Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
File: 5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa (raw, json)
Hash identifier: BUZZLWJ4qJxsR2dppK48L49ZfrU6k7jNXkOntLYxPPE=
Subject key identifier: 87:F4:71:30:C5:F0:95:BD:AF:F3:83:CF:14:60:3D:D1:63:BF:F7:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4075154EF785A58B975D743231FD8F6482F56526
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
Signing time: Fri 26 Sep 2025 19:41:56 +0000
ROA not before: Fri 26 Sep 2025 19:41:56 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:75:15:4e:f7:85:a5:8b:97:5d:74:32:31:fd:8f:64:82:f5:65:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:41:56 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a30c8dca2586e4513dc3baab578cf6ab314d6052e15d990d0b793447f2e57c24, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8a:4d:77:e9:5d:f7:a8:55:3d:fe:32:51:15:
40:7a:80:3c:f1:3b:2b:67:1a:e2:4b:43:9c:a0:6f:
f2:8f:f5:22:85:84:57:1f:eb:e6:0f:bb:4e:90:ce:
58:11:0a:48:0f:6b:6a:5f:b5:79:f0:11:bf:d8:e4:
ef:93:65:0b:8e:46:27:95:35:f3:b6:ae:50:00:7c:
f0:07:e3:92:ac:f2:02:8a:79:e0:fa:ba:b1:76:53:
68:77:ba:ed:e4:95:bd:bb:f6:91:43:72:72:a9:58:
82:55:7c:16:7d:67:4b:dc:73:e4:0e:e7:9e:dd:cb:
2f:d7:1c:09:f8:41:bc:a0:c2:6d:b1:a8:e3:95:b8:
cb:8a:a8:37:cc:17:2b:88:26:f0:58:23:92:55:f4:
5e:c8:be:6f:eb:a2:af:53:ca:7d:5e:c4:6e:ba:8d:
13:a1:86:2e:a1:65:70:ef:ab:a3:19:7f:79:49:a9:
38:5b:61:a4:c2:3b:49:5b:39:42:1f:a7:8a:fe:1e:
fc:c5:2d:8f:05:38:27:d1:8e:d9:21:93:74:f3:5a:
86:c1:20:7e:ef:48:e0:d9:d7:a9:9c:82:bd:49:f9:
68:d9:94:d6:5e:a8:b1:70:dc:e1:a2:d5:22:30:1e:
30:a6:bb:58:35:3f:74:f6:e7:f5:2e:6a:58:8e:16:
3a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F4:71:30:C5:F0:95:BD:AF:F3:83:CF:14:60:3D:D1:63:BF:F7:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c8:f6:6b:bc:6c:ec:c7:af:8a:1b:72:11:ec:77:e9:db:0d:f1:
09:37:9a:fa:5b:8f:9f:ed:2a:13:86:b4:df:87:79:4a:e3:ce:
54:0f:82:36:dd:3f:27:4f:b4:e4:55:5c:65:a9:4b:b0:4f:ed:
d3:6e:c3:aa:1c:5f:f1:98:18:ce:f9:cf:cb:0e:90:35:56:3d:
af:3e:7b:cd:7c:f1:b0:47:0d:b6:96:c0:75:fa:1a:dd:8c:df:
8d:05:78:b8:a7:c1:fb:4f:99:65:b7:f7:23:5e:e4:6e:48:f5:
c4:0d:03:ce:0a:1f:9e:d0:d2:df:5f:92:45:64:d9:72:1f:cf:
70:54:8c:f1:36:16:6d:0e:5b:cc:64:0e:5d:56:1c:ef:a8:63:
86:7b:75:80:6b:b3:67:14:1f:9a:4d:49:51:24:b8:23:6a:01:
26:cd:0d:e9:79:86:62:5d:2b:5a:cb:96:27:51:e3:1f:19:6d:
70:1b:82:32:ee:5a:86:07:dc:24:5a:9b:74:f0:83:12:2f:e8:
d5:62:6f:39:ed:50:01:35:b5:6a:80:c4:04:e3:bf:47:4b:58:
b0:3a:7b:cd:56:06:42:5b:a9:3e:6b:79:34:3e:93:81:88:78:
56:88:20:78:be:19:d7:72:32:46:3c:fc:5c:63:ac:c8:7b:fb:
fc:95:ee:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQHUVTveFpYuXXXQyMf2PZIL1ZSYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQxNTZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMGM4ZGNhMjU4NmU0NTEzZGMzYmFhYjU3OGNmNmFiMzE0ZDYwNTJlMTVk
OTkwZDBiNzkzNDQ3ZjJlNTdjMjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiKTXfpXfeoVT3+MlEVQHqAPPE7K2ca4ktDnKBv8o/1IoWEVx/r5g+7TpDO
WBEKSA9ral+1efARv9jk75NlC45GJ5U187auUAB88AfjkqzyAop54Pq6sXZTaHe6
7eSVvbv2kUNycqlYglV8Fn1nS9xz5A7nnt3LL9ccCfhBvKDCbbGo45W4y4qoN8wX
K4gm8FgjklX0Xsi+b+uir1PKfV7EbrqNE6GGLqFlcO+roxl/eUmpOFthpMI7SVs5
Qh+niv4e/MUtjwU4J9GO2SGTdPNahsEgfu9I4NnXqZyCvUn5aNmU1l6osXDc4aLV
IjAeMKa7WDU/dPbn9S5qWI4WOkECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSH9HEw
xfCVva/zg88UYD3RY7/3VjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQ4ZTgzMWUtNGQ2MS00NDliLWE1MzItYTFkZDlkNzQzYWM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hog
MA0GCSqGSIb3DQEBCwUAA4IBAQDI9mu8bOzHr4obchHsd+nbDfEJN5r6W4+f7SoT
hrTfh3lK485UD4I23T8nT7TkVVxlqUuwT+3TbsOqHF/xmBjO+c/LDpA1Vj2vPnvN
fPGwRw22lsB1+hrdjN+NBXi4p8H7T5llt/cjXuRuSPXEDQPOCh+e0NLfX5JFZNly
H89wVIzxNhZtDlvMZA5dVhzvqGOGe3WAa7NnFB+aTUlRJLgjagEmzQ3peYZiXSta
y5YnUeMfGW1wG4Iy7lqGB9wkWpt08IMSL+jVYm857VABNbVqgMQE479HS1iwOnvN
VgZCW6k+a3k0PpOBiHhWiCB4vhnXcjJGPPxcY6zIe/v8le5c
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:14 2025 by rpki-client