Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa
File: 757087af-5baf-4a2f-a9ec-dbadb47313e2.roa (raw, json)
Hash identifier: /RajvbrzPwvbGwCBtwLhoD2fjP5F5euKcQN+iIp3C+8=
Subject key identifier: 1F:0F:E2:4A:17:0D:FD:D5:70:E7:A8:8C:17:1C:71:F2:83:AD:9B:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1BF4D37C1D7AE1BC3E747E2D60BEEB494E3C15EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa
Signing time: Fri 26 Sep 2025 18:40:25 +0000
ROA not before: Fri 26 Sep 2025 18:40:25 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:50c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:f4:d3:7c:1d:7a:e1:bc:3e:74:7e:2d:60:be:eb:49:4e:3c:15:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:40:25 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=92cf5983cdf45ca2202cd42ae058f82702ad73ad91efd90fe8b9c4a25fe72855, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:de:75:be:6e:20:05:9a:8c:9b:ef:17:f2:f5:
af:36:e6:34:32:af:ec:e1:43:85:db:a4:a4:01:dc:
8e:39:ee:ed:93:a7:0a:93:e0:33:26:d1:d2:41:98:
d8:28:fd:fd:74:fa:e1:9f:a0:ef:ea:5c:2f:60:60:
a5:8a:81:10:c7:c9:77:f8:69:5a:06:d9:c6:05:1a:
8c:e7:92:45:f9:56:f4:11:a7:ba:58:59:35:0c:10:
9a:12:94:33:23:fc:b8:93:b8:52:b8:85:56:c1:1a:
c8:23:0e:69:87:41:54:68:17:85:58:51:a2:ac:8b:
19:17:fd:f1:55:bf:a5:16:0f:22:da:43:9b:ea:2c:
fd:48:fb:db:ed:a9:a8:3e:0d:82:a4:9a:9c:f3:64:
fc:5a:05:3e:22:e6:4a:2b:ce:12:8d:3e:25:c4:30:
a2:74:85:c1:44:eb:4b:e8:f0:4b:62:af:4f:8a:e6:
31:20:0e:93:1f:91:c1:31:84:54:f5:ed:be:04:db:
60:e1:c7:ce:cc:2b:58:2e:ff:db:d7:59:82:3c:9d:
0e:98:76:1a:3e:3a:e0:5e:88:4d:57:b6:8d:a9:b6:
97:e2:10:eb:75:42:a4:d6:5d:63:ae:f7:cb:57:e9:
7a:34:e8:d4:35:49:1a:88:c5:d7:72:85:cf:75:9c:
5d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:0F:E2:4A:17:0D:FD:D5:70:E7:A8:8C:17:1C:71:F2:83:AD:9B:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
7b:f9:39:2a:85:53:a8:b7:ac:51:0d:61:f5:a2:50:9e:2b:ce:
f5:61:ae:63:b9:b8:38:05:e5:df:9b:12:aa:cb:e5:8c:e7:6a:
56:cb:4a:91:cb:6b:1a:b4:e0:f3:33:19:17:f9:a1:2d:60:e9:
df:e3:fd:f8:43:a3:6c:48:80:19:50:6d:99:ac:e4:64:b7:30:
34:58:7e:08:0c:43:f0:01:59:70:da:9c:05:8f:3b:3f:ea:46:
46:83:0a:b0:bf:af:ec:9c:64:87:b3:24:d7:6c:24:ea:26:69:
9b:41:49:26:79:05:21:f8:36:23:29:5b:8f:1e:e5:8e:22:c0:
69:38:ed:1d:ae:13:61:f1:c3:34:70:ac:39:6b:2c:b5:c9:27:
64:b1:2e:0e:01:be:70:fc:bf:67:50:af:ff:b5:bc:75:0c:98:
d6:23:cb:2e:87:a9:66:98:18:b6:7f:be:5f:33:74:a6:81:ee:
6c:94:4d:32:11:25:7a:82:4e:f6:97:8f:a3:20:d6:50:68:b9:
1d:19:25:5b:c5:78:15:5e:1e:0d:49:9a:56:65:17:b7:aa:51:
9f:ef:c7:d3:0f:ac:82:0f:d6:b3:16:ff:07:76:01:b2:36:22:
98:e8:42:5f:ba:e5:2e:6d:e3:10:c8:4a:3a:4e:85:6e:ae:62:
ff:76:9b:bd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUG/TTfB164bw+dH4tYL7rSU48FewwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQwMjVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyY2Y1OTgzY2RmNDVjYTIyMDJjZDQyYWUwNThmODI3MDJhZDczYWQ5MWVm
ZDkwZmU4YjljNGEyNWZlNzI4NTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJHedb5uIAWajJvvF/L1rzbmNDKv7OFDhdukpAHcjjnu7ZOnCpPgMybR0kGY
2Cj9/XT64Z+g7+pcL2BgpYqBEMfJd/hpWgbZxgUajOeSRflW9BGnulhZNQwQmhKU
MyP8uJO4UriFVsEayCMOaYdBVGgXhVhRoqyLGRf98VW/pRYPItpDm+os/Uj72+2p
qD4NgqSanPNk/FoFPiLmSivOEo0+JcQwonSFwUTrS+jwS2KvT4rmMSAOkx+RwTGE
VPXtvgTbYOHHzswrWC7/29dZgjydDph2Gj464F6ITVe2jam2l+IQ63VCpNZdY673
y1fpejTo1DVJGojF13KFz3WcXUECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQfD+JK
Fw391XDnqIwXHHHyg62bFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU3MDg3YWYtNWJhZi00YTJmLWE5ZWMtZGJhZGI0NzMxM2UyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAe/k5KoVTqLesUQ1h9aJQnivO9WGuY7m4OAXl
35sSqsvljOdqVstKkctrGrTg8zMZF/mhLWDp3+P9+EOjbEiAGVBtmazkZLcwNFh+
CAxD8AFZcNqcBY87P+pGRoMKsL+v7Jxkh7Mk12wk6iZpm0FJJnkFIfg2Iylbjx7l
jiLAaTjtHa4TYfHDNHCsOWsstcknZLEuDgG+cPy/Z1Cv/7W8dQyY1iPLLoepZpgY
tn++XzN0poHubJRNMhEleoJO9pePoyDWUGi5HRklW8V4FV4eDUmaVmUXt6pRn+/H
0w+sgg/Wsxb/B3YBsjYimOhCX7rlLm3jEMhKOk6Fbq5i/3abvQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:23 2025 by rpki-client