Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
File: ea271f77-763d-42f8-a315-60081847d059.roa (raw, json)
Hash identifier: fMFkTEFlfLTqoBYo5SxdtrV59kM1EBigSKroOAP9qSk=
Subject key identifier: 7F:3B:4D:51:8B:E7:AD:DE:F3:E1:26:FC:BE:E9:2F:61:FE:87:BB:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50C309DF62E6FD4ADD1B20B42A18548828A2DBF9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
Signing time: Tue 21 Oct 2025 13:10:41 +0000
ROA not before: Tue 21 Oct 2025 13:10:41 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:c3:09:df:62:e6:fd:4a:dd:1b:20:b4:2a:18:54:88:28:a2:db:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:10:41 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=8075d5c2a3995e1a96b05ceae752c06e4a60fddf2a8dc169b2d7802197510fc9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2f:a8:a3:72:21:45:04:96:50:50:5f:e5:a5:
51:21:cb:78:a6:b5:88:6a:a4:da:fd:c9:94:d5:55:
e6:3c:5a:d2:58:97:07:56:bd:22:9d:4a:73:5d:a4:
58:b8:3d:b6:e8:cd:92:5e:2b:17:87:5a:86:fd:f1:
a9:96:d5:a6:76:8e:22:c9:c1:32:44:04:df:4f:66:
69:ca:7d:25:7b:af:84:1d:69:ea:aa:25:64:85:fc:
4a:f0:cf:bf:31:9b:22:d6:69:30:29:cf:4d:dd:f5:
4b:d5:e9:af:72:a1:33:88:a4:a9:30:fd:9b:46:13:
1f:5b:64:b3:75:a8:23:3f:10:f6:60:7a:c5:51:c6:
bb:ef:1d:59:12:8b:7a:a6:d0:b9:6e:2e:53:0a:88:
e1:c7:34:73:5d:25:c1:5e:56:3f:35:a4:1b:64:9e:
4f:5c:1d:b1:c4:5d:11:bb:c3:f1:fa:6d:01:6e:f7:
37:22:a3:4a:4e:de:dd:9d:7c:12:35:c3:28:21:01:
d7:7e:47:e6:91:d6:dc:e8:ad:f4:17:e7:2b:32:1e:
e7:e9:32:1a:9a:d2:91:64:01:1b:ac:e0:5f:7a:b2:
4a:d1:79:9b:a5:75:cb:44:7e:a3:a7:73:08:42:57:
20:3a:e5:f0:71:6f:f7:14:15:66:c4:60:3d:77:b7:
70:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:3B:4D:51:8B:E7:AD:DE:F3:E1:26:FC:BE:E9:2F:61:FE:87:BB:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e040::/48
Signature Algorithm: sha256WithRSAEncryption
70:dc:fd:f7:c7:31:f0:98:71:ff:e9:ec:42:08:b1:4c:62:d8:
9e:3a:bc:2f:c7:eb:48:c7:fe:81:28:5c:3f:d0:73:7a:81:14:
94:d7:eb:65:49:15:2a:54:ca:f2:c1:c9:ca:e2:50:20:30:48:
ac:43:93:46:1c:35:04:d3:ee:dc:99:cb:76:86:52:45:88:5f:
72:35:d7:34:4f:49:19:2c:ca:b1:40:62:aa:04:45:dc:88:9b:
30:5f:9b:f6:f5:45:ca:7c:8f:74:cc:89:c2:a2:0a:af:ae:7e:
b1:3d:03:48:71:1a:9e:63:91:a1:66:43:c4:1a:4e:38:87:12:
20:11:42:6e:b9:61:45:ac:4b:b2:c6:5c:0c:1d:94:31:69:1c:
fd:8a:b4:02:40:c4:e1:a5:b4:71:7b:7e:d4:01:58:bf:56:f2:
1b:75:c5:b5:a9:35:d4:45:84:c9:e7:d3:63:bb:6a:2a:93:63:
73:dd:8e:2f:3e:94:2c:5b:ed:f7:d7:06:16:83:14:12:31:8b:
7b:f3:72:3f:86:26:6d:c5:78:aa:f4:e9:e7:71:c1:e4:12:f7:
b2:f9:67:cf:bb:7d:69:6d:47:c4:09:82:6f:af:af:84:ec:f4:
26:08:10:e3:05:d0:c2:b9:9d:4c:35:a6:18:c2:ae:06:c0:c4:
67:8a:d7:57
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUMMJ32Lm/UrdGyC0KhhUiCii2/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzEwNDFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwNzVkNWMyYTM5OTVlMWE5NmIwNWNlYWU3NTJjMDZlNGE2MGZkZGYyYThk
YzE2OWIyZDc4MDIxOTc1MTBmYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4vqKNyIUUEllBQX+WlUSHLeKa1iGqk2v3JlNVV5jxa0liXB1a9Ip1Kc12k
WLg9tujNkl4rF4dahv3xqZbVpnaOIsnBMkQE309macp9JXuvhB1p6qolZIX8SvDP
vzGbItZpMCnPTd31S9Xpr3KhM4ikqTD9m0YTH1tks3WoIz8Q9mB6xVHGu+8dWRKL
eqbQuW4uUwqI4cc0c10lwV5WPzWkG2SeT1wdscRdEbvD8fptAW73NyKjSk7e3Z18
EjXDKCEB135H5pHW3Oit9BfnKzIe5+kyGprSkWQBG6zgX3qyStF5m6V1y0R+o6dz
CEJXIDrl8HFv9xQVZsRgPXe3cGMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR/O01R
i+et3vPhJvy+6S9h/oe7ezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWEyNzFmNzctNzYzZC00MmY4LWEzMTUtNjAwODE4NDdkMDU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
QDANBgkqhkiG9w0BAQsFAAOCAQEAcNz998cx8Jhx/+nsQgixTGLYnjq8L8frSMf+
gShcP9BzeoEUlNfrZUkVKlTK8sHJyuJQIDBIrEOTRhw1BNPu3JnLdoZSRYhfcjXX
NE9JGSzKsUBiqgRF3IibMF+b9vVFynyPdMyJwqIKr65+sT0DSHEanmORoWZDxBpO
OIcSIBFCbrlhRaxLssZcDB2UMWkc/Yq0AkDE4aW0cXt+1AFYv1byG3XFtak11EWE
yefTY7tqKpNjc92OLz6ULFvt99cGFoMUEjGLe/NyP4YmbcV4qvTp53HB5BL3svln
z7t9aW1HxAmCb6+vhOz0JggQ4wXQwrmdTDWmGMKuBsDEZ4rXVw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:23 2025 by rpki-client