Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa
File: 67233a4e-590e-4497-a72c-fe940d42b798.roa (raw, json)
Hash identifier: BG1t2cbe/Ssi2lTgej9wV/Zlvrm6dogJO7AR2HGRLx0=
Subject key identifier: BC:BF:B2:21:90:7D:C3:7C:43:E9:BB:95:90:41:FE:B1:BB:CE:22:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69735620A684EF7604328AD64684D6F0620CAAFC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa
Signing time: Fri 26 Sep 2025 20:10:18 +0000
ROA not before: Fri 26 Sep 2025 20:10:18 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:73:56:20:a6:84:ef:76:04:32:8a:d6:46:84:d6:f0:62:0c:aa:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:10:18 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=90c002e651d26d77e88fba2c499d7f84bb9cb9e67378f8f4675a89c652f96196, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9a:ff:69:2d:82:6a:e4:80:89:26:fe:58:4f:
c0:a0:a8:59:18:52:cd:3b:1a:6a:f3:7a:ae:e0:66:
4d:66:25:5f:a0:2c:53:14:24:ac:3b:84:ea:19:39:
20:00:76:d2:e3:4a:ce:dc:95:c1:dc:bc:d6:a6:7a:
c5:1c:36:54:e5:df:14:b4:9d:2a:4f:7b:6f:00:43:
4b:d6:2b:96:ab:40:9f:88:06:75:fc:cd:c2:38:87:
7b:d6:ca:1a:41:1a:d9:4e:0a:48:22:b2:d8:fd:15:
6b:48:a3:6a:26:61:71:ca:8b:b8:f0:8d:b1:f8:36:
5b:ee:b6:34:c7:71:dc:53:b3:ca:c0:a9:8b:8e:9f:
69:16:d1:a4:0a:5e:b6:29:1d:8d:8e:b2:20:37:72:
11:4b:19:89:1c:39:4b:a5:b2:7b:51:ff:ed:77:50:
42:fb:64:2a:33:f5:8b:77:28:dd:65:3c:8d:10:56:
1a:38:ce:0d:b4:f0:04:68:e0:6e:f6:51:92:06:de:
0d:08:7f:fb:e4:c6:c5:68:66:11:b6:71:ec:c6:c6:
c5:f2:22:62:74:2d:cc:39:db:20:59:42:cb:ab:94:
fc:d1:6d:71:d3:00:9b:6d:28:e4:f1:f5:40:5d:3f:
37:7f:50:eb:b9:3d:c8:cc:12:27:ea:5f:7d:c3:64:
1d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:BF:B2:21:90:7D:C3:7C:43:E9:BB:95:90:41:FE:B1:BB:CE:22:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c::/32
Signature Algorithm: sha256WithRSAEncryption
75:a8:9b:39:14:eb:b7:84:03:00:65:4c:1c:9f:c2:24:31:6d:
3d:3d:d6:7e:97:fa:c5:cf:66:5a:65:e8:a8:07:56:37:87:74:
75:c8:8d:b6:68:c0:22:f6:3a:76:da:a7:c4:dd:fc:94:e2:eb:
9b:33:2c:88:7c:e3:bb:c2:1e:ac:a7:9c:68:9a:85:75:50:6f:
71:ac:b5:9a:87:15:e7:ef:36:7e:ea:6e:07:71:6c:bd:26:5f:
23:ba:2b:cf:b4:49:f5:a9:70:ea:8d:5a:a1:79:aa:a6:3e:b5:
78:a0:b9:cf:3b:8e:59:99:6e:a1:a2:b7:cb:6c:97:ae:dc:0c:
be:2c:87:f7:92:83:99:27:c9:13:78:54:c2:68:cd:9b:dc:cd:
e9:b2:56:63:1f:2b:6a:80:c3:37:98:10:c1:4e:93:a8:1f:df:
cb:ab:a4:6f:54:7f:b2:09:84:5e:7d:15:ef:c5:8f:89:29:0a:
aa:36:69:59:35:4c:ba:08:8f:31:e3:1f:62:1f:98:36:4f:7b:
d4:d3:c4:a4:cb:81:33:2b:b0:73:e7:53:95:cb:65:f4:8b:dc:
3c:33:25:02:b2:cd:89:46:f1:7e:5c:68:db:3a:94:e5:f1:f4:
9b:12:5f:bd:47:3f:2b:fa:94:e2:0e:20:7a:8e:57:85:c6:53:
8e:20:20:e3
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUaXNWIKaE73YEMorWRoTW8GIMqvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDEwMThaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwYzAwMmU2NTFkMjZkNzdlODhmYmEyYzQ5OWQ3Zjg0YmI5Y2I5ZTY3Mzc4
ZjhmNDY3NWE4OWM2NTJmOTYxOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaa/2ktgmrkgIkm/lhPwKCoWRhSzTsaavN6ruBmTWYlX6AsUxQkrDuE6hk5
IAB20uNKztyVwdy81qZ6xRw2VOXfFLSdKk97bwBDS9YrlqtAn4gGdfzNwjiHe9bK
GkEa2U4KSCKy2P0Va0ijaiZhccqLuPCNsfg2W+62NMdx3FOzysCpi46faRbRpApe
tikdjY6yIDdyEUsZiRw5S6Wye1H/7XdQQvtkKjP1i3co3WU8jRBWGjjODbTwBGjg
bvZRkgbeDQh/++TGxWhmEbZx7MbGxfIiYnQtzDnbIFlCy6uU/NFtcdMAm20o5PH1
QF0/N39Q67k9yMwSJ+pffcNkHasCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS8v7Ih
kH3DfEPpu5WQQf6xu84inzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjcyMzNhNGUtNTkwZS00NDk3LWE3MmMtZmU5NDBkNDJiNzk4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hww
DQYJKoZIhvcNAQELBQADggEBAHWomzkU67eEAwBlTByfwiQxbT091n6X+sXPZlpl
6KgHVjeHdHXIjbZowCL2Onbap8Td/JTi65szLIh847vCHqynnGiahXVQb3GstZqH
FefvNn7qbgdxbL0mXyO6K8+0SfWpcOqNWqF5qqY+tXiguc87jlmZbqGit8tsl67c
DL4sh/eSg5knyRN4VMJozZvczemyVmMfK2qAwzeYEMFOk6gf38urpG9Uf7IJhF59
Fe/Fj4kpCqo2aVk1TLoIjzHjH2IfmDZPe9TTxKTLgTMrsHPnU5XLZfSL3DwzJQKy
zYlG8X5caNs6lOXx9JsSX71HPyv6lOIOIHqOV4XGU44gIOM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:37 2025 by rpki-client