Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
File: 7a025e69-9e3e-460c-9734-42e9bd14485c.roa (raw, json)
Hash identifier: VgfjoJ9bzKzi4+cfnMiAbbGTRgmBcHBUWTczlz6t3jw=
Subject key identifier: 4F:71:53:25:3E:A6:29:83:C7:EB:C6:4F:90:EC:93:18:38:A7:E7:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 789219A81774A4FDD2C680D042C4008677BF9F35
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
Signing time: Mon 13 Oct 2025 17:55:57 +0000
ROA not before: Mon 13 Oct 2025 17:55:57 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:92:19:a8:17:74:a4:fd:d2:c6:80:d0:42:c4:00:86:77:bf:9f:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:55:57 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=b247e92d5c7c2ec25318f509fdbac3fa44d727779adcf72391b125045894fe09, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b4:c5:d8:fe:85:e7:b6:14:e7:ff:f7:93:2d:
d1:9e:18:0a:f2:80:a9:a5:16:37:03:61:98:ed:48:
83:ce:3d:8b:91:0e:59:4d:8b:69:23:d5:f2:8f:95:
92:ee:2e:e4:fc:0d:38:fe:a2:31:5f:99:e7:85:36:
8a:a8:1a:ad:8a:17:32:2f:60:a4:69:65:6d:aa:81:
d0:ba:fc:85:52:70:22:01:f0:77:7b:05:13:22:bc:
1b:53:d6:cd:67:c2:d1:df:ac:2a:63:3d:78:3d:ad:
bb:93:d5:e1:54:93:44:d5:54:4c:4b:99:08:2d:3f:
fe:a7:94:f9:87:8e:bb:f1:0d:d8:2d:ff:ef:9a:f3:
ac:73:4e:4a:01:f0:5b:73:2f:95:26:da:e3:ab:d4:
82:ef:69:45:98:65:50:75:54:71:dc:66:d2:6a:44:
8a:b2:b2:2d:98:76:bc:92:30:3d:5f:48:a5:2b:e6:
7d:27:65:8e:f3:dd:e7:59:93:86:75:7e:d3:a8:76:
15:09:a9:81:21:92:aa:39:db:80:2c:98:4a:cc:b6:
dd:8f:f0:e5:00:39:b0:5e:b3:2f:2f:c8:dd:7b:3c:
1f:40:58:f8:71:84:95:7b:4a:08:90:3c:6d:da:67:
0c:61:c0:84:7f:f3:50:ef:37:63:3a:b8:7b:d0:69:
d4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:71:53:25:3E:A6:29:83:C7:EB:C6:4F:90:EC:93:18:38:A7:E7:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:6000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:88:15:99:38:77:10:c6:a9:be:2c:b9:b8:f3:56:93:e0:8e:
de:03:e4:35:ae:fc:e9:95:54:53:a2:d6:8d:b7:fd:88:6c:cb:
77:a9:a7:15:b7:74:8f:1c:9d:93:fa:e5:6e:69:63:48:31:17:
77:a1:94:78:c8:85:3e:03:87:46:88:1d:52:43:f1:93:76:11:
ca:6b:b9:87:33:15:e9:66:69:02:0a:b0:47:f2:57:39:b0:b4:
c5:4f:f1:da:72:34:71:80:32:7b:b3:1a:8e:c2:77:e0:47:cf:
cf:e7:ce:6d:ec:ff:bd:86:f0:d6:1f:c6:dc:eb:51:90:11:65:
00:b5:65:18:f8:0e:c8:e7:d5:0b:cb:f6:c1:91:ff:f9:68:8e:
73:a9:75:00:b6:a7:a9:3b:02:bd:98:cf:fb:81:43:24:4f:d5:
54:e8:a8:75:8d:4a:b0:6f:79:2e:a7:6e:44:51:9c:cd:42:5b:
04:8d:52:ad:75:c0:75:bc:d2:08:7e:d5:a6:3f:ce:30:bd:12:
31:92:eb:05:ed:d1:07:3f:20:dd:7c:3a:9b:83:4d:e0:bd:1b:
c5:27:9c:88:6b:ee:75:27:cb:ae:90:af:95:9d:ed:ed:fd:7b:
62:e4:6c:e3:78:4e:a6:e6:84:6e:01:cd:0f:45:f3:bf:aa:49:
cf:8c:98:c2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeJIZqBd0pP3SxoDQQsQAhne/nzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU1NTdaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyNDdlOTJkNWM3YzJlYzI1MzE4ZjUwOWZkYmFjM2ZhNDRkNzI3Nzc5YWRj
ZjcyMzkxYjEyNTA0NTg5NGZlMDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+0xdj+hee2FOf/95Mt0Z4YCvKAqaUWNwNhmO1Ig849i5EOWU2LaSPV8o+V
ku4u5PwNOP6iMV+Z54U2iqgarYoXMi9gpGllbaqB0Lr8hVJwIgHwd3sFEyK8G1PW
zWfC0d+sKmM9eD2tu5PV4VSTRNVUTEuZCC0//qeU+YeOu/EN2C3/75rzrHNOSgHw
W3MvlSba46vUgu9pRZhlUHVUcdxm0mpEirKyLZh2vJIwPV9IpSvmfSdljvPd51mT
hnV+06h2FQmpgSGSqjnbgCyYSsy23Y/w5QA5sF6zLy/I3Xs8H0BY+HGElXtKCJA8
bdpnDGHAhH/zUO83Yzq4e9Bp1MMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRPcVMl
PqYpg8frxk+Q7JMYOKfn5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EwMjVlNjktOWUzZS00NjBjLTk3MzQtNDJlOWJkMTQ0ODVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg
MA0GCSqGSIb3DQEBCwUAA4IBAQB+iBWZOHcQxqm+LLm481aT4I7eA+Q1rvzplVRT
otaNt/2IbMt3qacVt3SPHJ2T+uVuaWNIMRd3oZR4yIU+A4dGiB1SQ/GTdhHKa7mH
MxXpZmkCCrBH8lc5sLTFT/HacjRxgDJ7sxqOwnfgR8/P585t7P+9hvDWH8bc61GQ
EWUAtWUY+A7I59ULy/bBkf/5aI5zqXUAtqepOwK9mM/7gUMkT9VU6Kh1jUqwb3ku
p25EUZzNQlsEjVKtdcB1vNIIftWmP84wvRIxkusF7dEHPyDdfDqbg03gvRvFJ5yI
a+51J8uukK+Vne3t/Xti5GzjeE6m5oRuAc0PRfO/qknPjJjC
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:18:43 2025 by rpki-client