Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
File: 70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa (raw, json)
Hash identifier: Vnbe3MBRy2QxFgiPyljhxwfwXQr/yczdv4cKnk/Dp4w=
Subject key identifier: D9:EA:92:D9:CA:E7:6F:03:BC:BD:86:3D:82:35:D7:52:11:CD:08:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F99E931CF89DA726DD7853FE86A45C8AF6799C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
Signing time: Fri 26 Sep 2025 19:21:38 +0000
ROA not before: Fri 26 Sep 2025 19:21:38 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:99:e9:31:cf:89:da:72:6d:d7:85:3f:e8:6a:45:c8:af:67:99:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:21:38 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=b0803c26f5ce0b660b1e040b3a63365f3212790e85d7fd9d1b51c1346d552e12, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:92:9a:f8:1e:b8:06:0a:de:de:73:b8:87:1a:
48:9a:e7:ce:9f:5e:46:ae:db:7a:4e:0e:94:f1:96:
ca:2c:a9:fe:af:8e:68:a1:28:f3:c0:4a:16:ce:b4:
90:1c:0d:16:67:f7:0c:a7:1a:1d:32:08:1c:b5:95:
ff:12:ed:48:4a:44:75:44:e4:03:bf:cc:f2:30:cf:
db:fa:b7:f5:99:ee:66:3a:22:6c:d8:46:e4:4a:2c:
09:89:aa:a9:26:b8:12:e5:82:30:47:75:6f:52:a2:
c8:a2:7f:f1:77:4c:6d:89:0b:f0:8b:be:04:be:11:
0f:42:c2:b4:ce:7d:71:ba:1c:03:85:3c:32:7c:10:
40:3f:75:56:d3:81:14:e5:cd:e1:9d:a1:bf:15:da:
3c:3f:b1:c2:08:31:c9:47:aa:1f:ac:cd:0e:32:a5:
5d:86:ef:d8:8e:88:f7:1b:fb:f0:d4:8e:de:f0:b3:
57:61:28:c5:9b:06:86:d6:03:91:46:8e:88:c5:6a:
0b:f9:a9:ac:3d:3a:a0:1a:c3:81:5f:99:e4:39:d6:
25:c4:e3:1a:6e:89:a9:c8:4e:cd:a8:14:fd:66:73:
c6:bd:96:49:31:8c:87:f8:f9:0d:6a:bb:cf:9d:d5:
43:e8:73:a1:fd:70:78:81:1c:5b:54:79:8f:7a:0c:
39:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:EA:92:D9:CA:E7:6F:03:BC:BD:86:3D:82:35:D7:52:11:CD:08:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:5000::/40
Signature Algorithm: sha256WithRSAEncryption
49:5a:30:f0:92:94:01:03:38:d4:41:b5:b7:a7:95:b2:49:7f:
01:21:b2:46:98:f8:87:19:5d:35:91:f7:41:3e:3b:ae:b0:fb:
6a:a2:5b:a8:42:c8:f6:78:72:c3:75:ae:3f:02:da:fa:8b:c8:
aa:a3:c7:0c:65:69:f2:ab:2d:d2:82:29:7a:12:8f:b6:28:16:
e7:53:af:e0:6f:6b:19:8f:64:11:35:d7:2f:5c:76:8e:de:ce:
be:11:96:04:9c:05:0c:93:e6:ac:f8:fb:3b:34:12:74:5a:08:
81:e1:12:29:2d:6d:d2:a5:57:d5:70:86:d7:3e:17:d8:36:f1:
f4:e4:ed:b3:53:76:8b:fd:49:20:5a:eb:02:2f:00:7b:2e:b8:
04:59:ec:5f:6b:c4:6f:3c:9f:a3:7c:ba:1b:23:d2:d0:a4:7a:
75:c4:4c:8b:0b:da:35:41:1b:12:aa:4e:16:7b:26:d2:4b:bb:
d0:2d:d1:d9:f7:aa:e8:30:1f:bb:5d:9d:d1:4a:24:0b:d0:23:
56:c2:45:8d:43:24:a3:66:dd:69:b3:41:6b:f9:38:4f:86:56:
20:50:97:3b:08:0d:cb:d6:72:00:a0:37:e8:90:55:0f:85:2c:
c4:23:a9:34:f7:09:ff:b9:73:db:ef:6c:fd:46:5d:af:09:c8:
ba:7a:cc:e4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb5npMc+J2nJt14U/6GpFyK9nmccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTIxMzhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwODAzYzI2ZjVjZTBiNjYwYjFlMDQwYjNhNjMzNjVmMzIxMjc5MGU4NWQ3
ZmQ5ZDFiNTFjMTM0NmQ1NTJlMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+SmvgeuAYK3t5zuIcaSJrnzp9eRq7bek4OlPGWyiyp/q+OaKEo88BKFs60
kBwNFmf3DKcaHTIIHLWV/xLtSEpEdUTkA7/M8jDP2/q39ZnuZjoibNhG5EosCYmq
qSa4EuWCMEd1b1KiyKJ/8XdMbYkL8Iu+BL4RD0LCtM59cbocA4U8MnwQQD91VtOB
FOXN4Z2hvxXaPD+xwggxyUeqH6zNDjKlXYbv2I6I9xv78NSO3vCzV2EoxZsGhtYD
kUaOiMVqC/mprD06oBrDgV+Z5DnWJcTjGm6JqchOzagU/WZzxr2WSTGMh/j5DWq7
z53VQ+hzof1weIEcW1R5j3oMOf0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZ6pLZ
yudvA7y9hj2CNddSEc0I9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzBkOWIzMmQtNmRiMy00OTcxLWJkYjQtZTVkZDI1MWY2NzA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBJWjDwkpQBAzjUQbW3p5WySX8BIbJGmPiHGV01
kfdBPjuusPtqoluoQsj2eHLDda4/Atr6i8iqo8cMZWnyqy3Sgil6Eo+2KBbnU6/g
b2sZj2QRNdcvXHaO3s6+EZYEnAUMk+as+Ps7NBJ0WgiB4RIpLW3SpVfVcIbXPhfY
NvH05O2zU3aL/UkgWusCLwB7LrgEWexfa8RvPJ+jfLobI9LQpHp1xEyLC9o1QRsS
qk4WeybSS7vQLdHZ96roMB+7XZ3RSiQL0CNWwkWNQySjZt1ps0Fr+ThPhlYgUJc7
CA3L1nIAoDfokFUPhSzEI6k09wn/uXPb72z9Rl2vCci6eszk
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:24 2025 by rpki-client