Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1277c797-1181-445f-b798-ef72bbfc284c.roa
File: 1277c797-1181-445f-b798-ef72bbfc284c.roa (raw, json)
Hash identifier: k/mCPJOKKIWQ6C8OkdcXcjMAdF8lhInIiAOSo5ua0mo=
Subject key identifier: 9E:6A:97:D8:93:32:A0:9E:1B:5E:43:A2:54:BD:2C:9B:0C:58:36:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C59BC506B9A9C0A46312CB8C6761E4A9C91298A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1277c797-1181-445f-b798-ef72bbfc284c.roa
Signing time: Tue 04 Nov 2025 02:50:44 +0000
ROA not before: Tue 04 Nov 2025 02:50:44 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:59:bc:50:6b:9a:9c:0a:46:31:2c:b8:c6:76:1e:4a:9c:91:29:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:44 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=e894bca42805b8087ea9be198312efb9289c35d93a56b67504f355b9e6a0e432, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:26:4a:3c:dd:71:63:05:c5:be:e0:98:d5:73:
44:86:59:67:d9:cf:a3:d5:0b:f0:b0:f3:d8:f5:a8:
5c:a0:60:59:7d:58:da:dc:a7:f2:44:b6:22:da:f0:
92:14:ce:e5:4e:28:c4:e4:d3:5c:30:c4:f8:ef:a9:
8d:ab:ed:cd:c8:a1:a0:81:7d:79:a8:85:1e:54:05:
38:a3:5a:71:90:1e:65:6c:6b:78:d9:97:a3:2d:bc:
16:db:ce:70:cf:18:db:3a:15:72:0c:82:7f:13:3b:
d7:e4:ea:ad:7c:7c:56:c1:5a:d0:cb:8b:c8:3a:1d:
05:2c:50:72:1c:08:ec:e4:8e:9c:28:8d:e5:2a:9f:
18:c0:d8:31:87:b2:86:1b:28:32:8d:3b:54:09:c4:
b5:8a:bc:dd:e9:43:d7:05:d0:fa:c1:07:ac:58:3f:
fe:ee:3b:b7:4f:17:47:88:22:fc:c2:b7:2d:c5:c3:
21:62:1d:c6:ae:dd:a4:a5:30:e4:9d:21:9c:25:73:
1f:fa:6f:c5:e9:01:15:59:99:10:3d:92:c8:d1:6a:
bb:fe:2a:d3:4d:e5:7c:cd:0b:1e:ea:ac:e6:a0:4c:
ca:6c:3a:79:89:af:77:1f:32:28:3d:7e:04:8d:ed:
e5:34:49:f6:77:df:77:f8:e4:35:f2:04:50:4a:e2:
d4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6A:97:D8:93:32:A0:9E:1B:5E:43:A2:54:BD:2C:9B:0C:58:36:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1277c797-1181-445f-b798-ef72bbfc284c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:e000::/40
Signature Algorithm: sha256WithRSAEncryption
81:1c:34:cf:76:5c:f8:a1:f9:35:aa:04:2f:3b:54:47:2a:7b:
d3:a0:58:dd:34:74:10:3a:da:0a:da:9a:fe:73:8e:22:ec:98:
8b:7d:8b:68:9c:79:a4:d9:c9:11:27:eb:5e:cc:42:77:c3:ec:
30:18:85:4b:c4:05:8c:75:a4:90:fb:9a:42:42:75:97:f1:fc:
09:cf:4b:8a:f1:f8:69:63:20:71:2b:71:0e:4e:27:f4:9e:3d:
48:17:6d:42:05:a0:53:c0:11:e3:98:4b:fa:76:ce:c5:8e:4b:
6f:38:0a:1c:7d:80:b3:c8:08:eb:fe:2b:98:91:82:3b:bc:a7:
aa:5f:a3:79:d3:6b:70:02:4d:30:8f:07:0f:d2:2d:99:0a:cf:
8f:5b:a7:84:e7:10:51:ef:dd:32:54:15:97:31:50:f4:d2:dd:
9f:69:65:66:04:89:4b:3b:01:4b:a8:94:2e:a7:11:03:7b:07:
df:6d:20:66:b0:0d:6c:e9:90:9d:80:19:0c:5b:5f:24:ef:89:
46:70:0c:ab:f0:db:9f:3d:3e:ab:55:09:f3:c3:56:31:6e:df:
95:e2:f9:48:0c:a5:2c:cb:2e:fe:93:fd:b1:7e:12:32:2d:75:
2d:d3:ae:31:1c:c6:a5:fa:b8:ff:2b:25:fd:42:72:d1:03:9f:
c5:9e:88:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULFm8UGuanApGMSy4xnYeSpyRKYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwNDRaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4OTRiY2E0MjgwNWI4MDg3ZWE5YmUxOTgzMTJlZmI5Mjg5YzM1ZDkzYTU2
YjY3NTA0ZjM1NWI5ZTZhMGU0MzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsmSjzdcWMFxb7gmNVzRIZZZ9nPo9UL8LDz2PWoXKBgWX1Y2tyn8kS2Itrw
khTO5U4oxOTTXDDE+O+pjavtzcihoIF9eaiFHlQFOKNacZAeZWxreNmXoy28FtvO
cM8Y2zoVcgyCfxM71+TqrXx8VsFa0MuLyDodBSxQchwI7OSOnCiN5SqfGMDYMYey
hhsoMo07VAnEtYq83elD1wXQ+sEHrFg//u47t08XR4gi/MK3LcXDIWIdxq7dpKUw
5J0hnCVzH/pvxekBFVmZED2SyNFqu/4q003lfM0LHuqs5qBMymw6eYmvdx8yKD1+
BI3t5TRJ9nffd/jkNfIEUEri1FcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSeapfY
kzKgnhteQ6JUvSybDFg2FTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTI3N2M3OTctMTE4MS00NDVmLWI3OTgtZWY3MmJiZmMyODRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTg
MA0GCSqGSIb3DQEBCwUAA4IBAQCBHDTPdlz4ofk1qgQvO1RHKnvToFjdNHQQOtoK
2pr+c44i7JiLfYtonHmk2ckRJ+tezEJ3w+wwGIVLxAWMdaSQ+5pCQnWX8fwJz0uK
8fhpYyBxK3EOTif0nj1IF21CBaBTwBHjmEv6ds7FjktvOAocfYCzyAjr/iuYkYI7
vKeqX6N502twAk0wjwcP0i2ZCs+PW6eE5xBR790yVBWXMVD00t2faWVmBIlLOwFL
qJQupxEDewffbSBmsA1s6ZCdgBkMW18k74lGcAyr8NufPT6rVQnzw1Yxbt+V4vlI
DKUsyy7+k/2xfhIyLXUt064xHMal+rj/KyX9QnLRA5/Fnoih
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:46:46 2025 by rpki-client