Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
File: 7116ef93-bff5-462e-a725-ae90147ffd39.roa (raw, json)
Hash identifier: jggi0hAPZ5OZmEWhZtY6in3cQh9HF/MORr/5xEKEACo=
Subject key identifier: D6:81:02:D5:CB:39:3E:7C:50:AC:F9:DD:C3:B9:20:F0:41:1F:ED:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56A5C5C8AAC7104080EA5081C762649321C55D47
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
Signing time: Fri 26 Sep 2025 18:50:58 +0000
ROA not before: Fri 26 Sep 2025 18:50:58 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:a5:c5:c8:aa:c7:10:40:80:ea:50:81:c7:62:64:93:21:c5:5d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:50:58 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a1bafbc6ef8a50892bd36b52fa903d52efe86f04acce8116931754dff438ea30, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a6:39:83:15:d7:22:e7:f2:7d:7c:7f:61:bb:
c8:4a:12:14:4d:95:56:5c:12:8d:1e:b5:bb:39:aa:
61:79:d0:66:cc:aa:9c:71:fd:de:1f:1f:39:9e:48:
a3:cd:7b:27:e5:59:b1:24:f3:d7:01:06:1a:4b:80:
e3:39:2c:6c:f4:ef:6e:79:7e:c3:53:5a:f6:e8:fa:
40:66:a2:58:73:f6:d2:bd:2a:6e:3e:c5:ca:54:fd:
fe:60:ed:6f:62:4d:dc:b0:d4:30:9f:f0:83:be:b2:
cf:6b:0d:a2:1c:c5:b7:bf:61:fb:1b:a6:bb:4a:1e:
c7:cd:87:36:c7:72:e6:f0:75:60:1e:0b:3c:f3:4e:
bf:01:90:2b:fe:3b:0b:70:6a:2d:62:62:d0:b8:57:
fa:ff:13:54:0f:ec:10:34:a8:3f:60:a9:94:22:95:
70:20:7a:58:2d:0d:4b:91:4d:d3:70:9a:94:9f:62:
e8:f4:0d:ce:5c:c5:f6:d8:ea:29:81:10:40:f8:b4:
4f:fe:57:0e:e6:4d:78:e1:ce:25:a1:3e:09:e8:14:
a0:92:b5:ea:dc:85:67:f7:af:e5:ad:8d:0b:07:9b:
6b:5f:30:e2:06:48:15:25:ef:87:ec:f2:00:06:7c:
4c:5e:9b:a4:71:04:e8:f5:f0:f3:c3:96:d0:05:84:
4a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:81:02:D5:CB:39:3E:7C:50:AC:F9:DD:C3:B9:20:F0:41:1F:ED:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
8a:5a:50:8b:1e:c3:43:d1:93:55:da:d5:00:4a:fc:f6:a6:23:
1e:44:c2:44:8e:8c:fa:cb:59:e2:92:a6:37:c6:fd:38:46:2d:
e0:84:c9:e4:5f:ec:79:a9:74:8b:af:94:1f:f3:70:c8:0f:7c:
b7:43:1d:b2:67:df:b7:41:43:63:e2:65:4d:15:7f:24:0f:54:
6a:78:44:ea:ad:21:b3:aa:e1:bd:2e:15:52:a3:90:db:f6:eb:
65:ed:af:55:e3:19:0d:8d:10:c4:c1:b2:f5:99:9f:a5:8c:2a:
33:45:6f:b3:90:10:32:c3:e8:ce:c1:44:76:3a:78:5a:84:29:
9f:5e:aa:59:fd:49:c7:ff:03:db:83:fc:79:1b:03:bf:a8:b1:
71:8f:9d:2a:70:0a:ba:99:d5:cf:0c:8d:e4:e2:7f:ee:80:81:
1a:cf:cc:dd:a2:24:2c:c8:09:a5:c8:1d:df:4b:40:ff:e3:12:
26:0d:62:7f:e8:19:3b:80:38:1c:f2:71:4c:8d:45:fb:58:ea:
70:13:4f:d1:c3:86:ae:19:37:43:51:a8:b9:44:5c:9a:0a:5b:
0b:4c:0d:62:fa:93:5f:91:17:2d:38:cc:a3:0c:47:eb:4e:05:
32:4b:9c:16:2a:a2:92:bd:5a:5d:cf:c8:c9:45:9f:d6:f2:81:
55:7e:ce:42
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVqXFyKrHEECA6lCBx2JkkyHFXUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODUwNThaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGExYmFmYmM2ZWY4YTUwODkyYmQzNmI1MmZhOTAzZDUyZWZlODZmMDRhY2Nl
ODExNjkzMTc1NGRmZjQzOGVhMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOmOYMV1yLn8n18f2G7yEoSFE2VVlwSjR61uzmqYXnQZsyqnHH93h8fOZ5I
o817J+VZsSTz1wEGGkuA4zksbPTvbnl+w1Na9uj6QGaiWHP20r0qbj7FylT9/mDt
b2JN3LDUMJ/wg76yz2sNohzFt79h+xumu0oex82HNsdy5vB1YB4LPPNOvwGQK/47
C3BqLWJi0LhX+v8TVA/sEDSoP2CplCKVcCB6WC0NS5FN03CalJ9i6PQNzlzF9tjq
KYEQQPi0T/5XDuZNeOHOJaE+CegUoJK16tyFZ/ev5a2NCweba18w4gZIFSXvh+zy
AAZ8TF6bpHEE6PXw88OW0AWESqUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTWgQLV
yzk+fFCs+d3DuSDwQR/t5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzExNmVmOTMtYmZmNS00NjJlLWE3MjUtYWU5MDE0N2ZmZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
wDANBgkqhkiG9w0BAQsFAAOCAQEAilpQix7DQ9GTVdrVAEr89qYjHkTCRI6M+stZ
4pKmN8b9OEYt4ITJ5F/seal0i6+UH/NwyA98t0Mdsmfft0FDY+JlTRV/JA9UanhE
6q0hs6rhvS4VUqOQ2/brZe2vVeMZDY0QxMGy9ZmfpYwqM0Vvs5AQMsPozsFEdjp4
WoQpn16qWf1Jx/8D24P8eRsDv6ixcY+dKnAKupnVzwyN5OJ/7oCBGs/M3aIkLMgJ
pcgd30tA/+MSJg1if+gZO4A4HPJxTI1F+1jqcBNP0cOGrhk3Q1GouURcmgpbC0wN
YvqTX5EXLTjMowxH604FMkucFiqikr1aXc/IyUWf1vKBVX7OQg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:23 2025 by rpki-client