Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73745b45-c65b-482b-9e7a-25a90d279147.roa
File: 73745b45-c65b-482b-9e7a-25a90d279147.roa (raw, json)
Hash identifier: MCTqtNsyUcnRLyr8kqSYjHAPU2yJ7I5ZY1D8BGzCoG4=
Subject key identifier: DF:D4:BE:FB:4D:C8:2B:94:F6:4E:61:C1:AF:F4:63:12:EB:7A:61:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FC7B7CA143DD50A42FF638371FFC7569F463BC9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73745b45-c65b-482b-9e7a-25a90d279147.roa
Signing time: Fri 17 Oct 2025 21:10:18 +0000
ROA not before: Fri 17 Oct 2025 21:10:18 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:c7:b7:ca:14:3d:d5:0a:42:ff:63:83:71:ff:c7:56:9f:46:3b:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 17 21:10:18 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=eee50285db12d2cd86d5aa534baaf8f05f9bdb1b36bd37765d770f6820f251f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:df:4a:c3:89:f5:5f:46:a9:74:5f:89:62:c4:
91:2e:ac:d3:7b:7e:40:f9:f5:bb:df:d9:45:ad:9c:
de:53:50:de:c0:57:a1:08:a4:32:a4:1c:38:be:81:
73:e4:fd:46:8c:f8:8a:b5:ca:4c:89:d9:95:fe:27:
1e:68:e1:93:80:ae:d7:f3:b3:c5:d7:67:10:fa:71:
5e:c6:8f:e2:51:00:36:21:b9:7d:dc:18:af:99:45:
d2:4e:d0:26:7c:35:c2:9a:8b:a3:23:ae:82:70:db:
39:32:75:b3:29:16:21:aa:6b:a3:ef:f0:04:86:31:
b8:ab:27:33:c9:97:70:76:0c:80:69:fd:db:25:ab:
ad:89:49:78:b3:c7:ae:a5:59:89:b3:46:af:41:b1:
a7:0d:f5:ce:65:d1:ec:5d:be:23:13:c2:8e:0e:12:
72:ea:ed:43:81:7b:5d:ef:3f:ea:7f:91:96:f6:65:
20:9c:5b:cd:6e:b8:ba:fb:27:af:4a:db:e6:d1:13:
e2:35:c4:76:40:b3:a1:f3:f5:32:aa:94:dc:22:31:
5d:f6:d2:83:60:24:e4:4a:3d:70:0f:21:85:88:99:
c6:3a:dc:90:76:11:af:30:da:eb:b7:bd:2d:28:e3:
09:72:a0:43:27:68:ef:4c:2e:15:a6:3e:32:d3:f8:
b8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D4:BE:FB:4D:C8:2B:94:F6:4E:61:C1:AF:F4:63:12:EB:7A:61:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73745b45-c65b-482b-9e7a-25a90d279147.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:4000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:31:c3:c5:68:5e:a3:ba:3b:ac:99:06:04:69:ea:8b:23:6f:
91:e3:fc:32:15:0f:e5:a3:17:c6:20:06:21:85:e0:30:9f:d7:
da:4d:b5:0a:64:be:15:f5:08:a4:12:a7:96:ce:ea:b3:90:36:
14:1d:47:51:a6:2a:95:a5:72:3c:4d:ef:73:44:e0:e0:61:c5:
19:ee:1a:5e:53:c4:41:18:f0:8f:6f:9f:e6:b1:2b:f0:18:af:
0d:22:d3:5f:13:65:cf:8d:c8:6c:3e:f2:9b:a1:5e:89:ff:47:
17:58:26:e2:e7:e0:90:1c:8e:9c:83:12:b1:79:b5:f4:cc:1d:
a0:c3:b6:84:c4:1d:69:12:3c:65:9b:06:08:56:b4:0d:10:36:
80:98:da:be:2c:ca:a7:41:d6:ac:95:d9:75:11:ff:a4:3d:d5:
f8:99:a0:11:44:10:16:3a:97:65:84:f1:4e:01:68:f9:f6:d5:
da:2c:4e:d5:24:bf:ae:79:61:4a:82:19:a7:56:df:00:e2:06:
ba:54:c3:ed:e5:c6:ac:81:b6:48:dd:8f:14:30:24:b7:a3:0a:
b9:d9:c2:74:fc:71:0b:f2:95:36:80:5f:1e:50:47:1d:8c:f4:
c9:b8:99:4f:50:05:89:47:c7:2b:ac:7c:99:05:ab:db:07:c4:
17:f5:ee:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD8e3yhQ91QpC/2ODcf/HVp9GO8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTcyMTEwMThaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlZTUwMjg1ZGIxMmQyY2Q4NmQ1YWE1MzRiYWFmOGYwNWY5YmRiMWIzNmJk
Mzc3NjVkNzcwZjY4MjBmMjUxZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3fSsOJ9V9GqXRfiWLEkS6s03t+QPn1u9/ZRa2c3lNQ3sBXoQikMqQcOL6B
c+T9Roz4irXKTInZlf4nHmjhk4Cu1/OzxddnEPpxXsaP4lEANiG5fdwYr5lF0k7Q
Jnw1wpqLoyOugnDbOTJ1sykWIapro+/wBIYxuKsnM8mXcHYMgGn92yWrrYlJeLPH
rqVZibNGr0Gxpw31zmXR7F2+IxPCjg4ScurtQ4F7Xe8/6n+RlvZlIJxbzW64uvsn
r0rb5tET4jXEdkCzofP1MqqU3CIxXfbSg2Ak5Eo9cA8hhYiZxjrckHYRrzDa67e9
LSjjCXKgQydo70wuFaY+MtP4uPsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTf1L77
TcgrlPZOYcGv9GMS63phqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM3NDViNDUtYzY1Yi00ODJiLTllN2EtMjVhOTBkMjc5MTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtA
MA0GCSqGSIb3DQEBCwUAA4IBAQCPMcPFaF6jujusmQYEaeqLI2+R4/wyFQ/loxfG
IAYhheAwn9faTbUKZL4V9QikEqeWzuqzkDYUHUdRpiqVpXI8Te9zRODgYcUZ7hpe
U8RBGPCPb5/msSvwGK8NItNfE2XPjchsPvKboV6J/0cXWCbi5+CQHI6cgxKxebX0
zB2gw7aExB1pEjxlmwYIVrQNEDaAmNq+LMqnQdasldl1Ef+kPdX4maARRBAWOpdl
hPFOAWj59tXaLE7VJL+ueWFKghmnVt8A4ga6VMPt5casgbZI3Y8UMCS3owq52cJ0
/HEL8pU2gF8eUEcdjPTJuJlPUAWJR8crrHyZBavbB8QX9e4S
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:37 2025 by rpki-client