Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6be02d-a1d0-4623-9c4b-9cec8272e2d7.roa
File: 2c6be02d-a1d0-4623-9c4b-9cec8272e2d7.roa (raw, json)
Hash identifier: kcz5WJA89+PYnIAhPAxkYrFVIZQzpuNxxIcjBu726bk=
Subject key identifier: 87:BF:4A:69:5C:DE:DD:A5:F4:6D:97:31:13:DC:DD:B0:E8:37:F8:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D3C577AF231FECFD5899F3E33E892603CD95B70
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6be02d-a1d0-4623-9c4b-9cec8272e2d7.roa
Signing time: Wed 29 Oct 2025 07:28:22 +0000
ROA not before: Wed 29 Oct 2025 07:28:22 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:3c:57:7a:f2:31:fe:cf:d5:89:9f:3e:33:e8:92:60:3c:d9:5b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:28:22 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=f36db2f7fec12f3c20efb267b3f9ccd8611d207398111b3214c95c3c30676696, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f0:4d:54:48:ea:97:38:d6:7d:a5:3e:88:07:
32:4a:f9:9c:d7:45:1f:28:d9:ac:4b:49:1a:2a:62:
e5:4d:a0:f9:2d:c4:25:14:d9:a0:66:b3:23:5c:80:
5c:86:a3:37:76:87:48:a3:69:ae:9a:6d:72:54:3b:
70:c2:0a:9b:af:98:18:1a:35:a7:d1:91:a2:67:c2:
05:c9:ab:65:0a:35:c6:ed:a5:10:f8:60:c8:8b:17:
e9:ab:fc:bc:8f:36:11:04:19:45:8f:ef:9c:de:70:
22:32:b1:78:e0:4e:b6:57:a1:a0:64:3d:6e:5b:96:
ff:20:2a:00:e3:28:d1:b4:6c:8d:8d:86:3c:55:2d:
ca:b3:29:ff:f1:df:97:41:be:18:b2:2c:b8:9d:fc:
88:0f:9d:05:02:46:3a:39:74:70:28:b4:24:14:c5:
2b:2b:8f:bc:68:4c:07:0c:ea:20:35:11:65:3d:79:
8d:96:32:62:9b:dc:d1:48:42:77:67:a9:a6:5c:58:
19:e8:1e:39:e5:81:2a:a5:e8:80:60:fa:52:a2:4c:
4d:28:04:f7:65:90:05:29:64:7d:09:c4:61:49:31:
72:9f:b0:fe:a5:ba:d8:cf:05:9e:1e:ec:e0:06:e4:
f4:9f:95:f4:37:7a:4c:8e:90:6d:8b:4b:cd:85:02:
0e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:BF:4A:69:5C:DE:DD:A5:F4:6D:97:31:13:DC:DD:B0:E8:37:F8:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6be02d-a1d0-4623-9c4b-9cec8272e2d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:8080::/48
Signature Algorithm: sha256WithRSAEncryption
c3:b2:ee:70:3f:b7:ab:6c:ce:07:8b:9a:55:b5:88:44:f3:7e:
34:eb:82:4c:cd:63:ae:3c:8d:c5:66:82:90:a0:2d:d9:2d:f6:
64:8a:c9:3e:7c:49:5c:cd:48:6b:23:d9:b4:40:8b:4c:b1:e7:
81:62:01:8d:0a:58:5b:90:11:37:77:d6:40:16:d6:f1:63:e8:
05:3b:37:ee:ca:94:c4:01:70:45:cd:92:ac:46:f8:36:2c:31:
70:7a:41:1b:5a:7d:a8:71:9c:28:ea:8f:7d:1c:51:f8:2b:87:
10:26:ad:90:99:ba:45:fc:69:98:d2:14:49:35:e6:03:2e:75:
c8:fb:32:9d:38:8c:53:48:cc:98:02:19:f6:60:f7:a6:32:54:
ac:8c:69:b8:78:fb:1b:05:32:56:c9:ea:f9:07:2f:4d:ca:3f:
a5:56:59:b9:e9:76:71:27:bf:73:9c:ce:fd:3e:4a:2d:49:75:
7a:3d:13:28:92:78:9e:9a:2d:c0:a0:d4:83:35:66:c4:8e:80:
b6:36:1e:53:4e:8f:ee:15:85:b1:f6:db:8b:e4:49:62:fb:a7:
0c:45:d4:9f:c4:30:8a:b0:dd:5b:6b:9c:5f:4e:b6:09:9b:d8:
60:3d:1a:35:73:42:c8:f3:57:62:b0:64:8c:23:bc:73:24:a4:
72:bd:df:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTTxXevIx/s/ViZ8+M+iSYDzZW3AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzI4MjJaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzNmRiMmY3ZmVjMTJmM2MyMGVmYjI2N2IzZjljY2Q4NjExZDIwNzM5ODEx
MWIzMjE0Yzk1YzNjMzA2NzY2OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7wTVRI6pc41n2lPogHMkr5nNdFHyjZrEtJGipi5U2g+S3EJRTZoGazI1yA
XIajN3aHSKNprpptclQ7cMIKm6+YGBo1p9GRomfCBcmrZQo1xu2lEPhgyIsX6av8
vI82EQQZRY/vnN5wIjKxeOBOtlehoGQ9bluW/yAqAOMo0bRsjY2GPFUtyrMp//Hf
l0G+GLIsuJ38iA+dBQJGOjl0cCi0JBTFKyuPvGhMBwzqIDURZT15jZYyYpvc0UhC
d2epplxYGegeOeWBKqXogGD6UqJMTSgE92WQBSlkfQnEYUkxcp+w/qW62M8Fnh7s
4Abk9J+V9Dd6TI6QbYtLzYUCDjkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSHv0pp
XN7dpfRtlzET3N2w6Df4gDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM2YmUwMmQtYTFkMC00NjIzLTljNGItOWNlYzgyNzJlMmQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GqA
gDANBgkqhkiG9w0BAQsFAAOCAQEAw7LucD+3q2zOB4uaVbWIRPN+NOuCTM1jrjyN
xWaCkKAt2S32ZIrJPnxJXM1IayPZtECLTLHngWIBjQpYW5ARN3fWQBbW8WPoBTs3
7sqUxAFwRc2SrEb4NiwxcHpBG1p9qHGcKOqPfRxR+CuHECatkJm6RfxpmNIUSTXm
Ay51yPsynTiMU0jMmAIZ9mD3pjJUrIxpuHj7GwUyVsnq+QcvTco/pVZZuel2cSe/
c5zO/T5KLUl1ej0TKJJ4npotwKDUgzVmxI6AtjYeU06P7hWFsfbbi+RJYvunDEXU
n8QwirDdW2ucX062CZvYYD0aNXNCyPNXYrBkjCO8cySkcr3frg==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:46 2025 by rpki-client