Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
File: fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa (raw, json)
Hash identifier: q5Waul6Q2WGjW9QrhRAaAsdGok/r02cpNtWhmB+YG2I=
Subject key identifier: EB:AF:B3:9A:31:84:DE:95:23:23:25:7B:52:74:49:46:D6:08:16:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28D89CAD98B3E41003A67A46BBCC6C30432D8241
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
Signing time: Tue 21 Oct 2025 13:10:10 +0000
ROA not before: Tue 21 Oct 2025 13:10:10 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:d8:9c:ad:98:b3:e4:10:03:a6:7a:46:bb:cc:6c:30:43:2d:82:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:10:10 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=5179b9767cbe60044994f5380deb5deb02f32ba355be66a93a6384dac73d009d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8c:f8:75:11:a8:62:1f:92:e1:59:dc:a4:50:
64:d8:2c:c6:cf:86:bd:80:eb:98:ac:23:50:7a:92:
f8:44:69:e1:03:26:9f:be:d6:3c:4c:82:bc:cb:38:
16:cc:84:50:91:44:17:d7:33:54:be:7b:c1:9f:2c:
5a:a5:10:1d:1d:9f:85:69:68:86:9c:d2:fe:06:78:
04:5d:b3:31:d9:56:52:80:eb:0b:5b:7a:9d:29:cb:
f4:34:bc:6f:44:d8:29:87:13:fd:22:db:7a:d4:37:
ee:e6:3f:07:4f:bb:5d:10:f8:ec:90:cd:63:1f:e4:
33:ac:5d:0c:a9:fb:5a:35:b3:cc:76:30:77:20:cb:
5f:aa:17:6c:6b:47:a4:0e:f6:0e:5c:4b:54:1f:58:
69:fe:7b:fe:7a:6f:e0:73:82:73:1f:6e:b5:2c:e5:
26:a6:7c:f4:f2:99:83:21:78:9d:63:f5:fd:5a:a9:
4d:90:fa:6c:45:a5:63:30:67:ba:ab:20:6d:95:ef:
c1:fa:f8:30:3c:69:1f:af:ac:7b:3b:e8:ad:1d:ce:
7c:cf:dc:0e:aa:f1:fe:0d:87:3c:e3:90:02:30:57:
26:61:0f:80:2c:58:f9:76:81:81:6a:24:8e:7a:cb:
cb:26:3d:a0:3c:3b:d3:26:0d:89:18:c1:53:dd:dc:
8c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:AF:B3:9A:31:84:DE:95:23:23:25:7B:52:74:49:46:D6:08:16:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
5d:62:c6:1e:c1:30:bf:d9:c8:aa:83:eb:b2:b7:e5:2a:67:5e:
0f:72:0a:28:e4:3a:60:2a:85:8d:04:ae:ac:46:ff:76:4f:b0:
f7:00:f8:63:72:fc:ed:a9:43:72:2e:22:47:b7:27:a1:b2:6e:
11:1e:20:cf:07:76:66:2a:f5:f4:c3:19:ed:98:00:65:8e:1c:
59:c4:b1:3d:2b:17:aa:05:ed:fc:26:d6:32:02:85:61:03:e6:
f2:8d:22:9b:d0:ad:68:7a:e2:70:40:3b:e0:ba:30:d1:9c:a0:
74:49:5d:20:00:f6:f9:49:40:32:d4:16:7c:ff:c1:c2:db:1f:
83:93:45:58:0a:d5:10:cd:fc:4a:08:04:ab:7e:ae:4a:28:a4:
1d:32:56:c4:3e:ed:3b:ea:7e:d0:12:db:69:58:71:7d:72:26:
af:30:43:4c:da:db:85:45:24:71:99:df:13:bc:ab:6f:55:55:
2d:9d:4f:8a:05:2f:1e:3b:57:32:9c:17:7d:52:c9:48:8a:34:
b1:97:52:c6:ab:39:13:9b:82:9e:36:c6:0d:be:98:39:c8:d6:
e5:56:18:04:00:0a:50:58:d0:5e:0e:fe:dd:6b:de:aa:63:db:
22:27:12:99:94:f2:13:66:a5:2e:c5:01:8a:fe:40:02:08:0e:
14:d1:2f:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKNicrZiz5BADpnpGu8xsMEMtgkEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzEwMTBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxNzliOTc2N2NiZTYwMDQ0OTk0ZjUzODBkZWI1ZGViMDJmMzJiYTM1NWJl
NjZhOTNhNjM4NGRhYzczZDAwOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMeM+HURqGIfkuFZ3KRQZNgsxs+GvYDrmKwjUHqS+ERp4QMmn77WPEyCvMs4
FsyEUJFEF9czVL57wZ8sWqUQHR2fhWlohpzS/gZ4BF2zMdlWUoDrC1t6nSnL9DS8
b0TYKYcT/SLbetQ37uY/B0+7XRD47JDNYx/kM6xdDKn7WjWzzHYwdyDLX6oXbGtH
pA72DlxLVB9Yaf57/npv4HOCcx9utSzlJqZ89PKZgyF4nWP1/VqpTZD6bEWlYzBn
uqsgbZXvwfr4MDxpH6+sezvorR3OfM/cDqrx/g2HPOOQAjBXJmEPgCxY+XaBgWok
jnrLyyY9oDw70yYNiRjBU93cjGsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTrr7Oa
MYTelSMjJXtSdElG1ggWeDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmQzMjlhYjUtYWU1Yy00YjY4LWE0YzYtYjgyZjZlYTI5ZGQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBdYsYewTC/2ciqg+uyt+UqZ14Pcgoo5DpgKoWN
BK6sRv92T7D3APhjcvztqUNyLiJHtyehsm4RHiDPB3ZmKvX0wxntmABljhxZxLE9
KxeqBe38JtYyAoVhA+byjSKb0K1oeuJwQDvgujDRnKB0SV0gAPb5SUAy1BZ8/8HC
2x+Dk0VYCtUQzfxKCASrfq5KKKQdMlbEPu076n7QEttpWHF9ciavMENM2tuFRSRx
md8TvKtvVVUtnU+KBS8eO1cynBd9UslIijSxl1LGqzkTm4KeNsYNvpg5yNblVhgE
AApQWNBeDv7da96qY9siJxKZlPITZqUuxQGK/kACCA4U0S8k
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:09 2025 by rpki-client