Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
File: 248ea861-facc-4167-976d-1e65c556b074.roa (raw, json)
Hash identifier: ghsbvl7p0jd3V6A/zE1cfLir9NKzaW4JKks5F3S2cTU=
Subject key identifier: E9:F8:11:CE:28:DF:70:18:9A:48:15:7D:E9:DA:1A:16:20:ED:B2:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F076F542F4AB312B33BDF82D30D6B9C16B46685
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
Signing time: Fri 26 Sep 2025 19:40:51 +0000
ROA not before: Fri 26 Sep 2025 19:40:51 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:07:6f:54:2f:4a:b3:12:b3:3b:df:82:d3:0d:6b:9c:16:b4:66:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:40:51 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=e118bad038785a136f67e9d863451014214ff7c837f728f61a6b3964c056c727, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c2:92:43:5d:c6:6d:49:31:07:85:68:d6:12:
c7:5c:bf:77:7f:8d:0a:e6:df:66:72:88:1c:31:99:
49:7e:48:c9:87:c4:39:20:2f:01:d8:03:2d:8e:99:
9c:1e:bf:cf:10:49:af:ab:b9:84:d3:f8:ee:a0:ee:
04:56:4b:e7:7a:54:7c:eb:88:04:e4:f0:22:41:fc:
74:4a:21:93:31:08:ee:b9:4a:ab:a7:9e:19:d5:91:
5f:01:f1:6d:3e:ba:f9:a3:e6:fe:1d:51:6f:bc:bf:
1b:97:61:b3:9f:49:7e:0d:cb:a9:a9:c1:f5:a6:d2:
4f:bb:87:24:fa:6a:3a:9f:6e:58:ce:f0:fb:d0:6c:
58:33:7d:eb:b7:3c:25:df:ef:49:f6:18:ab:7a:d2:
a1:91:06:57:02:c1:7e:53:e6:0c:1d:14:01:04:5c:
7f:a7:c8:e6:73:fe:69:6a:6a:9c:3e:ea:88:2e:6d:
75:36:9d:9f:0d:48:a5:8e:b3:3a:7b:e9:86:2d:05:
ac:96:15:96:bc:58:8f:e6:8c:d3:48:ef:bd:23:8b:
6e:92:6b:75:68:04:e0:77:7c:d6:f0:69:cf:00:05:
64:47:3b:2f:04:b3:f6:55:77:5b:03:ab:d4:50:0b:
7d:cb:43:c6:25:5a:44:71:f3:a4:a0:d5:e5:db:56:
9a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F8:11:CE:28:DF:70:18:9A:48:15:7D:E9:DA:1A:16:20:ED:B2:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:1000::/40
Signature Algorithm: sha256WithRSAEncryption
1e:d4:2c:b4:fa:8c:aa:6e:ff:b1:09:26:0a:09:af:0f:0c:b5:
aa:f5:19:31:1e:26:fd:d5:b1:11:0f:fa:01:60:19:98:ec:d2:
96:bd:14:60:c6:59:95:b6:23:b6:a1:7e:ee:8b:7f:8e:11:97:
85:80:fb:8d:85:47:48:e3:22:7d:29:1d:ce:05:ad:ac:e7:7d:
b2:19:7f:36:a0:eb:ee:b8:c1:77:b0:06:40:66:c8:95:be:46:
bc:96:b2:f3:bc:e4:65:b6:56:7c:5a:3f:de:63:3d:f4:0f:09:
3e:c9:b5:5f:23:53:a2:cc:c5:1a:2c:1b:a6:4b:9b:ac:fa:bc:
6c:30:73:17:a6:1e:3b:09:4f:9a:2d:73:a0:4b:2c:29:7e:ec:
4b:f3:df:9c:43:44:18:79:cc:45:02:6f:b4:78:ce:bd:9e:72:
d2:b4:94:61:ce:bb:0b:fa:18:3a:ea:5d:d3:2e:66:09:bc:ca:
24:76:fd:38:2b:6d:76:58:61:55:5b:9e:0e:df:75:11:8a:56:
e3:57:8d:9b:f7:9c:da:45:04:a9:cd:5f:46:fa:e3:b3:0b:90:
bc:8c:1e:b2:58:76:58:c0:dd:19:1d:d0:62:93:67:62:f0:bd:
3c:e5:4d:92:b1:af:a0:3f:88:77:5c:88:0c:a5:61:1e:71:7b:
fd:94:90:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfwdvVC9KsxKzO9+C0w1rnBa0ZoUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQwNTFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxMThiYWQwMzg3ODVhMTM2ZjY3ZTlkODYzNDUxMDE0MjE0ZmY3YzgzN2Y3
MjhmNjFhNmIzOTY0YzA1NmM3MjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjCkkNdxm1JMQeFaNYSx1y/d3+NCubfZnKIHDGZSX5IyYfEOSAvAdgDLY6Z
nB6/zxBJr6u5hNP47qDuBFZL53pUfOuIBOTwIkH8dEohkzEI7rlKq6eeGdWRXwHx
bT66+aPm/h1Rb7y/G5dhs59Jfg3LqanB9abST7uHJPpqOp9uWM7w+9BsWDN967c8
Jd/vSfYYq3rSoZEGVwLBflPmDB0UAQRcf6fI5nP+aWpqnD7qiC5tdTadnw1IpY6z
Onvphi0FrJYVlrxYj+aM00jvvSOLbpJrdWgE4Hd81vBpzwAFZEc7LwSz9lV3WwOr
1FALfctDxiVaRHHzpKDV5dtWmiUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTp+BHO
KN9wGJpIFX3p2hoWIO2yXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjQ4ZWE4NjEtZmFjYy00MTY3LTk3NmQtMWU2NWM1NTZiMDc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAe1Cy0+oyqbv+xCSYKCa8PDLWq9RkxHib91bER
D/oBYBmY7NKWvRRgxlmVtiO2oX7ui3+OEZeFgPuNhUdI4yJ9KR3OBa2s532yGX82
oOvuuMF3sAZAZsiVvka8lrLzvORltlZ8Wj/eYz30Dwk+ybVfI1OizMUaLBumS5us
+rxsMHMXph47CU+aLXOgSywpfuxL89+cQ0QYecxFAm+0eM69nnLStJRhzrsL+hg6
6l3TLmYJvMokdv04K212WGFVW54O33URilbjV42b95zaRQSpzV9G+uOzC5C8jB6y
WHZYwN0ZHdBik2di8L085U2Ssa+gP4h3XIgMpWEecXv9lJAS
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:12 2025 by rpki-client