Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
File: 79440387-66a3-4852-a94b-8a3250f20726.roa (raw, json)
Hash identifier: 7Ovwt2zGQ+YCRnZqMbBpBgkGxH5vBOPhRJHDZI975bA=
Subject key identifier: D1:96:FD:D3:9F:84:18:18:5C:39:B2:79:0D:77:96:EF:4F:3C:1E:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42FB3128D1DDC76BDAFC31056CDFCB5923D38B3D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
Signing time: Fri 26 Sep 2025 18:21:05 +0000
ROA not before: Fri 26 Sep 2025 18:21:05 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:fb:31:28:d1:dd:c7:6b:da:fc:31:05:6c:df:cb:59:23:d3:8b:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:21:05 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=912ad584bf8a4283e6493747791b3beba97528adb8c5570f8893ea71dfb83880, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d2:bc:47:4c:59:e5:65:a4:a1:17:a6:77:59:
0a:84:f6:a9:ba:04:dd:c9:f6:1d:fd:13:1d:1e:07:
80:bf:3f:41:7b:94:c9:31:15:af:62:e6:46:9e:b2:
a3:80:02:c9:c5:7f:b9:ee:04:d8:7b:26:c8:ec:4d:
d7:29:b3:e8:85:f1:7b:d8:73:01:3d:93:cf:59:7e:
dd:1c:a3:9e:8d:1d:fb:12:2b:c9:65:12:b6:9b:3e:
38:b7:04:3f:2b:97:c6:11:df:25:95:b0:aa:b6:ca:
67:9a:cf:5a:52:c6:fb:c4:fb:7b:88:a5:a8:b1:a5:
ae:14:92:6c:df:78:f1:1e:e2:34:e2:4f:f7:1f:8a:
6e:89:fa:cb:29:8b:af:9f:4d:1f:6b:68:44:f6:df:
c9:2f:97:9a:cf:0e:6b:48:cf:26:d9:58:89:c8:0a:
ac:6c:f2:95:f8:a6:80:9f:09:2d:2b:22:4d:fc:e1:
13:cc:e7:73:bb:48:eb:36:ea:3f:a1:e6:87:b4:50:
a6:3a:53:31:8a:cf:6b:73:bd:f1:85:cb:f6:8a:ec:
1c:08:37:ac:2d:18:d9:c0:17:91:7a:b2:a4:4c:a9:
22:18:8a:c9:b1:a0:97:f2:78:1f:5d:a8:6f:70:43:
c4:b3:9f:13:5a:be:37:44:ad:05:6c:03:7e:0c:20:
0e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:96:FD:D3:9F:84:18:18:5C:39:B2:79:0D:77:96:EF:4F:3C:1E:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a040::/48
Signature Algorithm: sha256WithRSAEncryption
2e:8d:ae:db:6e:1a:83:0e:c7:6a:6e:57:ab:ec:1a:d0:98:df:
04:09:59:e3:7a:e3:ab:fc:2c:2f:ae:c6:ad:3d:b8:6d:06:c4:
ff:83:1f:cd:1a:ae:d0:50:3f:b0:3e:c6:77:7b:23:1d:de:d2:
fd:bd:7f:34:e4:ae:40:b8:d5:dd:3b:fa:4f:07:63:94:fb:7e:
ed:c4:7e:9a:c3:79:f3:49:e4:f4:53:f0:94:b9:d3:63:3a:6b:
56:90:61:1a:77:43:71:36:ed:d1:d2:ec:ad:eb:71:56:49:38:
1a:03:a6:c6:19:69:76:f3:79:c0:bd:f3:e6:af:36:0c:08:40:
03:32:9f:44:7c:cc:5d:44:61:a8:99:2d:32:ed:2d:41:9f:58:
b1:b9:3e:6f:64:9f:70:4a:24:7c:0d:2d:b3:d8:1f:24:d9:7f:
0f:49:6d:dc:f3:f4:2f:9f:77:d4:39:c3:b9:47:79:3d:f4:08:
c7:e0:90:32:1c:83:ad:04:ff:1f:7f:4c:bd:c1:6a:ec:97:89:
87:42:a9:e0:11:59:96:e8:98:74:e4:91:2c:90:c3:5b:a4:55:
5d:1e:45:d9:a7:68:0f:51:db:77:fd:ef:8a:da:92:8c:58:8c:
b5:ef:85:11:f6:6d:a8:d5:c3:b5:14:c0:bb:fe:52:47:05:1a:
9c:68:e1:06
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQvsxKNHdx2va/DEFbN/LWSPTiz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODIxMDVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxMmFkNTg0YmY4YTQyODNlNjQ5Mzc0Nzc5MWIzYmViYTk3NTI4YWRiOGM1
NTcwZjg4OTNlYTcxZGZiODM4ODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDSvEdMWeVlpKEXpndZCoT2qboE3cn2Hf0THR4HgL8/QXuUyTEVr2LmRp6y
o4ACycV/ue4E2HsmyOxN1ymz6IXxe9hzAT2Tz1l+3Ryjno0d+xIryWUStps+OLcE
PyuXxhHfJZWwqrbKZ5rPWlLG+8T7e4ilqLGlrhSSbN948R7iNOJP9x+Kbon6yymL
r59NH2toRPbfyS+Xms8Oa0jPJtlYicgKrGzylfimgJ8JLSsiTfzhE8znc7tI6zbq
P6Hmh7RQpjpTMYrPa3O98YXL9orsHAg3rC0Y2cAXkXqypEypIhiKybGgl/J4H12o
b3BDxLOfE1q+N0StBWwDfgwgDgUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTRlv3T
n4QYGFw5snkNd5bvTzweyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzk0NDAzODctNjZhMy00ODUyLWE5NGItOGEzMjUwZjIwNzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
QDANBgkqhkiG9w0BAQsFAAOCAQEALo2u224agw7Ham5Xq+wa0JjfBAlZ43rjq/ws
L67GrT24bQbE/4MfzRqu0FA/sD7Gd3sjHd7S/b1/NOSuQLjV3Tv6TwdjlPt+7cR+
msN580nk9FPwlLnTYzprVpBhGndDcTbt0dLsretxVkk4GgOmxhlpdvN5wL3z5q82
DAhAAzKfRHzMXURhqJktMu0tQZ9Ysbk+b2SfcEokfA0ts9gfJNl/D0lt3PP0L593
1DnDuUd5PfQIx+CQMhyDrQT/H39MvcFq7JeJh0Kp4BFZluiYdOSRLJDDW6RVXR5F
2adoD1Hbd/3vitqSjFiMte+FEfZtqNXDtRTAu/5SRwUanGjhBg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:13 2025 by rpki-client