Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
File: 470f3c02-20c3-480f-a788-60d7378cea9b.roa (raw, json)
Hash identifier: isuIrXL6I0/CwEwnG3Cibv0KTV+n90uFh8WsrRsJvsI=
Subject key identifier: EA:C1:76:D9:16:3A:5F:F6:74:FF:FA:A5:45:5A:C5:78:05:AC:14:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24D5B9920D8FF84F327AA5E774A3738C7C621B7C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
Signing time: Sun 19 Oct 2025 07:00:12 +0000
ROA not before: Sun 19 Oct 2025 07:00:12 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:d5:b9:92:0d:8f:f8:4f:32:7a:a5:e7:74:a3:73:8c:7c:62:1b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 19 07:00:12 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=c5cfdb072c078deb66834a3433ba5ef32b78f3ed170ce30d12473dc46603ac7a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:04:de:92:c6:f5:3f:a9:dc:53:1d:fa:14:1f:
70:ec:8b:7b:20:cd:b5:58:94:f9:9a:2c:94:83:5d:
27:50:96:d9:36:dd:75:74:75:37:02:00:c1:87:e8:
14:19:db:98:7c:df:29:00:1a:e9:fc:26:b3:28:de:
dc:bb:d4:76:0f:46:9b:eb:88:44:6c:57:cf:cb:9c:
10:5b:ad:fc:9c:25:81:58:de:31:b4:ec:eb:7b:35:
d4:06:02:88:6b:8d:53:a3:4e:37:2e:93:e8:3e:d8:
ff:2b:f2:95:46:9b:f5:7e:c2:26:c1:7e:92:dd:8d:
76:92:44:70:3c:2d:39:00:d5:4c:9c:d7:aa:8b:73:
ed:97:98:7e:59:a3:e6:3e:8c:55:94:18:55:88:d8:
68:bd:c6:bc:3a:6f:3c:6d:3b:e2:f8:76:ff:68:f7:
4c:37:b5:5d:87:26:f1:cc:19:c7:ea:fc:a8:64:25:
ce:44:1c:03:4e:17:a0:ce:eb:ee:6d:29:dd:da:28:
b6:63:c4:f3:75:70:3e:09:b7:6c:a3:9c:fe:23:90:
3b:13:0a:88:5b:86:a3:bb:eb:04:44:2b:77:6b:c7:
1e:d3:2b:82:5f:1e:be:d7:c6:59:b0:22:bb:ef:d9:
78:ee:97:8f:68:d5:da:14:d9:ae:a0:1c:88:3b:a3:
c7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:C1:76:D9:16:3A:5F:F6:74:FF:FA:A5:45:5A:C5:78:05:AC:14:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:880::/48
Signature Algorithm: sha256WithRSAEncryption
30:77:92:a7:dd:7f:09:89:36:4d:b5:f4:3d:a9:db:b0:4f:9e:
e0:06:a1:b4:fd:b5:5f:64:2c:be:60:e1:fa:82:bd:a9:70:5b:
82:aa:27:e7:2e:b0:42:ed:4e:e9:5d:24:aa:d2:fd:ee:7f:7b:
8c:b8:39:4a:9d:d2:69:31:a9:81:a2:f0:4a:09:44:71:7b:32:
c5:d6:d9:f7:43:dc:c9:2d:db:ba:8c:55:bc:f7:4f:19:c5:dd:
1a:7c:dc:f1:68:1b:b2:7a:ee:9e:50:59:34:c9:6b:6a:f5:19:
7e:bf:ae:98:cd:73:c0:89:71:3b:71:bd:e6:09:a6:81:dc:51:
55:0d:b5:7e:78:34:46:c4:70:3a:a9:b3:03:ea:0b:aa:94:dc:
c2:6c:91:76:cf:d3:8e:78:dd:77:4d:f2:9f:df:41:4b:76:7b:
f6:71:4f:63:23:c4:67:80:04:2d:6f:3b:25:15:9a:68:29:e1:
a4:6c:fe:72:93:a0:82:41:b3:5f:31:f3:ab:c7:28:1e:12:74:
7d:c6:78:7e:ae:ec:61:85:f6:a9:61:70:0c:1b:ff:b2:b5:1e:
ed:62:ad:aa:07:05:92:89:c2:f9:51:21:2d:b7:42:e3:a5:ec:
a0:95:93:17:18:fc:cb:08:ee:fb:6c:36:31:21:15:66:07:0e:
ce:85:6b:37
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJNW5kg2P+E8yeqXndKNzjHxiG3wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTkwNzAwMTJaFw0yNTExMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1Y2ZkYjA3MmMwNzhkZWI2NjgzNGEzNDMzYmE1ZWYzMmI3OGYzZWQxNzBj
ZTMwZDEyNDczZGM0NjYwM2FjN2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN0E3pLG9T+p3FMd+hQfcOyLeyDNtViU+ZoslINdJ1CW2TbddXR1NwIAwYfo
FBnbmHzfKQAa6fwmsyje3LvUdg9Gm+uIRGxXz8ucEFut/JwlgVjeMbTs63s11AYC
iGuNU6NONy6T6D7Y/yvylUab9X7CJsF+kt2NdpJEcDwtOQDVTJzXqotz7ZeYflmj
5j6MVZQYVYjYaL3GvDpvPG074vh2/2j3TDe1XYcm8cwZx+r8qGQlzkQcA04XoM7r
7m0p3dootmPE83VwPgm3bKOc/iOQOxMKiFuGo7vrBEQrd2vHHtMrgl8evtfGWbAi
u+/ZeO6Xj2jV2hTZrqAciDujx4MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTqwXbZ
Fjpf9nT/+qVFWsV4BawUxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDcwZjNjMDItMjBjMy00ODBmLWE3ODgtNjBkNzM3OGNlYTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
gDANBgkqhkiG9w0BAQsFAAOCAQEAMHeSp91/CYk2TbX0PanbsE+e4AahtP21X2Qs
vmDh+oK9qXBbgqon5y6wQu1O6V0kqtL97n97jLg5Sp3SaTGpgaLwSglEcXsyxdbZ
90PcyS3buoxVvPdPGcXdGnzc8WgbsnrunlBZNMlravUZfr+umM1zwIlxO3G95gmm
gdxRVQ21fng0RsRwOqmzA+oLqpTcwmyRds/Tjnjdd03yn99BS3Z79nFPYyPEZ4AE
LW87JRWaaCnhpGz+cpOggkGzXzHzq8coHhJ0fcZ4fq7sYYX2qWFwDBv/srUe7WKt
qgcFkonC+VEhLbdC46XsoJWTFxj8ywju+2w2MSEVZgcOzoVrNw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:16 2025 by rpki-client