Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
File: e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa (raw, json)
Hash identifier: KD/HEh/1q4BGKj0H2PhKEn+ety6AK5ruNAubapCRX1g=
Subject key identifier: FF:8E:7E:D3:0B:E5:46:CB:4F:06:68:49:F9:ED:49:BE:C6:12:4D:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B689F1B1EF5CCF662CEE55BFEC2898C68EAE087
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
Signing time: Tue 21 Oct 2025 13:20:10 +0000
ROA not before: Tue 21 Oct 2025 13:20:10 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:68:9f:1b:1e:f5:cc:f6:62:ce:e5:5b:fe:c2:89:8c:68:ea:e0:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:10 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=b9403c72e1b36c8349ffe82715045846d036573749c9ad7fcc346b16a39bae58, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:65:1a:34:cd:e0:0e:52:ae:70:f1:7e:4b:9c:
0a:d6:04:cc:54:fb:40:9c:5c:73:8a:5f:11:db:84:
1c:f0:4f:62:95:46:d4:9f:6a:af:f2:5f:f7:c2:72:
32:17:31:8f:46:43:0a:4d:2c:20:17:f8:90:56:52:
36:ed:74:99:c9:c8:5f:31:c8:8a:6a:f6:e9:3d:b4:
e7:4c:3f:8a:2d:99:24:a2:d6:3b:3c:d0:ac:a2:6e:
f0:ad:0a:36:3b:87:ec:f7:68:c9:92:e2:c0:f4:c6:
97:46:ec:38:a5:01:25:c3:55:96:62:43:53:65:5d:
1a:a2:28:74:5b:4d:59:20:7b:c1:7c:19:b8:fe:ca:
4e:9b:94:92:8f:9e:53:2b:0c:0a:44:96:ab:ef:ce:
eb:f6:4b:66:0b:34:6d:69:7d:c8:80:72:a3:8a:ea:
61:ad:ee:17:02:c0:a3:ec:ae:23:d4:3f:c8:e5:65:
64:f1:57:9b:da:b2:5d:ae:97:7e:0e:bb:42:0d:c5:
79:fc:bb:ee:0f:69:2f:bd:ae:5c:63:fe:13:59:bd:
57:5f:f3:35:af:01:8d:ae:6b:f8:cf:06:54:f5:c5:
da:cf:22:d7:e4:bf:54:67:4f:0d:ad:89:37:b3:ab:
57:9d:69:bb:77:cb:a3:65:d2:4b:89:e1:eb:e1:c0:
81:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:8E:7E:D3:0B:E5:46:CB:4F:06:68:49:F9:ED:49:BE:C6:12:4D:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:c000::/40
Signature Algorithm: sha256WithRSAEncryption
45:bb:49:46:8e:05:8f:e4:bd:4f:66:f4:33:bc:81:82:93:53:
a5:91:71:2d:ce:44:61:70:61:e2:31:7d:e2:eb:37:a2:d7:d5:
66:d3:ab:75:09:27:f8:d0:89:88:fd:31:7d:32:6d:02:bf:0d:
41:b6:2c:8b:7f:b0:93:61:c0:5f:29:08:f8:44:46:17:19:b8:
48:d9:d7:80:d4:3c:94:e0:04:79:fc:66:eb:48:15:a8:9f:c7:
62:72:b2:97:5f:8f:2f:32:80:8b:ad:f0:2a:0e:91:ba:c2:54:
68:2f:ba:24:03:fd:9b:ff:04:ba:96:87:87:b4:c1:db:3d:51:
ff:b2:18:06:6a:81:9d:60:6f:95:de:99:9f:04:d4:0f:67:7a:
25:12:f1:18:8a:aa:e2:18:65:14:81:c2:27:8f:e0:e3:37:25:
76:7b:78:ba:00:29:11:01:ca:f5:b0:77:59:3d:a9:ee:a9:3d:
28:e2:16:07:53:a6:bf:08:2c:58:1e:30:ce:cf:76:19:26:bf:
e4:24:89:24:c5:58:9b:5a:ce:26:e8:08:e2:d4:54:7e:b2:65:
98:8b:45:20:86:3c:34:43:69:28:09:ab:bf:b2:34:89:b7:40:
f7:76:2a:d0:f9:f2:3e:fe:e6:bf:f1:46:18:53:d8:08:a4:c1:
88:6d:83:32
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS2ifGx71zPZizuVb/sKJjGjq4IcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwMTBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5NDAzYzcyZTFiMzZjODM0OWZmZTgyNzE1MDQ1ODQ2ZDAzNjU3Mzc0OWM5
YWQ3ZmNjMzQ2YjE2YTM5YmFlNTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJllGjTN4A5SrnDxfkucCtYEzFT7QJxcc4pfEduEHPBPYpVG1J9qr/Jf98Jy
Mhcxj0ZDCk0sIBf4kFZSNu10mcnIXzHIimr26T2050w/ii2ZJKLWOzzQrKJu8K0K
NjuH7PdoyZLiwPTGl0bsOKUBJcNVlmJDU2VdGqIodFtNWSB7wXwZuP7KTpuUko+e
UysMCkSWq+/O6/ZLZgs0bWl9yIByo4rqYa3uFwLAo+yuI9Q/yOVlZPFXm9qyXa6X
fg67Qg3Fefy77g9pL72uXGP+E1m9V1/zNa8Bja5r+M8GVPXF2s8i1+S/VGdPDa2J
N7OrV51pu3fLo2XSS4nh6+HAgc8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT/jn7T
C+VGy08GaEn57Um+xhJN7TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTZhYzBkZWYtODMzZi00ZTFiLWE3NWQtMmQxZmIzYjhjM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7A
MA0GCSqGSIb3DQEBCwUAA4IBAQBFu0lGjgWP5L1PZvQzvIGCk1OlkXEtzkRhcGHi
MX3i6zei19Vm06t1CSf40ImI/TF9Mm0Cvw1BtiyLf7CTYcBfKQj4REYXGbhI2deA
1DyU4AR5/GbrSBWon8dicrKXX48vMoCLrfAqDpG6wlRoL7okA/2b/wS6loeHtMHb
PVH/shgGaoGdYG+V3pmfBNQPZ3olEvEYiqriGGUUgcInj+DjNyV2e3i6ACkRAcr1
sHdZPanuqT0o4hYHU6a/CCxYHjDOz3YZJr/kJIkkxVibWs4m6Aji1FR+smWYi0Ug
hjw0Q2koCau/sjSJt0D3dirQ+fI+/ua/8UYYU9gIpMGIbYMy
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:13 2025 by rpki-client