Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
File: c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa (raw, json)
Hash identifier: KORxOHIi3YC1RbYCB0DaZ9u+9ZNwCD3m3Mur2JVbTss=
Subject key identifier: 57:D7:BC:89:6F:35:1A:BB:4B:98:E6:64:ED:00:DD:B1:5F:38:88:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C2EC9859CC3FEF7C4E4AEB3DFF58FF3F1634017
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
Signing time: Tue 21 Oct 2025 14:10:43 +0000
ROA not before: Tue 21 Oct 2025 14:10:43 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:2e:c9:85:9c:c3:fe:f7:c4:e4:ae:b3:df:f5:8f:f3:f1:63:40:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:10:43 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=e28b4dc5fe7aae7ed9ec043aee7367c8359d1e5873e58ee3fcd207fa6ba31d5e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e9:1b:e7:3e:71:39:a7:b9:b5:e1:5f:df:e6:
7e:05:32:a4:7e:b1:87:1a:16:7c:a4:2e:3b:39:64:
6b:bf:f8:7d:62:09:e5:5c:79:81:93:e5:1c:95:07:
db:2e:7b:dc:73:fb:e5:c0:83:4e:9d:1e:80:10:59:
39:13:56:ea:37:53:75:75:fb:87:c8:9c:39:e3:81:
cc:0b:28:9d:e3:93:a7:bf:a2:ec:e3:c6:3e:52:cf:
ee:00:c4:ce:19:10:51:c8:d4:ff:50:41:a0:10:1e:
8b:90:f3:89:06:cb:d4:60:ee:1f:6d:22:8c:04:81:
45:79:54:1e:1e:4a:17:7f:7d:8f:46:c6:c3:4e:e9:
22:ff:32:5a:f7:91:70:da:0b:66:df:56:18:ce:fa:
35:c2:90:d0:41:84:d5:7a:07:5f:d0:78:c9:b2:bc:
d3:4b:ed:ce:fc:e2:6f:b6:76:fa:fc:92:11:f2:82:
7d:3b:61:26:3f:51:85:0b:f9:47:c0:4c:8e:1e:31:
50:01:24:e8:a7:d5:ad:a8:ac:1d:60:a0:90:4f:f1:
b5:ae:9b:7e:33:a2:1a:e6:19:5a:0a:41:51:74:cd:
05:a6:7d:3c:35:49:be:ff:95:0e:2e:0c:1f:c1:f0:
fa:50:ca:3c:c3:05:b4:fd:85:d0:24:67:75:cb:32:
bf:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D7:BC:89:6F:35:1A:BB:4B:98:E6:64:ED:00:DD:B1:5F:38:88:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:2000::/40
Signature Algorithm: sha256WithRSAEncryption
04:b0:51:6a:6f:85:02:13:0c:21:cd:97:af:c0:6c:84:15:00:
ed:d9:8c:de:bc:4b:09:36:75:e3:69:56:2f:4e:e8:74:c3:2f:
0d:aa:00:75:03:e1:c8:07:e4:30:64:67:c9:a6:5e:6e:0e:8b:
11:cb:e4:38:b9:18:ec:a2:ae:1d:db:bc:df:b9:90:bb:f6:cb:
70:61:3f:84:57:79:0d:a3:1f:02:80:52:87:aa:c9:06:6f:2f:
73:6f:26:19:19:8e:36:ef:70:54:3f:15:f5:8e:26:cf:1f:07:
60:2e:f2:3f:bf:0a:e9:eb:46:d7:80:a4:72:52:66:c4:6a:56:
09:18:3f:b9:a8:71:50:9a:60:0d:7e:3d:7f:63:8c:75:d1:15:
83:dd:2e:f0:7c:48:73:6f:b5:86:9f:83:b0:11:3f:ef:b8:a7:
54:3d:55:0b:5c:04:b9:a3:0d:82:02:5a:69:d7:d2:63:28:78:
be:8f:7e:f9:d0:35:b6:cc:e1:13:c4:04:29:1b:5c:5e:76:77:
4c:91:ad:51:9f:72:66:e4:4c:78:5f:37:36:2c:7c:34:2b:66:
f9:8b:67:d5:51:7f:a1:42:95:3c:35:0a:80:fe:9c:b5:ff:a3:
62:34:c1:93:2a:ee:cb:13:fd:3b:e2:b8:74:b2:f7:82:9e:55:
9e:8c:f5:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHC7JhZzD/vfE5K6z3/WP8/FjQBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDEwNDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyOGI0ZGM1ZmU3YWFlN2VkOWVjMDQzYWVlNzM2N2M4MzU5ZDFlNTg3M2U1
OGVlM2ZjZDIwN2ZhNmJhMzFkNWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/pG+c+cTmnubXhX9/mfgUypH6xhxoWfKQuOzlka7/4fWIJ5Vx5gZPlHJUH
2y573HP75cCDTp0egBBZORNW6jdTdXX7h8icOeOBzAsoneOTp7+i7OPGPlLP7gDE
zhkQUcjU/1BBoBAei5DziQbL1GDuH20ijASBRXlUHh5KF399j0bGw07pIv8yWveR
cNoLZt9WGM76NcKQ0EGE1XoHX9B4ybK800vtzvzib7Z2+vySEfKCfTthJj9RhQv5
R8BMjh4xUAEk6KfVraisHWCgkE/xta6bfjOiGuYZWgpBUXTNBaZ9PDVJvv+VDi4M
H8Hw+lDKPMMFtP2F0CRndcsyv3UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRX17yJ
bzUau0uY5mTtAN2xXziIzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZhNWFjZmYtYjVkOC00YzgwLTllY2MtOTQxNTQwNjU3NmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUg
MA0GCSqGSIb3DQEBCwUAA4IBAQAEsFFqb4UCEwwhzZevwGyEFQDt2YzevEsJNnXj
aVYvTuh0wy8NqgB1A+HIB+QwZGfJpl5uDosRy+Q4uRjsoq4d27zfuZC79stwYT+E
V3kNox8CgFKHqskGby9zbyYZGY4273BUPxX1jibPHwdgLvI/vwrp60bXgKRyUmbE
alYJGD+5qHFQmmANfj1/Y4x10RWD3S7wfEhzb7WGn4OwET/vuKdUPVULXAS5ow2C
Alpp19JjKHi+j3750DW2zOETxAQpG1xedndMka1Rn3Jm5Ex4Xzc2LHw0K2b5i2fV
UX+hQpU8NQqA/py1/6NiNMGTKu7LE/074rh0sveCnlWejPU+
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:17 2025 by rpki-client