Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
File: d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa (raw, json)
Hash identifier: pJkMv9gYt8xNurCEFdwonKiMcjV6Qwx13TQ2uWZsSz4=
Subject key identifier: 9C:EB:89:B1:95:B7:DD:7C:39:96:E9:D6:6F:B2:EC:BA:4B:16:30:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03229D6AD29846EC29C9533EA760DCE4B58D4015
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
Signing time: Fri 31 Oct 2025 00:40:09 +0000
ROA not before: Fri 31 Oct 2025 00:40:09 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:22:9d:6a:d2:98:46:ec:29:c9:53:3e:a7:60:dc:e4:b5:8d:40:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 00:40:09 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=b7fa87b5af9adb586b9dafad6f29fabfab9693ff2b8342b619ff54f3029dcf1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c3:e0:39:44:c6:7a:73:cb:50:1d:53:19:05:
94:83:fa:39:aa:30:2d:21:2b:ad:86:cc:47:d6:10:
f1:7d:28:38:5f:13:7f:7a:9b:53:9b:a2:c3:77:f1:
31:6d:8b:90:a6:ce:6d:09:b8:4c:f5:c3:76:2a:33:
06:24:de:90:dc:39:35:06:57:c6:f3:02:e4:f9:c3:
bf:39:17:6b:14:e0:d9:6a:fc:4c:b7:e9:3b:01:d7:
4d:6f:fd:e0:e5:86:01:2a:5d:58:5c:d3:0e:80:72:
ff:db:56:cf:08:db:28:73:5b:46:38:2c:fd:57:bc:
7e:b5:f3:2e:49:84:fe:02:96:6f:1e:a3:ce:26:72:
c5:48:fb:20:52:f5:43:97:ce:85:05:b3:9b:28:4d:
89:4d:12:06:61:90:26:05:0f:48:76:b9:93:f3:41:
45:a2:e8:47:57:08:6b:fc:ba:58:b9:3a:c9:ce:fe:
ae:23:31:7b:1a:f6:25:92:91:b8:65:ca:72:60:ad:
fc:a0:e6:3d:f5:84:c0:33:a5:51:65:6a:94:5d:c6:
25:86:64:4e:48:54:59:65:98:b5:55:ff:d7:71:ca:
2d:0b:02:e6:c3:24:ed:00:13:3b:38:2c:ab:32:0d:
38:8e:fa:55:a1:44:92:d9:c1:b9:ee:2f:f8:d0:0c:
e7:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:EB:89:B1:95:B7:DD:7C:39:96:E9:D6:6F:B2:EC:BA:4B:16:30:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:840::/46
Signature Algorithm: sha256WithRSAEncryption
70:5d:40:0c:e0:60:61:36:9b:a8:e5:af:ff:9b:e5:cc:d8:8d:
e2:6a:56:ec:23:fc:4a:fe:6c:0d:6e:49:3a:5d:fb:81:a3:c0:
48:b2:b8:7f:fe:47:98:77:69:0e:54:b1:b3:5d:ad:b0:da:e7:
28:06:38:61:3b:0e:11:69:dc:4b:a5:b2:47:48:71:71:65:f0:
d7:4c:79:a9:5b:d8:e8:8f:5e:6d:4d:84:1a:6b:15:ef:9b:a1:
5d:42:1f:0c:b9:77:81:20:56:95:4b:17:d1:a5:23:aa:70:8d:
15:5a:b4:23:8c:d8:47:74:d6:a5:70:c4:b4:9f:e5:a6:c1:f3:
cd:43:58:18:bc:82:a9:a6:98:19:2f:3b:4d:06:ec:78:43:53:
27:e7:6c:a1:12:18:41:9c:9f:85:60:5a:88:5d:e4:c3:56:9b:
e3:df:67:a9:f7:ee:1a:4f:17:fe:92:75:c5:d6:13:13:4b:e5:
9c:fc:74:b0:3a:49:cf:5f:92:2e:11:3d:44:ec:43:08:21:be:
8e:ce:31:a5:e4:30:62:2f:52:e5:cb:9d:b7:8e:17:4f:e8:54:
e5:c4:69:65:b2:9e:ed:7f:e6:e9:fb:a6:73:da:8b:d6:6a:58:
91:88:1c:3b:f0:0f:14:a3:b9:ee:4d:63:7f:43:f0:7d:02:05:
68:fa:07:3d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAyKdatKYRuwpyVM+p2Dc5LWNQBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMDQwMDlaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3ZmE4N2I1YWY5YWRiNTg2YjlkYWZhZDZmMjlmYWJmYWI5NjkzZmYyYjgz
NDJiNjE5ZmY1NGYzMDI5ZGNmMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXD4DlExnpzy1AdUxkFlIP6OaowLSErrYbMR9YQ8X0oOF8Tf3qbU5uiw3fx
MW2LkKbObQm4TPXDdiozBiTekNw5NQZXxvMC5PnDvzkXaxTg2Wr8TLfpOwHXTW/9
4OWGASpdWFzTDoBy/9tWzwjbKHNbRjgs/Ve8frXzLkmE/gKWbx6jziZyxUj7IFL1
Q5fOhQWzmyhNiU0SBmGQJgUPSHa5k/NBRaLoR1cIa/y6WLk6yc7+riMxexr2JZKR
uGXKcmCt/KDmPfWEwDOlUWVqlF3GJYZkTkhUWWWYtVX/13HKLQsC5sMk7QATOzgs
qzINOI76VaFEktnBue4v+NAM57ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSc64mx
lbfdfDmW6dZvsuy6SxYwPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDMxZTRiMWItMGZhOS00NTQ5LWE2ZmEtM2E2ZWI5NGVlZjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMI
QDANBgkqhkiG9w0BAQsFAAOCAQEAcF1ADOBgYTabqOWv/5vlzNiN4mpW7CP8Sv5s
DW5JOl37gaPASLK4f/5HmHdpDlSxs12tsNrnKAY4YTsOEWncS6WyR0hxcWXw10x5
qVvY6I9ebU2EGmsV75uhXUIfDLl3gSBWlUsX0aUjqnCNFVq0I4zYR3TWpXDEtJ/l
psHzzUNYGLyCqaaYGS87TQbseENTJ+dsoRIYQZyfhWBaiF3kw1ab499nqffuGk8X
/pJ1xdYTE0vlnPx0sDpJz1+SLhE9ROxDCCG+js4xpeQwYi9S5cudt44XT+hU5cRp
ZbKe7X/m6fumc9qL1mpYkYgcO/APFKO57k1jf0PwfQIFaPoHPQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:28:05 2025 by rpki-client