Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
File: d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa (raw, json)
Hash identifier: QfC2SeXbAwh+6KayUNtHqAvCWibQn6Up+wcjpP2CzM4=
Subject key identifier: 1A:55:3E:89:F1:E4:19:EB:C9:77:2C:FF:E5:BC:58:B6:27:1E:30:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69D0ADB2FDA1C3CBA6D6CA15ECAEB94F5E62434F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
Signing time: Tue 21 Oct 2025 13:50:03 +0000
ROA not before: Tue 21 Oct 2025 13:50:03 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d024::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:d0:ad:b2:fd:a1:c3:cb:a6:d6:ca:15:ec:ae:b9:4f:5e:62:43:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:03 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=ffb1982c2f143fc7e069a7bebe5f05e9729478ed87f287a27b18fc53ec2ca0a2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3b:46:b4:cc:2f:b6:09:71:62:cf:ca:ea:7e:
62:8d:09:f3:b0:d3:f7:9a:3c:73:a9:61:87:82:dd:
2e:4b:05:26:94:d2:95:bf:99:ba:f4:0f:38:6e:de:
a5:08:86:83:f1:27:7a:44:ec:12:23:0f:c1:ba:25:
55:a9:46:b8:4e:d3:d9:7f:26:00:c7:3d:08:3d:b3:
b1:49:a4:c4:f0:8b:1e:14:d4:56:0e:e2:b9:97:7a:
64:59:af:91:66:5a:9e:e3:fb:1f:62:48:f6:7b:b8:
33:5e:4d:5a:14:43:c9:96:a9:6c:f6:89:f4:e5:b8:
6e:a2:de:96:fe:ef:da:d2:e6:c5:df:a5:1e:dd:17:
ed:96:18:db:69:0f:74:10:2e:c1:52:4f:e4:af:60:
cf:19:76:14:48:88:0c:92:98:41:49:be:3e:ae:af:
5c:db:48:b1:03:95:00:a0:8c:b8:08:a6:cc:8a:a4:
84:91:4e:28:af:db:51:98:f3:ff:51:26:a0:7a:b4:
45:b8:84:42:d7:d8:b0:af:a7:72:c4:b3:04:39:ed:
90:52:e2:75:e7:f3:15:89:bf:85:96:23:2c:05:f8:
ef:52:e3:fe:b8:66:d0:9c:c9:8f:d8:f2:80:3f:90:
f3:79:7c:8f:25:06:62:93:25:7b:5e:12:83:5c:d4:
a4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:55:3E:89:F1:E4:19:EB:C9:77:2C:FF:E5:BC:58:B6:27:1E:30:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d024::/36
Signature Algorithm: sha256WithRSAEncryption
ae:7b:57:15:0e:27:cd:7c:a9:30:7f:de:20:99:1f:74:98:18:
bc:62:f7:79:d0:41:51:82:0f:74:84:f4:90:55:12:bf:86:7f:
f9:80:27:b1:31:25:cb:57:6e:2a:92:46:12:fd:ed:71:33:57:
8f:40:8c:ce:60:c1:02:32:76:d5:33:a0:21:41:b4:9b:4b:b3:
0d:93:61:ed:2a:d4:08:7b:d4:a0:29:66:e3:0f:e3:5d:4e:21:
b2:30:51:44:51:a6:8d:16:4c:d0:fe:55:88:23:55:c4:a7:fe:
2f:6a:e5:31:4b:a2:86:3d:e6:b5:c6:e3:aa:a2:70:04:cb:b8:
f1:20:38:2b:14:b1:7d:a4:bd:4d:8c:37:6e:b1:ac:6d:93:64:
bf:7b:cd:11:89:11:bd:02:ee:15:7e:89:8f:c9:ac:77:88:e2:
18:a2:17:fa:1b:2a:9f:ad:4c:d8:53:98:95:d9:bc:2b:38:a3:
5e:20:56:ff:2e:95:8a:53:e5:ce:60:5d:72:b9:f0:b1:2d:f9:
de:86:45:3f:93:54:33:9f:3b:c2:58:11:19:51:20:fa:33:ef:
e6:b5:ca:5d:47:eb:df:bd:f8:23:17:04:8c:11:2f:f0:72:9f:
09:26:98:d1:e7:f1:2e:10:33:a4:f0:25:fd:02:a2:d9:13:52:
78:97:b5:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUadCtsv2hw8um1soV7K65T15iQ08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwMDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmYjE5ODJjMmYxNDNmYzdlMDY5YTdiZWJlNWYwNWU5NzI5NDc4ZWQ4N2Yy
ODdhMjdiMThmYzUzZWMyY2EwYTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK07RrTML7YJcWLPyup+Yo0J87DT95o8c6lhh4LdLksFJpTSlb+ZuvQPOG7e
pQiGg/EnekTsEiMPwbolValGuE7T2X8mAMc9CD2zsUmkxPCLHhTUVg7iuZd6ZFmv
kWZanuP7H2JI9nu4M15NWhRDyZapbPaJ9OW4bqLelv7v2tLmxd+lHt0X7ZYY22kP
dBAuwVJP5K9gzxl2FEiIDJKYQUm+Pq6vXNtIsQOVAKCMuAimzIqkhJFOKK/bUZjz
/1EmoHq0RbiEQtfYsK+ncsSzBDntkFLidefzFYm/hZYjLAX471Lj/rhm0JzJj9jy
gD+Q83l8jyUGYpMle14Sg1zUpK8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQaVT6J
8eQZ68l3LP/lvFi2Jx4wRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDhmZjcwMTMtMDhiNi00ZTM2LWFiODgtYzRmOGJkM2U3YTA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CQA
MA0GCSqGSIb3DQEBCwUAA4IBAQCue1cVDifNfKkwf94gmR90mBi8Yvd50EFRgg90
hPSQVRK/hn/5gCexMSXLV24qkkYS/e1xM1ePQIzOYMECMnbVM6AhQbSbS7MNk2Ht
KtQIe9SgKWbjD+NdTiGyMFFEUaaNFkzQ/lWII1XEp/4vauUxS6KGPea1xuOqonAE
y7jxIDgrFLF9pL1NjDdusaxtk2S/e80RiRG9Au4VfomPyax3iOIYohf6GyqfrUzY
U5iV2bwrOKNeIFb/LpWKU+XOYF1yufCxLfnehkU/k1QznzvCWBEZUSD6M+/mtcpd
R+vfvfgjFwSMES/wcp8JJpjR5/EuEDOk8CX9AqLZE1J4l7XD
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:55 2025 by rpki-client