Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
File: ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa (raw, json)
Hash identifier: NC0EC8EWzhm8CanoJveOF7F27LK5eG1UrObUCT1eeaE=
Subject key identifier: 49:B1:92:9B:9D:A4:8E:CC:A5:5E:03:29:E9:2B:4F:67:24:D6:28:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BEE5A9F8E4C5A6039FE26859A660C089E8A2EB6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
Signing time: Tue 21 Oct 2025 13:20:53 +0000
ROA not before: Tue 21 Oct 2025 13:20:53 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:ee:5a:9f:8e:4c:5a:60:39:fe:26:85:9a:66:0c:08:9e:8a:2e:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:53 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=cf082f26689f21eb2f9cc54e09a89322e8aa7a19e8b5f6fb6aff6f5aa0222337, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:eb:80:12:ce:4e:4e:1a:30:7f:b1:3b:19:7e:
21:d2:f3:35:1a:90:2a:e0:56:04:7a:c0:ad:c4:e6:
86:5d:b0:a4:9f:2e:a8:a3:4f:9c:2f:fc:c7:89:87:
b5:27:f8:6f:4e:09:52:31:71:5e:ae:6e:64:a0:49:
90:ad:25:4a:1b:91:8a:c8:79:54:5b:af:1d:d3:91:
70:22:b8:e4:fc:10:e2:35:6d:39:a4:c5:44:9e:5e:
d5:a6:7a:42:3f:75:76:d6:a9:bd:6d:d6:5c:64:86:
09:6a:c8:2b:63:5e:9a:dd:34:41:bc:57:06:64:06:
48:d0:d9:ee:e8:f7:0b:92:0d:67:51:5e:9c:6a:aa:
d5:b4:46:f5:b8:6d:03:9c:f2:d5:07:4e:68:ee:f5:
cc:45:14:bd:37:2d:25:82:42:fd:85:d5:0d:bb:ea:
28:47:76:dc:c2:b3:99:c1:48:9b:e3:b2:d8:e4:7b:
4a:6e:62:a9:01:df:d6:04:d5:69:b6:58:51:bf:76:
bf:2a:8e:60:2f:3e:8e:89:91:59:c4:59:e4:10:78:
66:e1:70:af:27:b3:b7:e1:bf:98:b4:e0:9d:21:72:
3f:64:04:9e:ac:01:72:17:59:3f:53:93:d6:4a:0e:
e3:60:ff:44:44:0f:17:24:6e:9f:cf:43:2e:1b:98:
52:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B1:92:9B:9D:A4:8E:CC:A5:5E:03:29:E9:2B:4F:67:24:D6:28:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
9f:3a:b3:30:b0:30:c6:f7:11:66:43:dc:2f:b5:4f:5a:2d:28:
df:cb:5e:38:e7:b4:ec:8b:13:76:fe:8d:f9:f5:69:32:0e:de:
eb:34:43:c9:8c:3c:61:12:6b:fb:b8:fb:f3:f2:c8:45:a4:df:
b0:98:c9:90:90:6d:a1:2b:7e:07:3d:f1:16:ab:9e:ef:4b:6d:
15:2d:6f:4d:0a:9c:7a:8c:65:32:d3:fe:a7:77:97:85:de:30:
bd:0d:f6:bb:26:ac:eb:1f:d0:28:ea:b7:de:dc:eb:e9:12:3e:
ff:1a:43:10:2c:b4:1b:20:9a:b1:66:0b:4f:81:26:56:5c:8b:
b7:dc:30:0b:51:a8:3d:9b:8c:06:a2:6c:8e:9e:cd:10:b7:b5:
54:f5:b9:68:95:a4:61:4a:dd:aa:0f:0c:cc:e6:0c:8f:2c:7a:
15:48:e9:bf:67:8d:d8:70:a7:b1:42:8b:81:77:02:dc:51:a6:
83:26:fb:55:7a:bf:65:11:cd:1e:16:74:f2:7c:22:1a:4e:53:
91:60:70:63:bc:7f:f4:37:13:9d:01:e9:eb:53:fd:d5:b4:1b:
ef:9e:bd:d5:ed:cb:c8:ac:6a:60:7b:59:c8:71:b9:bd:69:9a:
d8:2d:81:30:20:77:52:ac:da:2c:23:68:c0:9e:9d:51:2c:ee:
5f:36:65:ef
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW+5an45MWmA5/iaFmmYMCJ6KLrYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwNTNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmMDgyZjI2Njg5ZjIxZWIyZjljYzU0ZTA5YTg5MzIyZThhYTdhMTllOGI1
ZjZmYjZhZmY2ZjVhYTAyMjIzMzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/rgBLOTk4aMH+xOxl+IdLzNRqQKuBWBHrArcTmhl2wpJ8uqKNPnC/8x4mH
tSf4b04JUjFxXq5uZKBJkK0lShuRish5VFuvHdORcCK45PwQ4jVtOaTFRJ5e1aZ6
Qj91dtapvW3WXGSGCWrIK2Nemt00QbxXBmQGSNDZ7uj3C5INZ1FenGqq1bRG9bht
A5zy1QdOaO71zEUUvTctJYJC/YXVDbvqKEd23MKzmcFIm+Oy2OR7Sm5iqQHf1gTV
abZYUb92vyqOYC8+jomRWcRZ5BB4ZuFwryezt+G/mLTgnSFyP2QEnqwBchdZP1OT
1koO42D/REQPFyRun89DLhuYUlUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJsZKb
naSOzKVeAynpK09nJNYoYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmZkYzNkYTEtMmVjNy00MTFlLTk1NTAtYjdjOTU2ZmI0NmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9A
MA0GCSqGSIb3DQEBCwUAA4IBAQCfOrMwsDDG9xFmQ9wvtU9aLSjfy14457TsixN2
/o359WkyDt7rNEPJjDxhEmv7uPvz8shFpN+wmMmQkG2hK34HPfEWq57vS20VLW9N
Cpx6jGUy0/6nd5eF3jC9Dfa7JqzrH9Ao6rfe3OvpEj7/GkMQLLQbIJqxZgtPgSZW
XIu33DALUag9m4wGomyOns0Qt7VU9blolaRhSt2qDwzM5gyPLHoVSOm/Z43YcKex
QouBdwLcUaaDJvtVer9lEc0eFnTyfCIaTlORYHBjvH/0NxOdAenrU/3VtBvvnr3V
7cvIrGpge1nIcbm9aZrYLYEwIHdSrNosI2jAnp1RLO5fNmXv
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:29 2025 by rpki-client