/bxJk++Ucov4hUJOzdvO8pgoLnbZI
xYtGbXm75yuWEc9NKx/MAqdrSYZnt+yLuhxhD65GzDibO4tkHLy6+A7JNswcpAWs
QHRl+p1fk81aETbc8Zgak3YQnAXytO7pAkZPuZoO92Xnz8pnj0GbTyXKAtRDD+7f
7UhhXYmV3WnxaqQJEYviuxiLXZOMX7dp/6ALE+DOUkS/2ny1C9IOPCsgL0WV9jly
e7jmreTSCIJydS1iT80aoI4UnnWblUy6UQ266KXeHAWyfOEWJPCmw8wT3V2HiJZG
P0wTvTgLJJ7zgLbGqaAQuIROpecCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQXelrb
pIHIrpbYq5d1tPTYVsQabDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjZiNWYyZjYtMjM2ZC00NDdlLWFlYjEtMjRjOTQ3OTM3Mzk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G2A
wDANBgkqhkiG9w0BAQsFAAOCAQEAl3EM0PQ6t+ih7+lSOJD6qVAATxPHDpav3LSt
3rPNakp0DwB3aIDHDE0hk5BWY+xffSBF6r2Ke3dLknpcJoQQtBsvbmfG74Fknl4R
LEYim8E1Yq/fWB3iy7RTob8qlRcx/SzpXIN/QHHp1AmEvGTEGAfDH9H1kJidAyTo
IuzmFONjVTosLi522BzWDCIFfp5mdJDzX7uX2y+yLPsfe2wORS5y+nQjIBelwpJl
H/bBcNBv40J/j6gcyybEq0gIemYP+5SJaSufu3sX4NnHCRqYOkZ/v25Y9IlHFYZY
s3rKCAyCquX3SIv6WtOrabk6sQMvsP8ZNjCIWOUrPBnsAi79Tg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:29 2025 by rpki-client