Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15627aa0-7ca7-42e4-ae65-8de04bda3e57.roa
File: 15627aa0-7ca7-42e4-ae65-8de04bda3e57.roa (raw, json)
Hash identifier: ZOyv8P7WuF+riedkrRbFCt65c52oCWM+jdIgn5e24Js=
Subject key identifier: 75:F9:D4:63:72:2A:B4:5E:A4:A4:E9:2B:D5:3F:5C:E7:73:91:CB:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EE7CB1D2C3F9489D4FEE3DAE65BDE74969302F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15627aa0-7ca7-42e4-ae65-8de04bda3e57.roa
Signing time: Mon 06 Oct 2025 17:40:11 +0000
ROA not before: Mon 06 Oct 2025 17:40:11 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:e7:cb:1d:2c:3f:94:89:d4:fe:e3:da:e6:5b:de:74:96:93:02:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:40:11 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=27dd78721ea533311b7ec2bf32f553731dbde3e25c8098e4cae116a4f73bba8b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:78:da:98:ad:c1:10:b7:88:95:1e:df:a1:a1:
e4:62:b2:d8:99:0c:3f:7d:9b:fa:86:9a:56:94:46:
98:cc:3e:bb:64:e7:7e:b7:e8:35:e0:19:35:91:0d:
f0:ca:34:6b:5e:e9:fb:13:49:ee:c8:da:f9:d7:90:
9d:4c:fd:d0:be:22:c1:8f:c1:59:b4:a1:be:bd:c5:
72:41:6a:fb:73:63:89:2e:da:a0:c7:ad:1f:19:27:
17:37:3f:63:35:13:71:7c:41:65:c2:55:4f:4b:46:
9f:d5:24:10:18:a7:77:ed:84:3d:06:10:1b:20:30:
03:c6:29:bc:17:48:b1:19:f7:63:3f:0b:49:d1:e2:
6b:de:6f:80:b9:ea:6a:b4:95:29:b6:da:0a:3a:83:
ac:da:c3:99:94:f3:bc:f3:e7:c3:a2:93:7e:ee:c6:
81:85:16:fc:56:a1:89:b6:15:2a:c4:8d:94:d1:17:
e3:4d:7e:60:46:f6:fd:f8:5f:73:98:7d:5c:fc:0f:
2d:e9:93:99:36:b0:cc:0a:ec:f5:76:71:89:da:6e:
d3:eb:c3:71:4b:6a:3a:78:21:62:ba:aa:86:20:a4:
59:aa:96:09:b8:e4:ae:4d:6a:09:e9:f5:36:6e:6e:
f1:ca:a2:80:34:55:18:5f:04:18:5d:8f:26:a2:36:
ac:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F9:D4:63:72:2A:B4:5E:A4:A4:E9:2B:D5:3F:5C:E7:73:91:CB:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15627aa0-7ca7-42e4-ae65-8de04bda3e57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
02:bf:5f:8f:0f:ec:61:c7:bf:ec:1f:04:15:32:58:a0:29:a6:
33:a1:8b:cd:43:fc:89:c3:44:26:5e:c7:9c:73:36:27:79:b4:
7c:c1:f2:8c:03:0c:13:8f:0c:3d:7f:a0:cd:7b:00:43:5c:cf:
c7:4c:a6:50:6d:ef:de:0e:5e:65:da:30:08:1a:d6:b2:ce:f0:
9a:da:84:f5:45:d4:47:aa:74:66:02:96:ac:31:55:5a:b0:7f:
9b:27:a2:ac:c7:9a:c8:10:5b:f2:32:66:ce:1b:cd:54:2c:ad:
e1:77:d1:16:ae:53:18:3b:1f:c0:cf:4b:e9:bb:c4:c7:4e:11:
d3:73:97:e9:30:97:d9:42:3b:56:53:7e:00:2b:3b:45:65:8e:
3c:40:63:94:eb:8c:3c:ae:8c:a2:e6:7d:36:9a:e9:32:e0:32:
ae:cf:a6:a9:fc:99:18:a8:5d:3f:a1:9c:a8:b4:ca:50:26:52:
25:e1:f3:38:96:e4:69:e8:87:ac:52:2f:ec:b8:c8:d4:a1:50:
5b:87:36:1e:65:37:78:15:87:5d:51:56:37:7f:36:82:e6:34:
00:e7:72:be:cb:da:c0:95:32:c3:ef:2d:42:45:6d:f0:42:3d:
90:4c:66:9b:51:7c:c2:36:d0:07:03:88:58:90:47:bd:ab:e1:
bc:d1:27:29
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDufLHSw/lInU/uPa5lvedJaTAvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzQwMTFaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3ZGQ3ODcyMWVhNTMzMzExYjdlYzJiZjMyZjU1MzczMWRiZGUzZTI1Yzgw
OThlNGNhZTExNmE0ZjczYmJhOGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANx42pitwRC3iJUe36Gh5GKy2JkMP32b+oaaVpRGmMw+u2TnfrfoNeAZNZEN
8Mo0a17p+xNJ7sja+deQnUz90L4iwY/BWbShvr3FckFq+3NjiS7aoMetHxknFzc/
YzUTcXxBZcJVT0tGn9UkEBind+2EPQYQGyAwA8YpvBdIsRn3Yz8LSdHia95vgLnq
arSVKbbaCjqDrNrDmZTzvPPnw6KTfu7GgYUW/FahibYVKsSNlNEX401+YEb2/fhf
c5h9XPwPLemTmTawzArs9XZxidpu0+vDcUtqOnghYrqqhiCkWaqWCbjkrk1qCen1
Nm5u8cqigDRVGF8EGF2PJqI2rB8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR1+dRj
ciq0XqSk6SvVP1znc5HLLTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTU2MjdhYTAtN2NhNy00MmU0LWFlNjUtOGRlMDRiZGEzZTU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H2A
wDANBgkqhkiG9w0BAQsFAAOCAQEAAr9fjw/sYce/7B8EFTJYoCmmM6GLzUP8icNE
Jl7HnHM2J3m0fMHyjAMME48MPX+gzXsAQ1zPx0ymUG3v3g5eZdowCBrWss7wmtqE
9UXUR6p0ZgKWrDFVWrB/myeirMeayBBb8jJmzhvNVCyt4XfRFq5TGDsfwM9L6bvE
x04R03OX6TCX2UI7VlN+ACs7RWWOPEBjlOuMPK6MouZ9NprpMuAyrs+mqfyZGKhd
P6GcqLTKUCZSJeHzOJbkaeiHrFIv7LjI1KFQW4c2HmU3eBWHXVFWN382guY0AOdy
vsvawJUyw+8tQkVt8EI9kExmm1F8wjbQBwOIWJBHvavhvNEnKQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:12:40 2025 by rpki-client