Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
File: f51bf20f-531a-411e-baff-37a38bc29ce9.roa (raw, json)
Hash identifier: nXzvxO8zM1/dOieIoQvB3iFwwoJzalIR0FX8+1lCbWI=
Subject key identifier: 72:0A:10:9A:B8:69:EA:B0:18:DE:D0:08:0F:8F:9E:8D:B7:35:8D:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2CF788ED8A3BE0C3ADC2A389FD15F42EBCBC8043
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
Signing time: Tue 21 Oct 2025 14:00:40 +0000
ROA not before: Tue 21 Oct 2025 14:00:40 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:f7:88:ed:8a:3b:e0:c3:ad:c2:a3:89:fd:15:f4:2e:bc:bc:80:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:00:40 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=eaf23a3b68095c5dcd94df3467c11a0b26821bc87a3964b622295a74ad266455, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b5:2e:5d:c5:ff:d1:b1:77:fa:1e:4e:45:1a:
aa:7a:15:14:c3:9a:72:41:3b:60:19:00:c7:89:82:
cc:a3:5b:b3:f3:83:c9:d9:99:18:fc:36:59:bd:d7:
d0:d6:85:a7:8b:d0:17:2a:79:c4:e6:95:3f:7c:eb:
8b:87:62:e5:4b:7f:3e:c6:60:e9:55:49:25:48:dd:
97:da:e7:ef:6d:22:ae:b8:bc:d1:19:5f:9a:5c:96:
e9:e6:42:60:8b:f2:2c:3b:1b:67:af:50:1d:f3:aa:
9b:2d:76:a4:e2:a6:3c:dc:e9:76:15:53:4d:cc:bd:
16:9c:fb:17:92:1a:44:06:4f:cb:2d:21:45:16:e9:
4d:bc:f7:30:bb:67:4a:af:e0:1e:98:45:0d:3d:d2:
4d:80:32:89:eb:35:69:41:81:a7:e1:90:69:4f:83:
47:81:db:ac:09:b8:7f:6a:d6:ef:6e:24:b3:94:11:
33:89:8e:09:5a:47:73:cd:08:16:c9:b5:9d:df:40:
90:3b:54:c0:ce:8b:f1:63:2b:9e:65:c5:f9:8e:ef:
67:29:76:ad:0b:2b:f7:8e:04:93:f1:d8:af:40:5f:
29:a4:62:96:54:8e:e0:3a:aa:bd:89:5b:c5:6c:8d:
03:87:1b:c1:75:c9:43:30:85:30:81:6d:ee:98:de:
eb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0A:10:9A:B8:69:EA:B0:18:DE:D0:08:0F:8F:9E:8D:B7:35:8D:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8020::/48
Signature Algorithm: sha256WithRSAEncryption
a0:3e:0a:ba:c4:40:0b:57:6d:2a:4a:de:55:a0:6c:48:dc:90:
a3:a1:93:68:48:89:60:7e:f9:b6:9c:ed:f2:57:0f:44:bf:08:
48:37:b6:5e:bb:d5:6f:7d:d9:58:a1:81:a3:43:99:b2:33:8d:
37:ad:cc:be:e5:19:5e:06:e3:cf:c7:58:c5:59:2a:83:fb:55:
f3:e6:79:f7:78:77:48:07:10:56:07:0c:a2:15:90:85:53:f7:
6c:d1:1c:d6:2a:a2:e8:f2:02:44:cd:41:32:75:bd:b3:ff:99:
65:9b:5c:9f:01:68:b4:17:8a:c9:2b:14:87:3e:56:b0:9d:37:
ed:77:86:2b:4d:a4:d6:8a:8a:2e:cb:91:f1:15:44:2c:1c:40:
31:4f:61:e2:52:34:2c:e8:cc:b4:a6:3e:28:84:36:fd:bd:73:
73:9d:9a:9b:45:84:bd:ec:a7:46:9b:fe:6b:d7:fc:91:6c:6c:
50:91:92:da:b3:4f:8a:8a:d5:38:10:a5:d0:8c:c4:a8:4d:9c:
5f:ff:85:1d:1d:6a:09:4d:2d:57:ff:12:90:02:98:6d:e0:58:
87:97:62:3a:1a:69:f4:3e:48:bd:af:91:8e:b0:50:ef:8f:fb:
38:94:c7:07:60:86:3f:62:c5:bf:ff:93:a3:ec:ba:dc:ef:6c:
a0:6c:99:b2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULPeI7Yo74MOtwqOJ/RX0Lry8gEMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDAwNDBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhZjIzYTNiNjgwOTVjNWRjZDk0ZGYzNDY3YzExYTBiMjY4MjFiYzg3YTM5
NjRiNjIyMjk1YTc0YWQyNjY0NTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMy1Ll3F/9Gxd/oeTkUaqnoVFMOackE7YBkAx4mCzKNbs/ODydmZGPw2Wb3X
0NaFp4vQFyp5xOaVP3zri4di5Ut/PsZg6VVJJUjdl9rn720irri80RlfmlyW6eZC
YIvyLDsbZ69QHfOqmy12pOKmPNzpdhVTTcy9Fpz7F5IaRAZPyy0hRRbpTbz3MLtn
Sq/gHphFDT3STYAyies1aUGBp+GQaU+DR4HbrAm4f2rW724ks5QRM4mOCVpHc80I
Fsm1nd9AkDtUwM6L8WMrnmXF+Y7vZyl2rQsr944Ek/HYr0BfKaRillSO4DqqvYlb
xWyNA4cbwXXJQzCFMIFt7pje64kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRyChCa
uGnqsBje0AgPj56NtzWNQjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjUxYmYyMGYtNTMxYS00MTFlLWJhZmYtMzdhMzhiYzI5Y2U5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
IDANBgkqhkiG9w0BAQsFAAOCAQEAoD4KusRAC1dtKkreVaBsSNyQo6GTaEiJYH75
tpzt8lcPRL8ISDe2XrvVb33ZWKGBo0OZsjONN63MvuUZXgbjz8dYxVkqg/tV8+Z5
93h3SAcQVgcMohWQhVP3bNEc1iqi6PICRM1BMnW9s/+ZZZtcnwFotBeKySsUhz5W
sJ037XeGK02k1oqKLsuR8RVELBxAMU9h4lI0LOjMtKY+KIQ2/b1zc52am0WEveyn
Rpv+a9f8kWxsUJGS2rNPiorVOBCl0IzEqE2cX/+FHR1qCU0tV/8SkAKYbeBYh5di
Ohpp9D5Iva+RjrBQ74/7OJTHB2CGP2LFv/+To+y63O9soGyZsg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:12:01 2025 by rpki-client