Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
File: 5387f3e7-ef20-46b2-8929-bf638dce97e1.roa (raw, json)
Hash identifier: EJk7SkuUuyQZ8c+Bo8l8BMqW85ar6coSQHAzSAO/Mf0=
Subject key identifier: F2:61:DA:1F:0C:DA:BC:22:0F:CF:B9:5A:62:D8:F1:DC:B9:E9:2A:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 660D2D371BDCF271545A760247B93757017E66DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
Signing time: Fri 26 Sep 2025 18:41:53 +0000
ROA not before: Fri 26 Sep 2025 18:41:53 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:0d:2d:37:1b:dc:f2:71:54:5a:76:02:47:b9:37:57:01:7e:66:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:41:53 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=636fbeb4137d2ea00c537316d11161e8de4f09fd8f44ee591291d94a32205c32, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e4:7e:bc:9c:ee:1d:2f:07:5f:5a:50:b4:04:
18:de:ec:a1:07:8a:74:1f:79:c8:c7:19:02:8e:5c:
9c:eb:3b:ea:40:3a:80:b7:1b:d8:06:83:aa:45:01:
0b:d0:e8:da:f0:32:f9:7c:55:dd:29:52:4f:4e:58:
e8:33:48:c9:b5:d7:16:78:29:9e:b2:36:5a:e9:1e:
51:89:21:ea:91:b7:b8:11:0b:5f:e9:2b:02:b5:53:
8e:4a:26:11:ae:eb:62:1b:83:ca:c1:cd:cd:63:c1:
24:92:73:fc:da:bb:59:e8:88:59:d6:1f:77:72:86:
c5:a4:92:c5:a0:fa:09:24:04:17:78:b8:0d:35:30:
e3:63:10:76:7d:91:c7:b0:f1:9d:1e:68:16:84:ef:
47:9b:0d:fc:31:7f:d8:a7:23:64:5a:63:0e:31:b6:
98:fe:c7:40:87:17:4c:67:ca:bd:30:a0:ec:79:30:
84:d8:2b:30:98:96:13:1a:b1:27:a9:9a:09:14:16:
2b:de:17:ad:27:9d:cf:89:f9:1e:59:14:d9:8b:11:
5a:16:1a:40:02:41:02:82:b6:f2:3b:ac:7b:da:a2:
17:fe:37:ec:87:61:8b:ca:18:44:c0:d9:69:9b:d2:
ba:16:03:a0:66:a7:f0:e2:2b:be:f7:c1:e9:e7:61:
d7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:61:DA:1F:0C:DA:BC:22:0F:CF:B9:5A:62:D8:F1:DC:B9:E9:2A:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5000::/40
Signature Algorithm: sha256WithRSAEncryption
ae:d2:17:58:52:ff:ae:d3:2a:ca:d5:5d:a8:cf:18:5d:73:11:
b3:ec:f5:a9:31:f5:18:e5:2d:ba:98:d8:c2:3d:69:7f:60:4c:
f0:95:9a:bd:fc:1c:5a:ff:84:5a:a9:dd:72:0b:d4:1e:58:87:
bd:97:a8:12:eb:09:7e:75:ba:cd:6a:c7:e5:df:88:b8:1b:98:
43:b0:d4:d4:ac:1a:3c:2a:7b:79:9a:17:fc:67:42:5b:9b:0d:
91:92:57:f4:4c:05:ea:c3:da:3f:62:cc:f9:ed:7c:fc:8c:99:
2f:ed:cd:04:92:d7:9c:cd:2b:ec:da:86:88:c9:dd:a8:da:f2:
eb:e5:96:f4:a1:ff:ed:57:e3:e9:01:a5:e6:f7:ef:47:42:bd:
d8:57:40:29:7d:5a:8b:68:c0:92:28:d0:cf:fd:1e:cd:02:b4:
2d:6c:cb:f7:34:93:e2:db:44:33:01:6a:8d:2c:e7:3b:24:30:
24:02:1e:34:d7:71:d6:5b:53:41:49:61:8f:b0:70:44:54:83:
f1:e2:79:51:03:a9:fa:33:eb:a3:91:80:76:08:5d:f7:8b:6e:
a5:d5:06:56:10:2e:7b:bb:db:10:03:72:d5:73:d1:9a:05:97:
39:fb:6d:46:36:20:3f:70:a3:09:25:39:ea:96:c4:62:d3:32:
dc:3c:48:15
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZg0tNxvc8nFUWnYCR7k3VwF+Zt0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQxNTNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzNmZiZWI0MTM3ZDJlYTAwYzUzNzMxNmQxMTE2MWU4ZGU0ZjA5ZmQ4ZjQ0
ZWU1OTEyOTFkOTRhMzIyMDVjMzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDkfryc7h0vB19aULQEGN7soQeKdB95yMcZAo5cnOs76kA6gLcb2AaDqkUB
C9Do2vAy+XxV3SlST05Y6DNIybXXFngpnrI2WukeUYkh6pG3uBELX+krArVTjkom
Ea7rYhuDysHNzWPBJJJz/Nq7WeiIWdYfd3KGxaSSxaD6CSQEF3i4DTUw42MQdn2R
x7DxnR5oFoTvR5sN/DF/2KcjZFpjDjG2mP7HQIcXTGfKvTCg7HkwhNgrMJiWExqx
J6maCRQWK94XrSedz4n5HlkU2YsRWhYaQAJBAoK28juse9qiF/437Idhi8oYRMDZ
aZvSuhYDoGan8OIrvvfB6edh180CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyYdof
DNq8Ig/PuVpi2PHcuekqqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4N2YzZTctZWYyMC00NmIyLTg5MjktYmY2MzhkY2U5N2UxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCu0hdYUv+u0yrK1V2ozxhdcxGz7PWpMfUY5S26
mNjCPWl/YEzwlZq9/Bxa/4Raqd1yC9QeWIe9l6gS6wl+dbrNasfl34i4G5hDsNTU
rBo8Knt5mhf8Z0Jbmw2Rklf0TAXqw9o/Ysz57Xz8jJkv7c0EkteczSvs2oaIyd2o
2vLr5Zb0of/tV+PpAaXm9+9HQr3YV0ApfVqLaMCSKNDP/R7NArQtbMv3NJPi20Qz
AWqNLOc7JDAkAh4013HWW1NBSWGPsHBEVIPx4nlRA6n6M+ujkYB2CF33i26l1QZW
EC57u9sQA3LVc9GaBZc5+21GNiA/cKMJJTnqlsRi0zLcPEgV
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:39 2025 by rpki-client