Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f6e5fa3-0ede-4f93-a8d4-16071e648983.roa
File: 0f6e5fa3-0ede-4f93-a8d4-16071e648983.roa (raw, json)
Hash identifier: idKVzwp5rWVYnDCHMhEdjhRTdi3gjS17pSwNXSe2A4g=
Subject key identifier: 06:83:58:8C:16:B9:BF:A3:FA:30:20:68:D3:43:9E:12:E9:14:0B:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 62F609A75262AE20E09FA1E993574FD58E2BF3BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f6e5fa3-0ede-4f93-a8d4-16071e648983.roa
Signing time: Mon 06 Oct 2025 17:50:06 +0000
ROA not before: Mon 06 Oct 2025 17:50:06 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:f6:09:a7:52:62:ae:20:e0:9f:a1:e9:93:57:4f:d5:8e:2b:f3:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:06 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=07ef52dbb5e09fd0e4115176e49925e3db5f73ee76b2821267b1f82fafd9af1e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6b:9f:47:3d:23:75:0e:4d:94:06:eb:c6:f7:
d9:34:56:76:d8:ee:a9:d4:4c:4e:39:b9:5b:c0:67:
70:ba:83:42:dc:93:bd:f5:58:db:62:19:26:6d:6f:
fc:81:99:40:cf:a2:d4:9d:3b:39:71:e4:4a:48:a6:
e9:34:9b:1b:4f:98:7c:82:8e:86:f3:52:c7:37:7a:
bf:c8:a8:40:87:2c:dc:1a:39:6f:88:fd:d1:8f:78:
af:b6:00:bb:cf:6c:18:f0:11:84:95:c0:80:ee:d8:
48:07:97:c2:3e:89:a6:a5:91:23:5c:13:4c:82:34:
36:0d:b0:38:d4:ea:fe:72:ef:b3:cd:d5:18:20:2e:
0e:96:dd:5a:6d:0f:68:bb:61:e3:c5:c5:fc:1c:55:
1f:5a:a5:5d:ce:8c:f0:4b:fb:57:2b:db:42:12:c4:
f6:eb:d9:fa:c1:f9:11:cb:a7:05:b5:47:f2:5c:fc:
54:1c:59:6b:f9:6a:af:34:e1:24:03:85:8f:e3:3a:
fd:31:7d:60:39:0b:3f:a2:02:b2:f5:6e:6d:e5:1f:
1f:d1:be:4e:ab:ca:dc:35:bb:fe:42:3d:f9:2a:44:
20:41:7a:80:e2:68:87:0a:7e:aa:1d:39:6c:28:60:
81:94:e8:b1:12:44:cf:8e:e1:fe:b5:29:92:aa:5b:
65:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:83:58:8C:16:B9:BF:A3:FA:30:20:68:D3:43:9E:12:E9:14:0B:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f6e5fa3-0ede-4f93-a8d4-16071e648983.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:1000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:11:9e:2f:d0:52:bb:66:24:72:39:d9:9b:a2:7c:82:c4:5c:
8f:96:f2:13:cf:f7:ac:62:2a:07:c6:87:f5:a2:e7:b3:57:ef:
72:06:3e:2d:d9:92:be:76:13:87:33:8f:dd:30:01:c7:ea:ac:
52:a1:53:f9:07:65:72:d9:14:e9:34:f8:22:3e:f2:a5:51:11:
c6:a9:02:a8:07:15:cf:7c:ff:08:4a:6f:82:5a:9b:29:95:56:
3a:3f:e2:da:e1:9f:5b:d1:c8:9a:d8:bc:e2:95:87:9d:79:2b:
86:b4:15:00:76:5d:9a:67:84:27:45:9b:5a:68:6e:17:09:7b:
47:05:89:cb:6f:fd:ea:a9:dd:e3:4d:b5:90:74:8b:fe:8f:b1:
ce:e6:eb:f8:8f:14:aa:06:fa:7c:73:72:9c:d5:60:0b:97:79:
6b:34:29:8b:b1:1b:14:55:cc:c8:bd:e5:fc:17:64:97:83:12:
92:9a:07:3e:9d:e5:de:dc:17:fd:59:a3:01:f5:49:17:f6:b1:
18:32:48:26:61:cb:d1:f6:f9:8e:44:43:dc:ac:25:95:8b:3e:
62:ae:ca:8f:38:a1:0c:36:83:a4:0e:24:5d:07:dc:1d:99:34:
fd:2f:c3:5d:fa:ef:74:85:30:de:92:4b:01:e6:b2:ae:0f:91:
23:23:04:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYvYJp1JiriDgn6Hpk1dP1Y4r878wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwMDZaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3ZWY1MmRiYjVlMDlmZDBlNDExNTE3NmU0OTkyNWUzZGI1ZjczZWU3NmIy
ODIxMjY3YjFmODJmYWZkOWFmMWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFrn0c9I3UOTZQG68b32TRWdtjuqdRMTjm5W8BncLqDQtyTvfVY22IZJm1v
/IGZQM+i1J07OXHkSkim6TSbG0+YfIKOhvNSxzd6v8ioQIcs3Bo5b4j90Y94r7YA
u89sGPARhJXAgO7YSAeXwj6JpqWRI1wTTII0Ng2wONTq/nLvs83VGCAuDpbdWm0P
aLth48XF/BxVH1qlXc6M8Ev7VyvbQhLE9uvZ+sH5EcunBbVH8lz8VBxZa/lqrzTh
JAOFj+M6/TF9YDkLP6ICsvVubeUfH9G+TqvK3DW7/kI9+SpEIEF6gOJohwp+qh05
bChggZTosRJEz47h/rUpkqpbZc0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGg1iM
Frm/o/owIGjTQ54S6RQLiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGY2ZTVmYTMtMGVkZS00ZjkzLWE4ZDQtMTYwNzFlNjQ4OTgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H0Q
MA0GCSqGSIb3DQEBCwUAA4IBAQC7EZ4v0FK7ZiRyOdmbonyCxFyPlvITz/esYioH
xof1ouezV+9yBj4t2ZK+dhOHM4/dMAHH6qxSoVP5B2Vy2RTpNPgiPvKlURHGqQKo
BxXPfP8ISm+CWpsplVY6P+La4Z9b0cia2LzilYedeSuGtBUAdl2aZ4QnRZtaaG4X
CXtHBYnLb/3qqd3jTbWQdIv+j7HO5uv4jxSqBvp8c3Kc1WALl3lrNCmLsRsUVczI
veX8F2SXgxKSmgc+neXe3Bf9WaMB9UkX9rEYMkgmYcvR9vmOREPcrCWViz5irsqP
OKEMNoOkDiRdB9wdmTT9L8Nd+u90hTDekksB5rKuD5EjIwRB
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:24 2025 by rpki-client