Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
File: 76526233-4062-463b-bfd0-bbe1d12891fa.roa (raw, json)
Hash identifier: es6t+8DcI02HfNK8rXGbKfp1k6AY7jUo3e7EGFRx13E=
Subject key identifier: 50:AB:24:36:E4:75:7F:91:A5:16:E4:6D:EA:65:30:70:C9:D0:01:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0BADFD67022E1809ECE2637B0CA9A2030B0B4A6E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
Signing time: Fri 17 Oct 2025 23:20:08 +0000
ROA not before: Fri 17 Oct 2025 23:20:08 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:ad:fd:67:02:2e:18:09:ec:e2:63:7b:0c:a9:a2:03:0b:0b:4a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 17 23:20:08 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=baeede1dfd7f001d9aaecf3358270cdfcd8b06b9c151cf83754f4e18f77611f8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7d:14:a6:7e:a7:49:d5:b2:9b:f3:63:72:bb:
81:e0:da:61:4d:a3:b1:0a:19:fc:08:4a:34:c3:42:
0d:34:c9:22:0a:b7:b5:33:61:8f:33:a0:29:8e:6e:
3a:66:aa:e6:07:be:a0:27:c0:f4:51:bd:2a:d4:e8:
3a:64:38:66:2e:aa:58:07:95:d7:23:dc:93:af:a0:
e0:06:b5:2e:6f:20:5e:4a:48:2c:65:9b:3e:46:bd:
33:70:af:a0:c9:e9:fd:2e:c4:6c:cd:54:2a:6f:c7:
9b:25:2e:62:e0:a7:e1:48:81:95:7a:be:8d:27:98:
ef:47:92:65:f4:57:6f:f3:bf:e0:31:d6:b1:6c:22:
3e:01:ee:84:0e:89:16:5d:f8:fa:47:bb:5a:4f:f0:
08:de:23:69:07:ee:2d:68:8f:19:98:30:8b:f3:65:
c1:5a:a2:38:45:f1:9d:ef:31:a4:d2:1d:d2:34:a6:
ea:e7:85:4d:80:50:35:26:d0:79:67:37:c9:6f:a9:
b9:59:a6:68:0b:89:91:76:10:d5:bc:17:06:a0:55:
7d:97:8e:7a:9d:d5:89:77:78:02:38:a6:84:67:19:
d3:51:30:71:04:a0:09:6e:c5:5b:ef:c5:bc:e7:53:
7f:50:f3:0a:98:da:ad:b8:ee:b5:a2:78:d3:d3:66:
d4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:AB:24:36:E4:75:7F:91:A5:16:E4:6D:EA:65:30:70:C9:D0:01:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4010::/48
Signature Algorithm: sha256WithRSAEncryption
08:77:1a:21:bd:65:a7:bd:d3:55:33:07:24:79:4d:10:50:8d:
33:7e:d5:37:14:47:80:88:e7:78:8d:88:6b:73:ae:ba:f1:73:
e3:30:17:b3:bf:13:c0:37:e2:8e:58:a7:30:93:82:9b:a1:cb:
e9:dd:63:81:6e:24:09:2e:e4:c4:98:ee:81:92:56:46:36:06:
64:77:39:0f:7a:e0:37:37:42:86:6b:1e:9f:ff:90:bc:6a:2e:
77:de:3a:8b:71:ea:61:60:2d:dd:14:96:5a:8a:ca:8d:ff:24:
84:1f:19:ae:e8:6d:0d:b9:3b:4d:fb:0d:98:a5:7d:2c:ca:5b:
dd:3d:5e:99:c7:d4:bc:ac:9f:cb:b3:9a:cb:57:ea:99:2c:c2:
c2:be:0c:eb:1c:08:e6:fc:cb:ff:31:4d:3d:18:8a:0a:8a:2e:
d2:c8:8a:7f:15:54:92:7d:3c:c1:81:90:cf:7f:68:79:7b:59:
71:a4:3c:55:65:50:5b:01:75:99:6c:0a:e9:95:32:89:08:2d:
9d:c5:68:3f:15:b6:8c:d3:85:a6:aa:d0:9a:84:5d:b0:7b:bf:
3e:34:b1:5b:7f:1e:38:38:fd:02:e8:fe:a7:45:9a:9b:b6:93:
65:87:47:6c:7f:fb:ff:d2:ef:a3:68:e0:d1:98:57:0b:63:92:
6a:c6:ed:24
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUC639ZwIuGAns4mN7DKmiAwsLSm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTcyMzIwMDhaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhZWVkZTFkZmQ3ZjAwMWQ5YWFlY2YzMzU4MjcwY2RmY2Q4YjA2YjljMTUx
Y2Y4Mzc1NGY0ZTE4Zjc3NjExZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMh9FKZ+p0nVspvzY3K7geDaYU2jsQoZ/AhKNMNCDTTJIgq3tTNhjzOgKY5u
Omaq5ge+oCfA9FG9KtToOmQ4Zi6qWAeV1yPck6+g4Aa1Lm8gXkpILGWbPka9M3Cv
oMnp/S7EbM1UKm/HmyUuYuCn4UiBlXq+jSeY70eSZfRXb/O/4DHWsWwiPgHuhA6J
Fl34+ke7Wk/wCN4jaQfuLWiPGZgwi/NlwVqiOEXxne8xpNId0jSm6ueFTYBQNSbQ
eWc3yW+puVmmaAuJkXYQ1bwXBqBVfZeOep3ViXd4AjimhGcZ01EwcQSgCW7FW+/F
vOdTf1DzCpjarbjutaJ409Nm1KsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRQqyQ2
5HV/kaUW5G3qZTBwydABTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzY1MjYyMzMtNDA2Mi00NjNiLWJmZDAtYmJlMWQxMjg5MWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
EDANBgkqhkiG9w0BAQsFAAOCAQEACHcaIb1lp73TVTMHJHlNEFCNM37VNxRHgIjn
eI2Ia3OuuvFz4zAXs78TwDfijlinMJOCm6HL6d1jgW4kCS7kxJjugZJWRjYGZHc5
D3rgNzdChmsen/+QvGoud946i3HqYWAt3RSWWorKjf8khB8ZruhtDbk7TfsNmKV9
LMpb3T1emcfUvKyfy7Oay1fqmSzCwr4M6xwI5vzL/zFNPRiKCoou0siKfxVUkn08
wYGQz39oeXtZcaQ8VWVQWwF1mWwK6ZUyiQgtncVoPxW2jNOFpqrQmoRdsHu/PjSx
W38eODj9Auj+p0Wam7aTZYdHbH/7/9Lvo2jg0ZhXC2OSasbtJA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:01:59 2025 by rpki-client