Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
File: 76a60505-d74d-4741-a42e-97a09bb6b2a1.roa (raw, json)
Hash identifier: UY5xowCtmUVkLoGgYALcKf9AGPBHX1H/Fnt3B30gVpw=
Subject key identifier: B0:B0:0B:0E:FC:5D:E1:62:6D:F4:DF:E0:24:CB:6E:CE:F6:34:7D:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DEF2A2C149BB90B8D7095AA3D987AB2994ED275
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
Signing time: Fri 26 Sep 2025 19:00:56 +0000
ROA not before: Fri 26 Sep 2025 19:00:56 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:ef:2a:2c:14:9b:b9:0b:8d:70:95:aa:3d:98:7a:b2:99:4e:d2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:00:56 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=cd474c3b9b999b60576587eb004aa79603c52a31fb2a1f3abdf1df8f6cd30872, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fb:81:7b:d9:de:5a:f8:2b:5b:83:6d:92:61:
fd:ad:c0:ae:ae:44:bd:9b:bd:81:37:cb:05:45:8d:
3d:de:e8:5c:86:8f:92:8c:cf:fe:1d:44:9f:f6:08:
7c:79:e9:0e:a5:5d:66:1c:45:e2:91:11:48:43:86:
93:91:ca:e0:2a:39:04:2d:dc:b0:c1:1c:b9:61:ae:
b9:8a:8a:03:93:64:42:47:fd:fd:23:d7:9f:de:08:
e4:b5:05:36:eb:7b:7d:80:8e:b3:d4:e7:05:6f:62:
ba:35:1c:7d:d7:e9:66:d2:1a:64:16:c6:c0:d0:99:
26:51:9b:64:3c:34:10:a7:e5:0e:6c:ac:2c:35:92:
6b:eb:40:52:9b:a9:06:09:81:4b:4e:c7:61:5f:17:
26:bd:07:89:67:37:b7:22:9d:5d:0d:bc:c6:23:d8:
74:ba:26:a8:b7:37:b8:d4:a9:4b:00:28:4d:9d:5a:
2c:6d:6a:c9:ca:90:0d:49:cb:3a:48:63:ad:8f:4e:
03:88:f8:c8:6b:c8:96:fd:11:1b:63:f0:9a:84:48:
06:5c:c4:a3:e3:94:99:de:c8:a0:b7:c4:3d:05:6e:
ff:81:35:5f:8a:cc:de:d4:5f:0f:4c:75:3b:17:f0:
2c:fb:b2:4f:d0:4e:f6:d0:38:ee:6a:2d:50:c5:bf:
22:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B0:0B:0E:FC:5D:E1:62:6D:F4:DF:E0:24:CB:6E:CE:F6:34:7D:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8080::/48
Signature Algorithm: sha256WithRSAEncryption
64:f1:cb:c4:b7:73:cc:ff:ff:a3:8c:c8:ac:e3:7c:97:30:a3:
6a:53:14:1c:b1:6a:d9:28:26:de:3b:1e:14:12:b9:69:08:1a:
eb:72:84:65:98:89:ff:f7:4c:61:a5:c0:f7:2c:d0:51:8e:8e:
c3:ad:d8:bc:9e:b7:59:3b:d1:c2:3e:b6:98:ee:89:4b:1a:ec:
eb:36:ed:7a:9c:0f:28:24:68:23:b7:69:f6:14:dd:8b:53:5d:
cc:5e:52:92:4f:d7:c1:eb:56:61:c3:f2:05:65:b9:c7:9d:c9:
c6:21:8a:6c:ef:1b:14:39:38:46:c1:bc:45:48:cf:9c:e9:97:
7a:ae:d8:ca:cb:d2:b7:41:81:d5:17:22:c6:ac:e2:ff:2b:8a:
f0:41:76:ab:9c:02:ec:1b:76:f6:f3:c7:e5:e2:7d:e7:5d:6e:
c1:7a:1a:ab:18:a8:43:05:8f:20:86:63:cb:a4:04:7f:da:c7:
77:3d:1a:bc:c8:c6:2f:69:c5:fd:09:02:d5:2f:83:6f:e5:e7:
fd:2b:76:ac:96:71:5f:4d:f7:55:e6:cb:26:28:37:85:28:35:
e0:f4:b6:e4:28:e4:24:37:5d:a7:d2:7e:32:b8:95:61:e6:5d:
4f:cd:0f:df:c5:92:4a:cc:b4:f6:77:15:6a:87:45:7c:de:37:
ae:e6:13:bf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbe8qLBSbuQuNcJWqPZh6splO0nUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTAwNTZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkNDc0YzNiOWI5OTliNjA1NzY1ODdlYjAwNGFhNzk2MDNjNTJhMzFmYjJh
MWYzYWJkZjFkZjhmNmNkMzA4NzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK37gXvZ3lr4K1uDbZJh/a3Arq5EvZu9gTfLBUWNPd7oXIaPkozP/h1En/YI
fHnpDqVdZhxF4pERSEOGk5HK4Co5BC3csMEcuWGuuYqKA5NkQkf9/SPXn94I5LUF
Nut7fYCOs9TnBW9iujUcfdfpZtIaZBbGwNCZJlGbZDw0EKflDmysLDWSa+tAUpup
BgmBS07HYV8XJr0HiWc3tyKdXQ28xiPYdLomqLc3uNSpSwAoTZ1aLG1qycqQDUnL
OkhjrY9OA4j4yGvIlv0RG2PwmoRIBlzEo+OUmd7IoLfEPQVu/4E1X4rM3tRfD0x1
OxfwLPuyT9BO9tA47motUMW/Ig8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSwsAsO
/F3hYm303+Aky27O9jR9XzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzZhNjA1MDUtZDc0ZC00NzQxLWE0MmUtOTdhMDliYjZiMmExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
gDANBgkqhkiG9w0BAQsFAAOCAQEAZPHLxLdzzP//o4zIrON8lzCjalMUHLFq2Sgm
3jseFBK5aQga63KEZZiJ//dMYaXA9yzQUY6Ow63YvJ63WTvRwj62mO6JSxrs6zbt
epwPKCRoI7dp9hTdi1NdzF5Skk/XwetWYcPyBWW5x53JxiGKbO8bFDk4RsG8RUjP
nOmXeq7YysvSt0GB1Rcixqzi/yuK8EF2q5wC7Bt29vPH5eJ9511uwXoaqxioQwWP
IIZjy6QEf9rHdz0avMjGL2nF/QkC1S+Db+Xn/St2rJZxX033VebLJig3hSg14PS2
5CjkJDddp9J+MriVYeZdT80P38WSSsy09ncVaodFfN43ruYTvw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:58 2025 by rpki-client