Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa
File: 669652b6-0b22-49a0-b29f-dfb51835c988.roa (raw, json)
Hash identifier: Gy5znX5URYBDeF8fqdlI/w3o4UgTdRrrGonFWHu99RQ=
Subject key identifier: 0D:B2:0C:56:73:82:D5:2C:C8:B1:43:9B:6A:CA:41:55:33:D6:70:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16D255431594B4D26CE0576A3127900B2BEC1B57
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa
Signing time: Fri 26 Sep 2025 20:01:11 +0000
ROA not before: Fri 26 Sep 2025 20:01:11 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:d2:55:43:15:94:b4:d2:6c:e0:57:6a:31:27:90:0b:2b:ec:1b:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:01:11 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=e96916e1bfb6bcbf73828e359436cae76b6172227a843bd09155f0ed7f8d827f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3e:f4:01:cb:01:03:96:f5:34:52:bb:c3:12:
7d:0c:b0:a6:dd:77:d2:d7:6f:11:5d:ab:3a:46:59:
01:aa:42:1b:5d:eb:ba:63:cf:0a:ff:87:51:2d:1f:
b0:05:00:71:7a:96:bc:d7:ed:37:94:30:90:7b:43:
26:86:06:a4:6d:b9:b2:00:52:02:ea:9f:f4:38:e9:
c4:a1:cd:19:e9:b7:74:05:a9:58:c6:96:62:13:cb:
20:29:e7:26:77:c0:6a:c0:7f:ed:d2:a3:27:0d:4b:
98:9c:c7:ca:4d:59:92:e4:c3:5c:30:64:58:e9:b7:
63:8d:72:6f:9f:08:b2:10:6d:51:56:f9:7a:0e:e7:
b4:cf:c3:79:ee:49:69:4a:b1:d1:32:13:db:5f:e0:
79:dc:2c:4d:0c:56:1c:df:2e:96:5e:60:e6:86:70:
3f:a6:f3:d5:1b:a2:8e:a4:e4:db:2e:32:b7:98:23:
77:90:60:13:90:35:4c:d9:a6:d9:6f:d3:63:1a:de:
29:3e:34:ff:43:a9:55:28:f5:42:80:57:de:34:9f:
ac:a5:93:01:3a:68:a8:eb:66:9f:92:bb:9a:38:0f:
44:da:32:93:fe:68:af:1f:40:9a:cb:ba:e4:86:e3:
37:7a:4c:4b:6c:3e:3b:71:2a:c7:ae:29:25:58:f1:
05:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B2:0C:56:73:82:D5:2C:C8:B1:43:9B:6A:CA:41:55:33:D6:70:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c::/38
Signature Algorithm: sha256WithRSAEncryption
7a:32:29:5d:74:62:13:ce:68:c4:e2:bc:3f:26:e1:6b:4a:bc:
23:5b:ff:05:01:92:b1:41:3e:5b:cf:5b:8e:18:cc:27:27:30:
c4:9a:b8:6b:5d:eb:70:10:63:2e:20:a2:37:d3:8d:de:9b:18:
de:7e:68:0f:35:29:27:fb:ed:19:68:e0:ab:16:2c:44:6d:0f:
2f:19:88:6a:5d:5e:53:60:f9:ca:e8:b8:13:03:8b:b1:05:52:
ad:46:8e:2c:d2:7e:35:4b:6e:30:d0:15:71:fb:35:92:16:87:
c9:db:f7:67:02:fe:69:ae:aa:bf:52:20:73:b2:a2:2b:dd:e5:
e9:90:92:49:c1:1a:7a:95:da:74:36:fd:26:9c:17:27:5a:93:
35:ab:8a:70:bd:18:6f:f6:c9:bd:5b:91:8d:f6:49:b9:6c:76:
99:11:59:7a:6f:7e:7e:57:82:8b:61:2b:08:80:3d:4b:eb:69:
5e:13:8d:b8:35:0f:e4:da:15:52:2d:4b:18:56:49:85:f7:7f:
d4:eb:d5:5e:93:bc:4a:53:cf:85:61:d5:b8:d0:17:80:09:f4:
ac:b3:08:c2:bc:1f:45:70:6c:a1:97:a3:19:a9:74:82:66:a9:
a5:7c:96:df:73:79:6a:25:3f:8a:66:12:14:b8:62:60:fc:96:
4c:38:3a:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFtJVQxWUtNJs4FdqMSeQCyvsG1cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAxMTFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5NjkxNmUxYmZiNmJjYmY3MzgyOGUzNTk0MzZjYWU3NmI2MTcyMjI3YTg0
M2JkMDkxNTVmMGVkN2Y4ZDgyN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKM+9AHLAQOW9TRSu8MSfQywpt130tdvEV2rOkZZAapCG13rumPPCv+HUS0f
sAUAcXqWvNftN5QwkHtDJoYGpG25sgBSAuqf9DjpxKHNGem3dAWpWMaWYhPLICnn
JnfAasB/7dKjJw1LmJzHyk1ZkuTDXDBkWOm3Y41yb58IshBtUVb5eg7ntM/Dee5J
aUqx0TIT21/gedwsTQxWHN8ull5g5oZwP6bz1RuijqTk2y4yt5gjd5BgE5A1TNmm
2W/TYxreKT40/0OpVSj1QoBX3jSfrKWTATpoqOtmn5K7mjgPRNoyk/5orx9Amsu6
5IbjN3pMS2w+O3Eqx64pJVjxBaUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQNsgxW
c4LVLMixQ5tqykFVM9ZwkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjY5NjUyYjYtMGIyMi00OWEwLWIyOWYtZGZiNTE4MzVjOTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwA
MA0GCSqGSIb3DQEBCwUAA4IBAQB6MilddGITzmjE4rw/JuFrSrwjW/8FAZKxQT5b
z1uOGMwnJzDEmrhrXetwEGMuIKI3043emxjefmgPNSkn++0ZaOCrFixEbQ8vGYhq
XV5TYPnK6LgTA4uxBVKtRo4s0n41S24w0BVx+zWSFofJ2/dnAv5prqq/UiBzsqIr
3eXpkJJJwRp6ldp0Nv0mnBcnWpM1q4pwvRhv9sm9W5GN9km5bHaZEVl6b35+V4KL
YSsIgD1L62leE424NQ/k2hVSLUsYVkmF93/U69Vek7xKU8+FYdW40BeACfSsswjC
vB9FcGyhl6MZqXSCZqmlfJbfc3lqJT+KZhIUuGJg/JZMODoR
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:22 2025 by rpki-client