Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa
File: ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa (raw, json)
Hash identifier: 6xkNyifTNqOO7qk9QhiUrb1GhP+6pU1+DOmRbUdoDCI=
Subject key identifier: 06:63:DF:0C:DA:17:80:11:65:04:A2:94:DD:6E:A5:33:24:EC:72:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7912F496DEF2E2D5AB92F340FB6CCFDAABB84909
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa
Signing time: Tue 21 Oct 2025 14:21:01 +0000
ROA not before: Tue 21 Oct 2025 14:21:01 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:12:f4:96:de:f2:e2:d5:ab:92:f3:40:fb:6c:cf:da:ab:b8:49:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:21:01 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=739e66ca67e7dbc016b4e03490c69f24315ad4008f48dded2ff5f9513dacbf0e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4e:d7:03:ad:b6:57:01:ab:6e:5b:50:b7:b0:
e1:ad:b0:e0:b7:57:87:ad:c9:22:89:b9:9a:c6:fb:
9e:72:75:3d:bf:f4:95:24:fb:b9:a1:36:44:c3:a6:
b6:64:aa:f8:81:d0:2c:6d:01:84:fa:f2:3e:e4:86:
05:41:ef:b3:e8:17:9b:2b:52:67:db:67:6b:80:6d:
ef:4b:2a:59:71:df:cb:5a:7d:3c:0d:f4:77:31:b9:
e3:6d:98:f0:94:4e:eb:70:86:0c:89:ae:ba:1e:e9:
6e:df:7b:34:d5:3d:4c:1d:d0:50:32:d4:4f:db:48:
fe:67:33:85:58:c9:38:3d:de:1e:b0:2b:cb:d3:b4:
a1:90:e6:6e:40:71:f6:e0:bd:34:dc:4c:63:89:fd:
5d:94:de:0f:f6:ba:10:a7:20:6f:71:a8:20:65:0a:
79:33:c8:da:60:01:06:3f:fc:04:dc:d7:bd:0e:d1:
d4:14:26:14:86:52:d9:c6:96:1e:2f:7e:c4:1a:a0:
a2:a0:6c:23:dd:15:1c:7e:4c:05:15:12:49:82:39:
7e:47:22:a0:bd:ad:00:92:94:d5:39:ee:91:94:d4:
67:39:94:47:2e:6e:06:db:99:9b:d4:09:fb:1e:ce:
d3:b2:bb:30:b0:6d:4d:b2:a6:57:11:18:4d:17:bc:
9e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:63:DF:0C:DA:17:80:11:65:04:A2:94:DD:6E:A5:33:24:EC:72:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:b000::/40
Signature Algorithm: sha256WithRSAEncryption
a3:1c:2b:2b:93:b4:f0:af:cd:49:17:43:c6:e7:5d:08:07:8a:
63:f3:7a:22:89:73:29:ec:e6:0d:25:61:3e:e8:be:8d:ad:99:
72:83:24:fa:d1:55:d2:3e:85:54:db:ac:e8:b2:2b:fc:25:16:
f2:c6:f3:60:f6:1e:83:bf:ee:0b:2a:75:3d:54:0d:a4:df:e5:
c2:09:6d:7d:d3:c8:8b:0a:68:61:03:19:b0:42:15:48:71:cf:
82:50:32:3f:f7:7f:a0:f7:86:49:6f:6b:2d:f8:8e:4f:c9:3c:
08:5c:f6:cd:ff:a5:b6:28:27:26:36:68:92:04:ec:18:cb:86:
86:97:a2:2a:ae:b4:18:5a:f5:35:fa:68:3d:e6:64:02:d7:0f:
0d:65:9b:f5:9a:d3:be:f7:e5:18:1d:89:c0:fa:eb:fd:29:ee:
11:8a:66:cc:68:6f:55:b9:67:49:77:f3:0c:e6:e4:56:c3:c8:
db:ec:1f:1a:a8:81:52:24:ab:e7:a2:c6:a8:ff:dd:f6:a8:c8:
2c:59:f8:cc:0f:82:9f:91:49:64:bd:36:4f:d5:d5:d4:27:12:
a4:a6:2d:45:28:62:46:2f:b1:ed:bd:97:db:93:f5:23:79:af:
43:85:ae:1a:a8:20:ef:d7:77:72:1a:d2:f6:36:ba:6a:b6:ed:
ba:57:3e:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeRL0lt7y4tWrkvNA+2zP2qu4SQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIxMDFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDczOWU2NmNhNjdlN2RiYzAxNmI0ZTAzNDkwYzY5ZjI0MzE1YWQ0MDA4ZjQ4
ZGRlZDJmZjVmOTUxM2RhY2JmMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJhO1wOttlcBq25bULew4a2w4LdXh63JIom5msb7nnJ1Pb/0lST7uaE2RMOm
tmSq+IHQLG0BhPryPuSGBUHvs+gXmytSZ9tna4Bt70sqWXHfy1p9PA30dzG5422Y
8JRO63CGDImuuh7pbt97NNU9TB3QUDLUT9tI/mczhVjJOD3eHrAry9O0oZDmbkBx
9uC9NNxMY4n9XZTeD/a6EKcgb3GoIGUKeTPI2mABBj/8BNzXvQ7R1BQmFIZS2caW
Hi9+xBqgoqBsI90VHH5MBRUSSYI5fkcioL2tAJKU1TnukZTUZzmURy5uBtuZm9QJ
+x7O07K7MLBtTbKmVxEYTRe8nm8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGY98M
2heAEWUEopTdbqUzJOxyWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWJlMjMyZTktOGYwYS00MTI1LWI4M2MtNzk4OWUzOWZkZDk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2w
MA0GCSqGSIb3DQEBCwUAA4IBAQCjHCsrk7Twr81JF0PG510IB4pj83oiiXMp7OYN
JWE+6L6NrZlygyT60VXSPoVU26zosiv8JRbyxvNg9h6Dv+4LKnU9VA2k3+XCCW19
08iLCmhhAxmwQhVIcc+CUDI/93+g94ZJb2st+I5PyTwIXPbN/6W2KCcmNmiSBOwY
y4aGl6IqrrQYWvU1+mg95mQC1w8NZZv1mtO+9+UYHYnA+uv9Ke4RimbMaG9VuWdJ
d/MM5uRWw8jb7B8aqIFSJKvnosao/932qMgsWfjMD4KfkUlkvTZP1dXUJxKkpi1F
KGJGL7HtvZfbk/Ujea9Dha4aqCDv13dyGtL2Nrpqtu26Vz6c
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:21 2025 by rpki-client