Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf8326d0-ecc0-4939-9939-2ed70f6ea536.roa
File: cf8326d0-ecc0-4939-9939-2ed70f6ea536.roa (raw, json)
Hash identifier: BHFxJSnfVIJTXjnV+xoGH7TV7IIqAqZE7qGrTDCA6eI=
Subject key identifier: 19:A1:1B:1C:44:BC:CD:8F:D9:1E:E3:91:C3:51:1C:8F:DB:3C:CC:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12523C753CD21EF175F55130D8E1C9E9C0778A81
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf8326d0-ecc0-4939-9939-2ed70f6ea536.roa
Signing time: Tue 21 Oct 2025 14:30:58 +0000
ROA not before: Tue 21 Oct 2025 14:30:58 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:52:3c:75:3c:d2:1e:f1:75:f5:51:30:d8:e1:c9:e9:c0:77:8a:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:30:58 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=81eff6335232ff4c8d02d734da3e7e8a9bdb571f235337e2c038733a0651efa4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b9:82:d4:44:4f:3a:00:63:44:3a:57:db:bd:
a4:e8:b7:08:21:2e:41:d4:0a:84:c5:e0:01:91:62:
d0:de:45:6d:20:03:e0:90:84:ce:48:b6:29:9d:1e:
3b:a4:8f:55:7b:5e:dd:5e:13:f1:19:66:24:f7:be:
59:1b:3f:61:71:2f:63:1c:ca:e6:52:c1:30:ca:ff:
7a:11:7b:2f:99:dc:d4:c9:78:bc:f7:cf:23:85:ee:
df:b2:c5:0f:5c:96:62:a2:79:ef:4c:1a:dc:e7:59:
e1:56:f3:2d:ce:45:5f:09:f7:a7:b9:9d:20:b1:b1:
a1:e7:1c:05:4f:a5:00:77:6f:28:ab:1c:53:bf:c7:
b4:08:05:f5:bb:13:3f:90:43:95:45:f2:9c:5a:bc:
30:99:a5:78:74:27:63:a7:99:25:43:87:31:a0:cc:
b2:f9:f1:fa:d0:9a:ad:51:e7:fc:78:e6:32:3e:1f:
99:31:1a:0c:14:07:04:c7:14:04:da:9e:c7:6a:f4:
87:9d:0d:e5:2e:41:e5:6f:4a:64:b5:f5:77:e4:4e:
6a:d3:f1:6f:6a:5b:89:f0:8d:57:d5:c4:90:e3:7a:
5f:1e:c3:7e:8a:25:ac:12:f2:91:84:c7:cc:67:39:
50:23:7e:25:2a:bb:16:de:21:7e:82:1f:b9:00:ae:
3a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A1:1B:1C:44:BC:CD:8F:D9:1E:E3:91:C3:51:1C:8F:DB:3C:CC:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf8326d0-ecc0-4939-9939-2ed70f6ea536.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1040::/48
Signature Algorithm: sha256WithRSAEncryption
03:a2:d5:c5:4a:e7:52:9a:78:db:66:87:bc:48:76:ad:b5:b4:
2e:3a:ab:93:d5:5f:dd:63:bf:1f:57:76:11:79:b8:5e:5b:d5:
14:c6:24:02:98:93:6a:32:ff:c4:19:6c:68:6f:47:15:bc:5c:
20:7e:d2:20:1b:6b:fe:83:0d:8e:f2:38:1c:9e:a7:17:d5:20:
e6:d7:ef:0a:83:70:2c:a4:47:58:34:7b:2a:c5:9a:e6:e0:75:
59:80:f3:05:f9:75:88:fd:53:c7:1e:af:af:18:2c:e1:3b:d4:
7e:b9:54:91:12:84:38:06:6f:2d:3c:de:10:76:35:36:f1:29:
9f:a2:41:ee:52:88:f1:0d:5a:23:66:9e:2a:3e:3a:0a:8f:c2:
d3:a4:73:13:e1:7b:64:af:e0:25:95:46:7b:9e:cc:87:8d:07:
a5:d1:3e:b8:12:2c:15:d7:16:ca:48:93:79:43:1b:89:53:d5:
8b:f6:8d:9f:20:9f:9c:e2:e5:1d:90:07:a0:55:bc:66:ed:be:
73:47:76:4d:4c:da:e1:01:67:35:9e:30:c8:da:a5:40:4d:fe:
1e:d5:94:84:94:55:dd:af:e5:ad:92:25:f1:ec:af:b6:cc:43:
b6:e1:98:69:9e:49:2a:92:34:60:88:11:83:6d:15:3d:33:82:
fb:7d:8a:f5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUElI8dTzSHvF19VEw2OHJ6cB3ioEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMwNThaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxZWZmNjMzNTIzMmZmNGM4ZDAyZDczNGRhM2U3ZThhOWJkYjU3MWYyMzUz
MzdlMmMwMzg3MzNhMDY1MWVmYTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMO5gtRETzoAY0Q6V9u9pOi3CCEuQdQKhMXgAZFi0N5FbSAD4JCEzki2KZ0e
O6SPVXte3V4T8RlmJPe+WRs/YXEvYxzK5lLBMMr/ehF7L5nc1Ml4vPfPI4Xu37LF
D1yWYqJ570wa3OdZ4VbzLc5FXwn3p7mdILGxoeccBU+lAHdvKKscU7/HtAgF9bsT
P5BDlUXynFq8MJmleHQnY6eZJUOHMaDMsvnx+tCarVHn/HjmMj4fmTEaDBQHBMcU
BNqex2r0h50N5S5B5W9KZLX1d+ROatPxb2pbifCNV9XEkON6Xx7DfoolrBLykYTH
zGc5UCN+JSq7Ft4hfoIfuQCuOtsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQZoRsc
RLzNj9ke45HDURyP2zzM9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y4MzI2ZDAtZWNjMC00OTM5LTk5MzktMmVkNzBmNmVhNTM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAA6LVxUrnUpp422aHvEh2rbW0Ljqrk9Vf3WO/
H1d2EXm4XlvVFMYkApiTajL/xBlsaG9HFbxcIH7SIBtr/oMNjvI4HJ6nF9Ug5tfv
CoNwLKRHWDR7KsWa5uB1WYDzBfl1iP1Txx6vrxgs4TvUfrlUkRKEOAZvLTzeEHY1
NvEpn6JB7lKI8Q1aI2aeKj46Co/C06RzE+F7ZK/gJZVGe57Mh40HpdE+uBIsFdcW
ykiTeUMbiVPVi/aNnyCfnOLlHZAHoFW8Zu2+c0d2TUza4QFnNZ4wyNqlQE3+HtWU
hJRV3a/lrZIl8eyvtsxDtuGYaZ5JKpI0YIgRg20VPTOC+32K9Q==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:29 2025 by rpki-client