Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
File: 613f885a-7f25-486b-9eff-fdd6b2c05b65.roa (raw, json)
Hash identifier: RocVqwclrGACgM5aXWN7qqXjlvvvncFyrrxva1MYFtI=
Subject key identifier: FC:6A:82:76:DA:07:E2:40:AF:9D:5F:AC:7D:BD:D1:57:29:46:56:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71C2912D013D7B6074154436A1106D2E32E57A9A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
Signing time: Fri 26 Sep 2025 19:10:05 +0000
ROA not before: Fri 26 Sep 2025 19:10:05 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:c2:91:2d:01:3d:7b:60:74:15:44:36:a1:10:6d:2e:32:e5:7a:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:10:05 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=d0f5fa0a5e72949ec3538d42a77bbda3556e3c96b769c501d30251a1351190a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c6:1d:47:85:fc:a0:45:c1:3f:4e:7e:a3:06:
30:a5:85:9d:d7:7e:68:77:e2:8a:6b:75:20:42:d6:
ae:ea:29:00:48:ba:b0:4e:a2:03:0a:4b:5f:3a:fc:
bf:d4:36:3a:95:71:8d:4d:5f:29:80:1f:a7:f0:86:
9e:74:77:a5:80:a0:95:10:4f:0a:71:d6:06:e8:7a:
15:ca:24:fb:36:4f:f2:fd:3d:9d:39:bc:fb:8b:e5:
dd:b7:4a:d1:37:c9:08:43:88:e6:0c:62:8a:6a:61:
2c:ac:a9:80:36:92:68:b3:c2:8b:bc:9b:b0:fd:8c:
d9:8d:be:42:ff:7c:97:18:0c:51:55:91:43:08:f3:
09:7a:81:0e:22:27:15:93:e7:6f:17:b1:7c:d9:a5:
51:a0:c2:be:b9:ca:c7:a6:fe:da:ae:57:f7:1e:6a:
d3:ef:a3:81:40:2d:57:88:29:5c:15:82:f5:55:6e:
ef:15:ed:9d:20:ac:66:3f:22:bb:52:4b:17:d8:2c:
bd:c9:81:68:d3:be:c1:f9:d9:cb:02:b3:3d:9b:f5:
df:06:75:df:36:49:5d:2b:c4:06:75:d8:cb:32:b6:
bb:99:d0:6b:d5:38:38:aa:89:50:0e:7e:8a:fd:a9:
af:c4:d8:03:85:d8:7b:45:8d:06:e5:10:24:57:62:
e8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:6A:82:76:DA:07:E2:40:AF:9D:5F:AC:7D:BD:D1:57:29:46:56:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4080::/48
Signature Algorithm: sha256WithRSAEncryption
8a:b6:a6:c6:7f:90:27:d0:90:10:f4:fc:6d:2b:45:61:4f:ad:
e3:6c:e5:2e:8c:b9:2c:2e:7b:7d:2d:0d:e1:b8:ed:75:a2:2a:
76:51:fd:50:e9:8b:8a:c7:ce:44:9e:73:13:61:cd:bb:bf:42:
0d:09:ff:63:00:03:e4:42:b3:39:c6:b5:5d:52:47:a3:f5:48:
d8:9d:90:b3:2f:84:6d:8a:a1:46:49:24:44:65:a3:a4:dd:3f:
ed:09:8f:7b:f7:ad:f6:1e:ce:28:23:58:99:1c:33:89:01:58:
00:c1:23:7c:82:02:db:4b:e6:e3:c9:f2:2a:11:9c:95:2a:7b:
90:6c:dc:c1:83:c2:ab:60:ae:fe:00:58:fe:da:65:cb:9d:25:
88:c3:06:9f:3b:2e:cb:8a:f3:0a:13:5f:2e:a2:7b:bf:03:b7:
06:dd:e1:eb:00:83:16:fe:17:7e:58:cb:f5:20:ca:28:fb:20:
44:75:52:5b:62:fb:e4:9f:15:89:bf:14:93:98:33:56:3f:5e:
10:f8:8c:cf:d7:bb:fd:16:98:23:f6:ce:d7:83:ba:c0:8f:cb:
de:cc:53:5b:b8:97:bd:1b:eb:d0:fc:b7:e5:3b:e1:8b:5f:7c:
d1:82:96:a8:be:29:0d:bd:e5:f7:84:09:a1:d3:73:ba:3b:ee:
52:77:55:d8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUccKRLQE9e2B0FUQ2oRBtLjLlepowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTEwMDVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwZjVmYTBhNWU3Mjk0OWVjMzUzOGQ0MmE3N2JiZGEzNTU2ZTNjOTZiNzY5
YzUwMWQzMDI1MWExMzUxMTkwYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXGHUeF/KBFwT9OfqMGMKWFndd+aHfiimt1IELWruopAEi6sE6iAwpLXzr8
v9Q2OpVxjU1fKYAfp/CGnnR3pYCglRBPCnHWBuh6Fcok+zZP8v09nTm8+4vl3bdK
0TfJCEOI5gxiimphLKypgDaSaLPCi7ybsP2M2Y2+Qv98lxgMUVWRQwjzCXqBDiIn
FZPnbxexfNmlUaDCvrnKx6b+2q5X9x5q0++jgUAtV4gpXBWC9VVu7xXtnSCsZj8i
u1JLF9gsvcmBaNO+wfnZywKzPZv13wZ13zZJXSvEBnXYyzK2u5nQa9U4OKqJUA5+
iv2pr8TYA4XYe0WNBuUQJFdi6A8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT8aoJ2
2gfiQK+dX6x9vdFXKUZW8zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjEzZjg4NWEtN2YyNS00ODZiLTllZmYtZmRkNmIyYzA1YjY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
gDANBgkqhkiG9w0BAQsFAAOCAQEAiramxn+QJ9CQEPT8bStFYU+t42zlLoy5LC57
fS0N4bjtdaIqdlH9UOmLisfORJ5zE2HNu79CDQn/YwAD5EKzOca1XVJHo/VI2J2Q
sy+EbYqhRkkkRGWjpN0/7QmPe/et9h7OKCNYmRwziQFYAMEjfIIC20vm48nyKhGc
lSp7kGzcwYPCq2Cu/gBY/tply50liMMGnzsuy4rzChNfLqJ7vwO3Bt3h6wCDFv4X
fljL9SDKKPsgRHVSW2L75J8Vib8Uk5gzVj9eEPiMz9e7/RaYI/bO14O6wI/L3sxT
W7iXvRvr0Py35Tvhi1980YKWqL4pDb3l94QJodNzujvuUndV2A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:27 2025 by rpki-client