Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
File: ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa (raw, json)
Hash identifier: ElIWYbKVKK6AhKPRcMH0yYAZ4C6PfpfoQop1K1cw5oA=
Subject key identifier: D7:E0:DD:66:73:16:82:44:33:BA:40:D7:EF:48:ED:3A:88:57:4C:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 303967371CBF665CB3B8CB3F8D83DAE503417A37
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
Signing time: Tue 21 Oct 2025 14:00:37 +0000
ROA not before: Tue 21 Oct 2025 14:00:37 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:39:67:37:1c:bf:66:5c:b3:b8:cb:3f:8d:83:da:e5:03:41:7a:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:00:37 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=bc306d4ee59e3209e7b281bcb21966fadee157585dfae7ac64cdbf504f7ffea1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:37:fe:68:1a:d6:0f:8a:74:ec:72:1a:15:43:
d7:a8:86:25:da:2f:f0:7e:dd:d6:30:20:39:fb:8c:
85:03:24:8f:09:2a:ef:a9:fc:bd:14:d3:7e:7c:6d:
3c:fe:66:2d:f6:52:1c:d8:13:94:ab:00:27:65:8d:
54:f7:e2:e9:17:af:03:43:7c:92:01:95:67:da:e4:
5c:35:2c:7f:10:13:ea:fa:d3:ad:2b:65:d5:cd:b1:
b8:dd:7f:52:3c:9d:fe:2a:62:54:bc:37:40:78:e6:
37:38:bd:94:d8:da:99:68:4d:db:3d:9e:6f:ab:ee:
c6:c4:04:00:39:75:d4:e3:66:20:c0:56:91:0b:e7:
db:08:9a:76:17:a1:57:1e:88:1d:21:e4:c2:76:05:
94:31:4f:a0:26:5b:cd:da:0b:cc:f9:e4:36:53:b6:
25:f7:d0:e7:58:fd:25:77:96:6f:c2:81:c3:bc:af:
e2:73:b9:1e:28:93:70:53:eb:98:e9:10:83:d0:dc:
e0:a9:01:ee:25:49:89:ba:4d:0b:c3:7e:db:e9:0f:
30:83:bc:1c:f3:a8:05:1b:7b:c2:0a:4f:7f:67:29:
c7:12:74:4a:84:20:56:06:d2:42:9e:f1:3c:dd:d1:
20:db:d4:c1:9f:0e:e2:38:a2:e5:7b:54:f8:5e:bd:
2a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E0:DD:66:73:16:82:44:33:BA:40:D7:EF:48:ED:3A:88:57:4C:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:a000::/40
Signature Algorithm: sha256WithRSAEncryption
19:31:93:a6:c1:c7:4f:35:81:f5:c8:d7:10:7c:64:d4:d2:80:
8f:f0:da:e2:1f:dc:6b:80:8c:ba:7b:63:cb:b2:36:44:0a:37:
65:04:e5:8a:2c:46:e6:b7:7d:ee:35:79:dd:bc:4a:26:84:59:
15:25:fa:14:e1:f1:7b:0b:ff:b7:6a:b9:5b:85:e5:68:d5:cd:
fe:32:3c:a8:3a:9f:e8:78:a7:1e:e0:a0:a5:d3:88:e3:be:3e:
01:cc:37:31:a0:44:9a:cd:1b:93:69:07:5d:6e:55:52:30:2a:
3e:b3:f6:bf:91:3b:c6:e1:06:c4:11:ef:b8:17:9e:b9:e3:d0:
7a:d7:a4:a9:72:d9:d7:82:82:c0:46:2f:db:18:c5:a8:5a:e1:
6b:f2:19:62:77:8a:3d:9f:93:6e:a6:8a:cb:cb:64:a6:24:f6:
b0:0e:e2:1e:8f:d1:fd:00:b9:05:81:9d:a1:64:01:94:d3:01:
43:4a:60:27:21:54:a8:69:2b:96:24:c0:aa:62:6d:cc:e8:3a:
f2:4a:01:22:92:6d:7f:99:a2:17:55:82:17:05:72:0c:6c:67:
e5:63:60:b4:99:7d:11:95:55:a1:7a:af:b3:0d:e0:4c:3c:50:
d1:64:0a:8e:df:1c:4b:90:f9:bd:38:d8:52:ce:00:ed:93:db:
96:c5:f9:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMDlnNxy/ZlyzuMs/jYPa5QNBejcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDAwMzdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjMzA2ZDRlZTU5ZTMyMDllN2IyODFiY2IyMTk2NmZhZGVlMTU3NTg1ZGZh
ZTdhYzY0Y2RiZjUwNGY3ZmZlYTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALY3/mga1g+KdOxyGhVD16iGJdov8H7d1jAgOfuMhQMkjwkq76n8vRTTfnxt
PP5mLfZSHNgTlKsAJ2WNVPfi6RevA0N8kgGVZ9rkXDUsfxAT6vrTrStl1c2xuN1/
Ujyd/ipiVLw3QHjmNzi9lNjamWhN2z2eb6vuxsQEADl11ONmIMBWkQvn2wiadheh
Vx6IHSHkwnYFlDFPoCZbzdoLzPnkNlO2JffQ51j9JXeWb8KBw7yv4nO5HiiTcFPr
mOkQg9Dc4KkB7iVJibpNC8N+2+kPMIO8HPOoBRt7wgpPf2cpxxJ0SoQgVgbSQp7x
PN3RINvUwZ8O4jii5XtU+F69KgMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTX4N1m
cxaCRDO6QNfvSO06iFdMnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2UyYmMxZDctZTQyOS00MzUwLWI5Y2QtYTQ5MTU4ZDJiMTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dig
MA0GCSqGSIb3DQEBCwUAA4IBAQAZMZOmwcdPNYH1yNcQfGTU0oCP8NriH9xrgIy6
e2PLsjZECjdlBOWKLEbmt33uNXndvEomhFkVJfoU4fF7C/+3arlbheVo1c3+Mjyo
Op/oeKce4KCl04jjvj4BzDcxoESazRuTaQddblVSMCo+s/a/kTvG4QbEEe+4F565
49B616SpctnXgoLARi/bGMWoWuFr8hlid4o9n5NuporLy2SmJPawDuIej9H9ALkF
gZ2hZAGU0wFDSmAnIVSoaSuWJMCqYm3M6DrySgEikm1/maIXVYIXBXIMbGflY2C0
mX0RlVWheq+zDeBMPFDRZAqO3xxLkPm9ONhSzgDtk9uWxfmz
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:20 2025 by rpki-client