Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa
File: f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa (raw, json)
Hash identifier: Z+qynhgT+fZHKVhMPE/uRQq23ZTDEK3Etbv0B6hlKN0=
Subject key identifier: 6C:C0:FA:18:16:49:05:2E:6B:4C:8E:20:73:53:EF:F2:5C:7E:7D:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C2CC329E71B13E21758C741D0857FFE42AB5264
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa
Signing time: Sat 01 Nov 2025 00:00:06 +0000
ROA not before: Sat 01 Nov 2025 00:00:06 +0000
ROA not after: Sat 06 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:f080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:2c:c3:29:e7:1b:13:e2:17:58:c7:41:d0:85:7f:fe:42:ab:52:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 1 00:00:06 2025 GMT
Not After : Dec 6 23:59:59 2025 GMT
Subject: serialNumber=cb3b34663632767926ef274930c78b6f4dcd0ac7340f8d96449be81695af7a15, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3c:cc:b8:d4:c4:8d:87:2f:cd:6d:1b:ec:49:
e6:ad:73:17:a2:26:58:d8:bc:17:22:f2:dd:20:55:
68:57:6f:81:8e:02:df:83:d6:01:d5:a6:7b:e1:62:
b4:d8:16:a0:cf:3f:bb:63:da:88:95:b1:95:db:5c:
cd:73:48:e8:56:60:f3:0e:d8:9f:db:4f:90:39:75:
c2:dd:7d:d0:f7:a7:cf:00:d9:92:44:ad:4d:95:f9:
b9:bf:92:88:b2:0e:e4:2d:a8:29:48:85:53:b9:a1:
b9:52:22:20:f5:c1:0b:f8:f4:16:aa:5d:f2:eb:b8:
15:43:93:f9:16:36:37:1d:4a:97:4e:4f:3e:72:c5:
74:46:09:2d:c9:61:00:07:b2:9c:47:82:80:53:41:
f3:8d:e1:70:cc:83:b8:48:83:46:0f:77:10:ac:4a:
80:da:bd:2b:1e:4c:f6:23:e2:6d:5b:66:cd:f2:4e:
ad:71:31:d2:3c:8a:58:41:68:bb:dd:c9:fb:29:2f:
84:10:b8:27:e4:6a:57:62:95:de:91:d2:91:81:f1:
5c:b0:f1:5f:f9:36:dc:9c:0c:77:50:5a:7b:d5:ef:
92:0a:d5:5d:f7:65:46:3f:99:e8:0c:60:f6:0c:37:
b7:7e:89:75:c1:ac:d2:bc:d0:f3:15:5b:66:83:36:
58:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C0:FA:18:16:49:05:2E:6B:4C:8E:20:73:53:EF:F2:5C:7E:7D:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:f080::/48
Signature Algorithm: sha256WithRSAEncryption
6b:ba:08:6b:5a:88:66:31:bc:b4:82:65:8e:ed:7c:29:12:5e:
bd:9f:19:a7:66:d9:7c:df:3b:db:91:ed:d6:57:ab:5b:c2:70:
4f:8c:5e:8c:36:22:36:b0:f6:cc:40:d8:28:51:7e:f7:45:e7:
74:5b:82:d3:cd:70:67:98:2b:24:fb:cc:12:5f:80:64:9e:7d:
9a:9f:6c:3d:e3:91:5c:7c:6a:8d:5e:1d:23:07:15:a8:c6:12:
34:9c:0b:25:10:69:dc:a7:06:90:3e:58:69:1e:f8:ac:dc:62:
4c:4a:f9:25:0f:2c:2b:f0:8d:78:19:15:6d:7c:2c:a5:18:a4:
01:eb:b4:94:b8:fb:6c:86:f9:57:9b:d3:5c:7c:09:25:49:6d:
1e:fd:22:1f:84:e9:15:bb:a0:3d:a1:ef:c8:eb:94:03:af:ad:
64:b9:dc:96:a7:80:c6:3b:f8:3a:4b:7c:b9:88:c8:83:07:2a:
58:ce:6b:73:da:3e:5c:cc:36:6b:4a:9b:f3:91:5d:19:54:48:
a3:50:b3:db:17:33:ea:a8:97:c2:d8:90:ea:48:da:1a:b9:44:
93:09:d2:25:64:fb:76:25:27:6c:b7:89:f2:59:07:b4:e8:cf:
4f:25:49:7d:cd:43:66:70:64:86:2b:57:b0:d9:4f:d3:95:2d:
48:b6:8d:47
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXCzDKecbE+IXWMdB0IV//kKrUmQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDEwMDAwMDZaFw0yNTEyMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiM2IzNDY2MzYzMjc2NzkyNmVmMjc0OTMwYzc4YjZmNGRjZDBhYzczNDBm
OGQ5NjQ0OWJlODE2OTVhZjdhMTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMg8zLjUxI2HL81tG+xJ5q1zF6ImWNi8FyLy3SBVaFdvgY4C34PWAdWme+Fi
tNgWoM8/u2PaiJWxldtczXNI6FZg8w7Yn9tPkDl1wt190PenzwDZkkStTZX5ub+S
iLIO5C2oKUiFU7mhuVIiIPXBC/j0Fqpd8uu4FUOT+RY2Nx1Kl05PPnLFdEYJLclh
AAeynEeCgFNB843hcMyDuEiDRg93EKxKgNq9Kx5M9iPibVtmzfJOrXEx0jyKWEFo
u93J+ykvhBC4J+RqV2KV3pHSkYHxXLDxX/k23JwMd1Bae9XvkgrVXfdlRj+Z6Axg
9gw3t36JdcGs0rzQ8xVbZoM2WFUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRswPoY
FkkFLmtMjiBzU+/yXH59/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjI5OGM5ZDEtNWY1ZS00YTJhLWEyMDMtMjllMmNiZGIzNzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/w
gDANBgkqhkiG9w0BAQsFAAOCAQEAa7oIa1qIZjG8tIJlju18KRJevZ8Zp2bZfN87
25Ht1lerW8JwT4xejDYiNrD2zEDYKFF+90XndFuC081wZ5grJPvMEl+AZJ59mp9s
PeORXHxqjV4dIwcVqMYSNJwLJRBp3KcGkD5YaR74rNxiTEr5JQ8sK/CNeBkVbXws
pRikAeu0lLj7bIb5V5vTXHwJJUltHv0iH4TpFbugPaHvyOuUA6+tZLnclqeAxjv4
Okt8uYjIgwcqWM5rc9o+XMw2a0qb85FdGVRIo1Cz2xcz6qiXwtiQ6kjaGrlEkwnS
JWT7diUnbLeJ8lkHtOjPTyVJfc1DZnBkhitXsNlP05UtSLaNRw==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:40 2025 by rpki-client