Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e7b72c8-99d8-4cc6-a450-1b863c11684a.roa
File: 0e7b72c8-99d8-4cc6-a450-1b863c11684a.roa (raw, json)
Hash identifier: HHO9Lr04QXV4LLvOKQeC328A58azOjuM3Xtzmm/sSL4=
Subject key identifier: D5:EB:86:8E:5F:2D:50:76:2D:68:73:E1:8A:D1:31:C8:CE:1F:5B:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D9118CB8F7AF298647CA75E72E3A2A1C399C394
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e7b72c8-99d8-4cc6-a450-1b863c11684a.roa
Signing time: Mon 06 Oct 2025 17:50:54 +0000
ROA not before: Mon 06 Oct 2025 17:50:54 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:91:18:cb:8f:7a:f2:98:64:7c:a7:5e:72:e3:a2:a1:c3:99:c3:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:54 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=b2960bd6ca6391f0c87af1f56faf1e2d07146556b5331f91966288786d64922e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4b:be:5f:e4:65:99:4f:3e:97:b2:39:ae:72:
2d:24:0d:b3:42:b4:eb:3b:23:d5:3f:db:ab:f5:f3:
9f:bd:89:7c:4b:bc:53:28:df:93:3c:16:f1:33:b3:
c0:91:6a:fc:b2:55:d7:c2:73:ad:6b:81:ee:b5:02:
ce:31:c0:de:71:a6:9e:21:e5:29:33:cf:3f:32:e1:
a3:e2:a7:39:f6:f5:12:af:f4:f5:49:f3:0e:6d:2e:
1f:1c:0b:43:37:11:78:ef:37:0f:41:cf:b0:fc:72:
13:2d:53:25:1c:d3:95:da:50:52:73:5f:e6:00:ab:
76:3d:63:13:70:93:41:d0:b5:5d:2f:35:2e:b9:80:
d7:7e:4e:cc:44:77:80:b4:2d:2e:e3:a8:6e:0b:7d:
dd:42:a6:c9:d8:51:03:25:56:db:fc:08:1f:35:2b:
8d:2d:52:49:f3:44:0a:69:fc:53:8d:33:4a:38:03:
0b:b0:5c:79:d4:6b:c0:08:55:fe:b4:e5:30:71:de:
e5:72:ca:8b:9e:da:f6:4c:46:f5:66:e3:d8:f3:05:
24:f4:31:74:09:8b:05:fb:cc:1c:09:3d:f5:d6:c1:
4f:6e:bf:44:34:1a:67:15:03:8d:c1:19:72:e6:17:
67:6d:b3:70:10:de:52:98:ec:b0:02:cd:37:09:7e:
f9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:EB:86:8E:5F:2D:50:76:2D:68:73:E1:8A:D1:31:C8:CE:1F:5B:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e7b72c8-99d8-4cc6-a450-1b863c11684a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:4020::/48
Signature Algorithm: sha256WithRSAEncryption
92:32:2b:a5:e0:d8:7a:9e:da:07:f1:6f:28:0b:b6:11:97:e2:
4b:22:77:f9:9c:5c:fe:c0:f4:90:3c:e3:15:fc:d8:30:08:a1:
b4:35:fd:fd:09:b0:cd:ff:eb:b7:86:68:34:42:0d:49:8d:53:
f8:13:fb:3e:11:aa:d7:87:92:92:4b:2d:d4:09:4a:a2:78:eb:
da:b0:c5:02:1b:95:a5:2f:fe:fc:a8:9d:2d:d1:d5:5a:3a:c4:
39:db:a4:6c:b1:6d:a9:cd:6c:0e:05:d0:73:2c:85:4d:3c:3a:
26:b4:b7:62:5e:2e:44:6a:43:ea:cc:37:c7:34:c0:86:25:45:
7e:05:14:92:d1:ec:6d:24:a0:88:be:59:36:6b:23:b4:6f:a0:
e3:bf:8c:d8:19:ba:00:18:29:43:d6:ca:2e:c7:f9:55:de:6f:
c1:f1:b6:b0:b1:aa:00:01:a5:f6:94:80:4e:9f:bb:98:e0:36:
9a:5b:e8:88:a0:4d:cf:00:96:88:0d:65:3d:79:f2:15:21:0f:
67:66:d3:f6:2e:78:2c:2a:24:e5:ac:5b:b8:a4:f2:67:a8:ec:
dd:f0:de:0f:ec:03:63:70:50:b6:b6:c0:11:a7:ac:3e:75:7e:
6c:98:ad:1f:65:bd:56:4d:66:68:63:4a:a7:07:8e:f2:a0:19:
01:40:ca:fe
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHZEYy4968phkfKdecuOiocOZw5QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwNTRaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyOTYwYmQ2Y2E2MzkxZjBjODdhZjFmNTZmYWYxZTJkMDcxNDY1NTZiNTMz
MWY5MTk2NjI4ODc4NmQ2NDkyMmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANtLvl/kZZlPPpeyOa5yLSQNs0K06zsj1T/bq/Xzn72JfEu8UyjfkzwW8TOz
wJFq/LJV18JzrWuB7rUCzjHA3nGmniHlKTPPPzLho+KnOfb1Eq/09UnzDm0uHxwL
QzcReO83D0HPsPxyEy1TJRzTldpQUnNf5gCrdj1jE3CTQdC1XS81LrmA135OzER3
gLQtLuOobgt93UKmydhRAyVW2/wIHzUrjS1SSfNECmn8U40zSjgDC7BcedRrwAhV
/rTlMHHe5XLKi57a9kxG9Wbj2PMFJPQxdAmLBfvMHAk99dbBT26/RDQaZxUDjcEZ
cuYXZ22zcBDeUpjssALNNwl++a0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTV64aO
Xy1Qdi1oc+GK0THIzh9bfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGU3YjcyYzgtOTlkOC00Y2M2LWE0NTAtMWI4NjNjMTE2ODRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H1A
IDANBgkqhkiG9w0BAQsFAAOCAQEAkjIrpeDYep7aB/FvKAu2EZfiSyJ3+Zxc/sD0
kDzjFfzYMAihtDX9/Qmwzf/rt4ZoNEINSY1T+BP7PhGq14eSkkst1AlKonjr2rDF
AhuVpS/+/KidLdHVWjrEOdukbLFtqc1sDgXQcyyFTTw6JrS3Yl4uRGpD6sw3xzTA
hiVFfgUUktHsbSSgiL5ZNmsjtG+g47+M2Bm6ABgpQ9bKLsf5Vd5vwfG2sLGqAAGl
9pSATp+7mOA2mlvoiKBNzwCWiA1lPXnyFSEPZ2bT9i54LCok5axbuKTyZ6js3fDe
D+wDY3BQtrbAEaesPnV+bJitH2W9Vk1maGNKpweO8qAZAUDK/g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:29 2025 by rpki-client