Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa
File: 0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa (raw, json)
Hash identifier: vRiTpOqvdIx5YtnrWDsa1Ycoi+nVuI5LnXlehvS3CXo=
Subject key identifier: FA:2D:8E:3C:DA:F9:7D:00:E1:37:DC:A9:A7:2E:D2:A1:7E:8B:06:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DB6F1DC35491497EC8DE7B1B11E1324BA331DD7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa
Signing time: Fri 26 Sep 2025 18:51:01 +0000
ROA not before: Fri 26 Sep 2025 18:51:01 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:b6:f1:dc:35:49:14:97:ec:8d:e7:b1:b1:1e:13:24:ba:33:1d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:51:01 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=97b9bcf20abbd1637e6a88e6bc207c9b2581f29135fbe81137c0fddbaa02766b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:60:aa:c2:0b:56:97:56:4f:32:ab:0c:54:a8:
70:c7:77:29:58:61:6c:85:2a:37:5e:d7:5f:7f:5e:
8b:2f:c5:4d:3e:96:0f:5a:ce:1e:c5:b7:7f:38:8f:
e1:ea:57:ed:3d:4c:26:c9:c4:5b:ba:f5:56:32:9c:
96:cc:8f:f0:55:b1:ce:be:88:b8:52:f4:96:d6:de:
1f:3e:e4:d0:5d:b2:14:fc:1a:6f:3d:09:0e:52:17:
46:dc:a5:0c:4e:7a:f8:46:3a:41:df:ee:4c:4d:f2:
8f:af:2e:bb:2a:be:b6:20:15:ca:d2:b0:ed:08:c8:
b1:18:46:be:e9:e6:c7:1c:5a:14:e2:06:7a:61:8b:
72:63:5d:ef:dd:b6:a2:23:ee:4f:7e:5c:d5:02:87:
d8:2a:64:d0:9d:27:1b:10:9a:73:71:42:7b:10:4e:
46:fc:c3:d3:ac:d9:54:34:40:dd:57:8f:dd:02:a3:
47:c8:e1:36:4b:83:22:03:58:ec:c6:99:e5:80:80:
20:86:38:56:06:ba:f3:4c:cb:c4:ff:58:40:0f:a5:
d1:c2:a5:bc:31:93:31:61:b4:a2:37:8c:13:83:d9:
99:7c:15:e3:fc:10:c5:a8:7d:c3:dd:fa:4a:fa:dd:
9d:18:4f:58:5b:a5:73:4e:ed:4e:f9:d6:c5:3a:7e:
19:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2D:8E:3C:DA:F9:7D:00:E1:37:DC:A9:A7:2E:D2:A1:7E:8B:06:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a040::/48
Signature Algorithm: sha256WithRSAEncryption
14:69:9d:04:6f:eb:6f:b2:5b:d9:c4:61:d1:f6:56:14:3c:7d:
b1:df:ba:b8:39:02:2a:87:ef:c4:db:3d:74:c5:98:fd:cf:27:
81:c8:5e:61:41:65:c6:e3:f3:e8:a8:e1:35:de:7d:7e:aa:ed:
02:6b:dd:f8:ca:64:e0:3a:f5:34:ca:6f:bf:2a:53:93:3c:ff:
64:3b:17:55:29:2f:de:5a:aa:e1:93:64:89:c8:98:ae:61:47:
31:01:00:f9:6a:81:4b:fe:25:78:9b:eb:ff:c6:3f:da:eb:7f:
6f:f5:3a:87:28:74:f1:e4:21:c8:54:5d:0c:d4:c9:fa:43:3c:
ab:4f:1e:6b:13:d3:ad:10:2f:4a:59:75:a7:4a:05:46:a4:b5:
a4:94:88:bb:12:f4:73:ab:ac:a8:24:81:57:00:b2:aa:d4:bd:
c5:0a:26:23:5a:9b:a1:0c:58:db:70:44:7d:5c:00:e6:d9:2c:
43:de:ef:3f:58:97:6c:bb:e7:2a:32:b3:96:6f:31:a4:62:39:
d8:f5:d5:e4:42:16:4d:60:e5:50:f6:de:c9:d9:b4:87:cb:69:
79:5d:c2:68:75:1e:27:b9:e4:e4:fa:d9:70:18:8a:e2:e5:da:
ac:ce:d4:c1:99:e9:59:8a:52:83:1c:00:a0:bc:ad:49:29:dd:
78:9b:77:6f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPbbx3DVJFJfsjeexsR4TJLozHdcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODUxMDFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3YjliY2YyMGFiYmQxNjM3ZTZhODhlNmJjMjA3YzliMjU4MWYyOTEzNWZi
ZTgxMTM3YzBmZGRiYWEwMjc2NmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9gqsILVpdWTzKrDFSocMd3KVhhbIUqN17XX39eiy/FTT6WD1rOHsW3fziP
4epX7T1MJsnEW7r1VjKclsyP8FWxzr6IuFL0ltbeHz7k0F2yFPwabz0JDlIXRtyl
DE56+EY6Qd/uTE3yj68uuyq+tiAVytKw7QjIsRhGvunmxxxaFOIGemGLcmNd7922
oiPuT35c1QKH2Cpk0J0nGxCac3FCexBORvzD06zZVDRA3VeP3QKjR8jhNkuDIgNY
7MaZ5YCAIIY4Vga680zLxP9YQA+l0cKlvDGTMWG0ojeME4PZmXwV4/wQxah9w936
SvrdnRhPWFulc07tTvnWxTp+GQsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT6LY48
2vl9AOE33KmnLtKhfosGjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGExYTI1ZDctNjkzNS00MjBjLWE5NDktNGE5ZDBlNmE5NWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGg
QDANBgkqhkiG9w0BAQsFAAOCAQEAFGmdBG/rb7Jb2cRh0fZWFDx9sd+6uDkCKofv
xNs9dMWY/c8ngcheYUFlxuPz6KjhNd59fqrtAmvd+Mpk4Dr1NMpvvypTkzz/ZDsX
VSkv3lqq4ZNkiciYrmFHMQEA+WqBS/4leJvr/8Y/2ut/b/U6hyh08eQhyFRdDNTJ
+kM8q08eaxPTrRAvSll1p0oFRqS1pJSIuxL0c6usqCSBVwCyqtS9xQomI1qboQxY
23BEfVwA5tksQ97vP1iXbLvnKjKzlm8xpGI52PXV5EIWTWDlUPbeydm0h8tpeV3C
aHUeJ7nk5PrZcBiK4uXarM7UwZnpWYpSgxwAoLytSSndeJt3bw==
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:18:44 2025 by rpki-client