Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
File: 74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa (raw, json)
Hash identifier: 9GwcP+aey/wzca5q8p13hhNH3gZ93tYyFJFc1HPxvCs=
Subject key identifier: 42:1F:5E:AA:50:06:91:F5:C1:B8:29:38:8D:02:B0:EA:CF:5A:87:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06C8844252A3DEC3C7E8E3E28F21AE5374FDAE4B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
Signing time: Sun 19 Oct 2025 23:50:07 +0000
ROA not before: Sun 19 Oct 2025 23:50:07 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:c8:84:42:52:a3:de:c3:c7:e8:e3:e2:8f:21:ae:53:74:fd:ae:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 19 23:50:07 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=5489d42f747eccdcb72c7bab2a8761e9bd76b31ba8a2aa3c14f41c81a523ab36, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:74:85:a8:54:9a:c7:24:52:1d:05:63:27:51:
c0:5f:d2:d6:79:be:0b:05:15:6a:13:34:56:39:30:
f8:d2:ba:72:11:8a:f2:08:79:3a:d3:03:b3:a8:7d:
d3:53:df:66:24:57:3b:95:d9:08:71:11:90:10:f1:
22:14:12:47:81:38:b4:93:b1:19:5d:9d:c1:35:af:
f2:ee:e7:2e:f2:0e:81:e4:d7:39:80:72:2f:2c:ab:
fe:95:6e:13:3c:f0:ab:4b:63:40:b7:04:8b:b8:7f:
02:e7:2f:4a:93:fc:2b:43:e8:b9:ba:f1:52:1a:2e:
81:8e:4d:d3:86:07:75:71:1d:f0:94:9d:88:7d:97:
97:c8:c3:aa:41:32:75:68:a5:b1:c7:9c:80:41:bd:
7e:fa:a8:d5:70:0a:ea:8e:4d:12:45:d2:d7:97:b8:
35:5f:f6:04:cb:f9:79:31:cf:c3:a2:44:11:18:d6:
b8:ab:84:48:db:39:fe:3a:13:7e:6b:7e:cc:75:ed:
0e:22:3f:8b:e4:3b:80:a5:21:27:af:0c:a0:9c:ad:
9f:81:10:59:69:69:34:ab:a4:94:79:25:fa:89:f6:
5a:f3:8b:42:2b:d0:ee:de:9a:58:8a:61:72:9c:3e:
8f:2f:46:07:92:2e:57:11:09:62:29:be:71:e3:bb:
8f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:1F:5E:AA:50:06:91:F5:C1:B8:29:38:8D:02:B0:EA:CF:5A:87:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:880::/48
Signature Algorithm: sha256WithRSAEncryption
7f:9a:f0:f7:89:aa:35:8c:53:f5:de:e6:16:a5:c0:b4:64:b6:
51:06:47:cd:5a:dd:6a:29:fc:c6:90:32:e3:e6:d5:ea:51:51:
f7:e9:37:f5:16:4b:5d:74:81:eb:d1:83:ca:17:d2:70:7e:20:
cd:56:b1:ea:0a:f8:c9:12:41:0c:5e:11:ae:14:a2:d3:7f:ec:
c2:e2:50:79:d8:5a:c7:98:c9:52:c8:e1:b0:ee:32:4c:2f:d2:
a8:25:37:e8:a1:8b:2f:a4:45:50:6b:bc:4c:c3:50:11:3e:d7:
6e:92:d2:6f:9f:ac:e6:fc:03:00:45:40:cf:a7:98:f3:9c:01:
3e:78:7c:3a:ba:0d:81:79:a0:fb:6a:5a:bb:e3:46:09:29:77:
6b:a7:80:19:b7:21:d6:f3:a5:2e:e4:4b:15:2d:8f:5b:11:60:
57:df:f2:01:68:66:9d:08:c1:fd:a3:19:fa:2e:aa:eb:46:8b:
62:ed:00:c9:27:69:90:70:5b:c6:db:0c:33:78:8c:cb:a9:14:
ba:9f:e6:e0:60:e9:dd:52:c5:2e:b6:2a:c5:6d:e3:64:7b:90:
7d:8a:63:b1:26:46:a9:64:ff:75:7e:8d:54:be:09:db:1a:a7:
e5:4c:80:8a:d4:e0:b4:f5:21:f2:77:6d:f9:d2:1f:a5:4d:c9:
6c:39:f2:81
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBsiEQlKj3sPH6OPijyGuU3T9rkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTkyMzUwMDdaFw0yNTExMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0ODlkNDJmNzQ3ZWNjZGNiNzJjN2JhYjJhODc2MWU5YmQ3NmIzMWJhOGEy
YWEzYzE0ZjQxYzgxYTUyM2FiMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPp0hahUmsckUh0FYydRwF/S1nm+CwUVahM0Vjkw+NK6chGK8gh5OtMDs6h9
01PfZiRXO5XZCHERkBDxIhQSR4E4tJOxGV2dwTWv8u7nLvIOgeTXOYByLyyr/pVu
Ezzwq0tjQLcEi7h/AucvSpP8K0PoubrxUhougY5N04YHdXEd8JSdiH2Xl8jDqkEy
dWilscecgEG9fvqo1XAK6o5NEkXS15e4NV/2BMv5eTHPw6JEERjWuKuESNs5/joT
fmt+zHXtDiI/i+Q7gKUhJ68MoJytn4EQWWlpNKuklHkl+on2WvOLQivQ7t6aWIph
cpw+jy9GB5IuVxEJYim+ceO7jzcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRCH16q
UAaR9cG4KTiNArDqz1qHzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRmNDFjYzktYmEwZS00NmQ5LWE3NzQtNDVmNmEwMzBhM2Y0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
gDANBgkqhkiG9w0BAQsFAAOCAQEAf5rw94mqNYxT9d7mFqXAtGS2UQZHzVrdain8
xpAy4+bV6lFR9+k39RZLXXSB69GDyhfScH4gzVax6gr4yRJBDF4RrhSi03/swuJQ
edhax5jJUsjhsO4yTC/SqCU36KGLL6RFUGu8TMNQET7XbpLSb5+s5vwDAEVAz6eY
85wBPnh8OroNgXmg+2pau+NGCSl3a6eAGbch1vOlLuRLFS2PWxFgV9/yAWhmnQjB
/aMZ+i6q60aLYu0AySdpkHBbxtsMM3iMy6kUup/m4GDp3VLFLrYqxW3jZHuQfYpj
sSZGqWT/dX6NVL4J2xqn5UyAitTgtPUh8ndt+dIfpU3JbDnygQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:45 2025 by rpki-client