Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa
File: 8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa (raw, json)
Hash identifier: BuRDb46SBitAElHSNrVIo/P255pSsiCwWQL18TSnDHg=
Subject key identifier: 97:29:5E:FB:56:F8:61:DC:FC:B2:94:BA:AB:70:11:D8:F4:54:A1:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61EBEDAAE4E3B489592326FCFCE974CF853A70C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa
Signing time: Fri 31 Oct 2025 01:40:05 +0000
ROA not before: Fri 31 Oct 2025 01:40:05 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:eb:ed:aa:e4:e3:b4:89:59:23:26:fc:fc:e9:74:cf:85:3a:70:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 01:40:05 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=c0ebaadb924306c57035c6ca7ac2a6c28224b957b4605dd1f13b0c474a610ca5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3b:2b:c8:7b:74:8e:60:25:c5:69:e4:ef:b5:
62:ce:f8:c9:87:b6:b5:36:2b:f8:c2:3c:e6:8d:39:
fc:ae:13:89:20:36:a5:6d:12:31:ee:48:e4:68:e5:
fd:fe:f3:41:73:86:7c:89:64:9a:e3:c4:69:ad:9d:
bc:73:25:65:d9:b8:89:b4:da:42:d7:b2:e0:8d:b4:
34:fb:ad:d7:90:b5:3a:3f:15:18:e9:6b:d3:f9:e3:
3d:0f:86:d9:60:61:4f:0f:e8:d5:e5:63:16:63:f5:
4e:b4:d5:a7:db:cc:8d:41:0e:6f:5f:2f:b1:e5:25:
b3:df:89:6a:96:03:d6:73:ea:4c:32:fb:68:3e:9d:
9a:d2:1c:30:a0:16:89:5c:8b:f5:cb:f3:f6:13:04:
5b:02:ed:12:02:ef:d5:0e:e0:d8:93:87:ec:99:43:
1e:87:14:5f:7a:82:af:72:64:94:c3:28:48:93:fc:
56:9e:4c:45:b6:e6:b2:1a:f1:6e:5f:4c:0f:00:ac:
9e:17:ac:80:8f:ec:e0:a2:b5:9c:6c:70:94:65:54:
33:d0:98:5d:f8:02:c4:9d:95:ca:94:dd:69:ef:6c:
a5:ca:b2:30:89:43:ae:60:1d:0d:c9:e1:8d:b6:b2:
7a:dc:5f:41:46:e5:d4:09:49:64:23:5a:09:b3:26:
30:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:29:5E:FB:56:F8:61:DC:FC:B2:94:BA:AB:70:11:D8:F4:54:A1:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:0f:6e:f7:31:fa:cc:cb:e1:b9:e6:27:cd:2b:37:5d:25:07:
20:a2:76:35:6d:94:ad:e1:12:c6:14:54:cc:f9:e1:7f:78:94:
67:55:cc:a6:46:a7:12:c9:a8:2b:87:f1:d8:43:08:10:52:cd:
63:08:b2:b0:52:1d:a7:73:45:29:f1:a8:7f:96:5d:33:5d:da:
5d:d7:16:5f:89:ac:e0:f5:9d:b4:28:24:94:99:d6:d6:23:49:
c2:19:0f:33:17:25:ff:e2:c9:c2:5a:fd:29:d2:96:04:ad:e3:
db:bf:cf:27:e1:18:ff:b4:e4:e5:a2:e9:b1:75:8c:a4:a0:3f:
41:33:23:78:0e:1e:4a:41:f1:3e:9b:56:17:c0:fb:1a:f0:c5:
e9:ec:5c:33:97:1d:c9:f4:68:27:45:be:1c:04:cd:7c:fb:24:
5e:91:7b:ee:0d:fe:3d:fc:d6:e9:08:c4:44:6b:0f:81:69:fc:
94:ad:b0:8b:81:71:0a:d7:8b:dc:62:2c:8b:41:7b:e4:9e:20:
8d:2a:05:3e:b2:14:90:cd:0c:8c:34:2d:02:3c:d4:1f:7f:69:
33:68:89:71:e0:2e:a8:5c:d9:4b:0d:37:e2:5d:14:fc:ef:f1:
21:09:89:a0:f8:38:a9:46:2b:d3:12:ee:df:55:13:63:d0:37:
a4:c6:13:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYevtquTjtIlZIyb8/Ol0z4U6cMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMTQwMDVaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwZWJhYWRiOTI0MzA2YzU3MDM1YzZjYTdhYzJhNmMyODIyNGI5NTdiNDYw
NWRkMWYxM2IwYzQ3NGE2MTBjYTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ47K8h7dI5gJcVp5O+1Ys74yYe2tTYr+MI85o05/K4TiSA2pW0SMe5I5Gjl
/f7zQXOGfIlkmuPEaa2dvHMlZdm4ibTaQtey4I20NPut15C1Oj8VGOlr0/njPQ+G
2WBhTw/o1eVjFmP1TrTVp9vMjUEOb18vseUls9+JapYD1nPqTDL7aD6dmtIcMKAW
iVyL9cvz9hMEWwLtEgLv1Q7g2JOH7JlDHocUX3qCr3JklMMoSJP8Vp5MRbbmshrx
bl9MDwCsnhesgI/s4KK1nGxwlGVUM9CYXfgCxJ2VypTdae9spcqyMIlDrmAdDcnh
jbayetxfQUbl1AlJZCNaCbMmMHsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSXKV77
Vvhh3PyylLqrcBHY9FShPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGY2Y2FiNmYtNDRiZS00ZjgwLTkwNDAtYzJmOWFiMGUwNTc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOA
MA0GCSqGSIb3DQEBCwUAA4IBAQA+D273MfrMy+G55ifNKzddJQcgonY1bZSt4RLG
FFTM+eF/eJRnVcymRqcSyagrh/HYQwgQUs1jCLKwUh2nc0Up8ah/ll0zXdpd1xZf
iazg9Z20KCSUmdbWI0nCGQ8zFyX/4snCWv0p0pYErePbv88n4Rj/tOTloumxdYyk
oD9BMyN4Dh5KQfE+m1YXwPsa8MXp7Fwzlx3J9GgnRb4cBM18+yRekXvuDf49/Nbp
CMREaw+BafyUrbCLgXEK14vcYiyLQXvkniCNKgU+shSQzQyMNC0CPNQff2kzaIlx
4C6oXNlLDTfiXRT87/EhCYmg+DipRivTEu7fVRNj0DekxhPD
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:14:27 2025 by rpki-client