Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b92d2073-fe74-4c3d-87a9-37106f766cba.roa
File: b92d2073-fe74-4c3d-87a9-37106f766cba.roa (raw, json)
Hash identifier: 4HGo5yxfDrmBlBC/2W5XJ/3K4m0er4UHuQLGBgnRqnw=
Subject key identifier: 03:46:13:16:49:43:D1:BF:CD:5C:00:E8:6B:BF:B3:CD:F0:81:F7:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1CC80F0A7930F5171C42FBA9DFD6BAB4BB7FB037
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b92d2073-fe74-4c3d-87a9-37106f766cba.roa
Signing time: Tue 21 Oct 2025 13:50:38 +0000
ROA not before: Tue 21 Oct 2025 13:50:38 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:c8:0f:0a:79:30:f5:17:1c:42:fb:a9:df:d6:ba:b4:bb:7f:b0:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:38 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=a2b0d2bfb7c0ec62c426d66b5a1ef08ea8fddc949bb34b6007f97d304f483dae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:60:f4:e0:a0:b6:4e:71:c8:8f:b8:d8:d1:e8:
7d:dd:61:79:a0:d7:be:95:75:cd:44:2c:ab:43:9b:
97:24:30:dd:c7:87:e9:a2:c8:16:65:62:cb:7a:28:
a0:50:e3:fa:34:af:0e:0f:24:e8:51:4d:e1:14:01:
86:18:d7:93:fc:19:46:87:51:32:e2:e1:97:2d:a7:
46:3f:f0:5e:db:a7:01:cc:57:c2:c7:b0:6a:0b:98:
12:57:1a:c9:0f:79:21:2c:10:da:9c:92:39:f0:9c:
d5:ec:55:8d:3e:2a:39:da:25:a5:5c:d5:4d:12:df:
28:aa:48:6f:ee:3a:da:15:ce:90:12:a6:91:66:a5:
96:19:c8:1b:ab:95:e7:c4:f7:f3:da:42:b9:c3:2c:
dd:cb:05:78:79:d7:cd:f1:7f:2d:a3:ba:d3:1b:a7:
50:74:29:1e:9d:c9:48:ec:00:99:68:aa:ea:0d:d4:
32:2d:df:5f:fe:50:a8:46:fa:3b:e2:bb:a9:b9:44:
4e:c7:46:cb:8f:23:35:ab:81:4b:b8:9a:1e:df:2f:
1a:ff:13:0d:51:e8:9e:0b:6b:00:f7:dd:de:cb:02:
c4:a5:31:88:d1:e0:7a:16:d0:e0:83:d7:6a:1a:fd:
c1:9b:f2:64:55:e4:b5:ac:1a:63:42:7d:a8:59:6b:
54:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:46:13:16:49:43:D1:BF:CD:5C:00:E8:6B:BF:B3:CD:F0:81:F7:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b92d2073-fe74-4c3d-87a9-37106f766cba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8060::/48
Signature Algorithm: sha256WithRSAEncryption
89:da:7b:7c:c7:b3:5e:fd:70:98:8c:98:0c:f3:e8:8f:67:3f:
8b:30:ee:34:30:c6:41:71:b5:58:72:d9:5d:a3:f6:bb:e4:02:
9d:f2:0b:ce:4b:b3:d3:30:b9:90:9d:8e:2b:07:42:b5:f1:4f:
86:4d:10:1e:11:99:e3:6d:fc:56:e4:e0:9f:36:44:05:c0:0b:
d6:4f:44:3f:56:25:49:fe:fe:f0:cc:23:c8:fb:fd:6c:04:31:
29:13:68:6d:bd:b5:d4:a0:4d:68:84:92:aa:60:77:ce:bc:9c:
be:96:a7:ec:42:5a:e8:30:d4:30:c9:f8:e1:b3:c9:65:e5:ec:
ec:d0:98:c8:b7:e4:84:f0:9c:f6:8f:40:38:2f:e6:d8:be:28:
08:18:41:50:74:c5:20:8d:92:c3:29:0a:59:70:4c:8b:eb:71:
77:67:a9:70:b7:15:46:bb:52:75:fb:04:b6:e8:0f:ff:45:c9:
e3:26:6a:c3:4c:58:f5:be:3f:d7:a1:92:83:07:72:90:0c:d8:
d0:21:e5:09:de:99:ba:74:b8:d2:63:c2:87:98:bd:16:1f:66:
5e:58:d3:56:62:b1:fa:47:51:ab:df:e0:ff:cc:ee:ce:7d:28:
74:14:d8:ad:01:36:7e:2f:7b:06:14:34:5f:1d:bb:36:24:8f:
7c:07:18:d1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHMgPCnkw9RccQvup39a6tLt/sDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwMzhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyYjBkMmJmYjdjMGVjNjJjNDI2ZDY2YjVhMWVmMDhlYThmZGRjOTQ5YmIz
NGI2MDA3Zjk3ZDMwNGY0ODNkYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhg9OCgtk5xyI+42NHofd1heaDXvpV1zUQsq0OblyQw3ceH6aLIFmViy3oo
oFDj+jSvDg8k6FFN4RQBhhjXk/wZRodRMuLhly2nRj/wXtunAcxXwsewaguYElca
yQ95ISwQ2pySOfCc1exVjT4qOdolpVzVTRLfKKpIb+462hXOkBKmkWallhnIG6uV
58T389pCucMs3csFeHnXzfF/LaO60xunUHQpHp3JSOwAmWiq6g3UMi3fX/5QqEb6
O+K7qblETsdGy48jNauBS7iaHt8vGv8TDVHongtrAPfd3ssCxKUxiNHgehbQ4IPX
ahr9wZvyZFXktawaY0J9qFlrVD8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQDRhMW
SUPRv81cAOhrv7PN8IH3tzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjkyZDIwNzMtZmU3NC00YzNkLTg3YTktMzcxMDZmNzY2Y2JhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
YDANBgkqhkiG9w0BAQsFAAOCAQEAidp7fMezXv1wmIyYDPPoj2c/izDuNDDGQXG1
WHLZXaP2u+QCnfILzkuz0zC5kJ2OKwdCtfFPhk0QHhGZ4238VuTgnzZEBcAL1k9E
P1YlSf7+8MwjyPv9bAQxKRNobb211KBNaISSqmB3zrycvpan7EJa6DDUMMn44bPJ
ZeXs7NCYyLfkhPCc9o9AOC/m2L4oCBhBUHTFII2SwykKWXBMi+txd2epcLcVRrtS
dfsEtugP/0XJ4yZqw0xY9b4/16GSgwdykAzY0CHlCd6ZunS40mPCh5i9Fh9mXljT
VmKx+kdRq9/g/8zuzn0odBTYrQE2fi97BhQ0Xx27NiSPfAcY0Q==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:56 2025 by rpki-client