Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
File: 7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa (raw, json)
Hash identifier: snUQBfVPAsil2ZyJw82P6YGLPtw4BsAwBWYa8X3fvbU=
Subject key identifier: A2:61:BD:45:25:C2:D6:9D:AD:A2:24:C4:D0:6A:C8:80:93:F8:50:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5575B25066D3F9027F4C4B541DB17E1F90399E94
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
Signing time: Fri 26 Sep 2025 18:20:21 +0000
ROA not before: Fri 26 Sep 2025 18:20:21 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:75:b2:50:66:d3:f9:02:7f:4c:4b:54:1d:b1:7e:1f:90:39:9e:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:20:21 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=ed9ad132cdd7f7b451c66bef4bc1566499a52261452138167a50d8e4ac3096aa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:78:25:05:ad:e8:66:c4:a5:47:04:af:ee:96:
da:92:8e:ee:28:22:dc:58:7e:2a:17:3c:55:73:9c:
78:1c:5d:2a:8e:62:cd:35:c9:58:8a:77:6b:db:66:
dc:31:1e:ab:4e:a5:b2:46:ff:d9:28:9f:0a:67:8a:
39:5b:7a:c9:a3:15:ac:92:57:d4:21:b4:9b:d1:d3:
1f:45:39:3b:e5:14:d2:e4:77:26:55:aa:b8:3c:3b:
94:ef:aa:6b:eb:53:86:25:77:fc:af:9a:d2:14:55:
c7:4c:95:5e:09:63:03:47:6d:38:5b:0b:53:4e:39:
22:e6:b1:fd:b6:ad:f0:e6:2f:bc:59:64:a8:ff:c6:
e7:da:ea:42:9c:7f:27:27:dd:34:a3:d3:fc:1e:9d:
0f:bb:8a:ed:3a:31:ea:10:a3:3f:a8:00:e2:53:be:
31:42:5e:f0:3d:be:15:3b:c7:25:00:be:34:b6:0d:
d1:27:13:f6:b9:35:b9:08:07:13:45:22:69:47:99:
95:7a:5e:2d:b4:52:c0:f8:47:8b:17:52:1b:2f:f8:
39:60:ef:9c:bc:14:11:dd:0d:40:af:8d:17:37:ab:
80:61:43:bc:b4:16:fb:58:45:44:76:e0:ed:cb:8c:
c6:e3:8b:e8:ad:d9:c3:9d:89:1c:87:8f:6b:3a:d8:
79:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:61:BD:45:25:C2:D6:9D:AD:A2:24:C4:D0:6A:C8:80:93:F8:50:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
49:00:04:b2:9c:5b:e5:99:cf:0c:86:17:1d:63:b7:2a:bc:00:
1e:02:25:ec:bc:69:2a:85:1b:42:51:4f:1b:3a:e6:94:c1:f7:
f0:a9:ab:87:c6:9f:d6:2d:df:6f:e7:30:38:54:0e:39:3a:a3:
7b:5c:97:c7:31:63:9f:f2:de:6a:2e:25:09:a6:46:a5:54:ae:
46:3a:6d:c3:be:99:cf:70:3e:33:7d:5f:df:94:79:bc:c6:43:
3e:26:2b:1a:c4:be:e6:40:52:1d:eb:fd:70:bf:a2:28:56:28:
c1:9e:3b:e7:eb:8b:ce:d9:c8:54:d6:89:a9:75:f9:0b:98:5b:
07:e7:06:c9:b8:e5:2b:72:6f:c3:44:15:0b:78:0a:0e:ca:f8:
b6:01:5c:90:05:0a:53:e6:c2:72:80:c0:ab:41:7d:c5:78:fa:
41:5f:32:02:86:c0:ab:91:af:fc:31:e7:a5:10:9e:f2:8a:e0:
72:b9:fb:e8:0f:f9:5b:9b:23:3b:9e:a5:48:7b:c7:13:c1:99:
6a:04:58:f8:44:2c:68:3c:9f:99:5b:f2:29:0e:08:6f:36:e0:
0b:46:79:0c:53:d9:b3:c1:52:df:2d:4c:6d:7f:fd:30:f6:0f:
93:b0:e4:56:52:a5:15:b8:24:d1:2f:ae:bd:11:cc:16:56:77:
b3:0f:e4:3e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVXWyUGbT+QJ/TEtUHbF+H5A5npQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODIwMjFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkOWFkMTMyY2RkN2Y3YjQ1MWM2NmJlZjRiYzE1NjY0OTlhNTIyNjE0NTIx
MzgxNjdhNTBkOGU0YWMzMDk2YWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKh4JQWt6GbEpUcEr+6W2pKO7igi3Fh+Khc8VXOceBxdKo5izTXJWIp3a9tm
3DEeq06lskb/2SifCmeKOVt6yaMVrJJX1CG0m9HTH0U5O+UU0uR3JlWquDw7lO+q
a+tThiV3/K+a0hRVx0yVXgljA0dtOFsLU045Iuax/bat8OYvvFlkqP/G59rqQpx/
JyfdNKPT/B6dD7uK7Tox6hCjP6gA4lO+MUJe8D2+FTvHJQC+NLYN0ScT9rk1uQgH
E0UiaUeZlXpeLbRSwPhHixdSGy/4OWDvnLwUEd0NQK+NFzergGFDvLQW+1hFRHbg
7cuMxuOL6K3Zw52JHIePazrYeXECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSiYb1F
JcLWna2iJMTQasiAk/hQWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E2ZDVjNGQtNDBkZC00NTc3LTk1MjAtYTJhYzI4NmM4MTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
wDANBgkqhkiG9w0BAQsFAAOCAQEASQAEspxb5ZnPDIYXHWO3KrwAHgIl7LxpKoUb
QlFPGzrmlMH38Kmrh8af1i3fb+cwOFQOOTqje1yXxzFjn/Leai4lCaZGpVSuRjpt
w76Zz3A+M31f35R5vMZDPiYrGsS+5kBSHev9cL+iKFYowZ475+uLztnIVNaJqXX5
C5hbB+cGybjlK3Jvw0QVC3gKDsr4tgFckAUKU+bCcoDAq0F9xXj6QV8yAobAq5Gv
/DHnpRCe8orgcrn76A/5W5sjO56lSHvHE8GZagRY+EQsaDyfmVvyKQ4IbzbgC0Z5
DFPZs8FS3y1MbX/9MPYPk7DkVlKlFbgk0S+uvRHMFlZ3sw/kPg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:37 2025 by rpki-client