Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b5f45a2-ab79-4ad3-a09e-87b355f76732.roa
File: 7b5f45a2-ab79-4ad3-a09e-87b355f76732.roa (raw, json)
Hash identifier: pIvCSVIrz4LphKW8XtrerD7MNk2Nj/XlLD3ey31Q+dE=
Subject key identifier: C0:12:2F:C6:14:E6:99:20:BA:76:24:51:3B:C5:85:66:13:5C:11:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F642702225BEDDBC6C94DE2B862EE8F941D4352
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b5f45a2-ab79-4ad3-a09e-87b355f76732.roa
Signing time: Fri 26 Sep 2025 18:20:22 +0000
ROA not before: Fri 26 Sep 2025 18:20:22 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:64:27:02:22:5b:ed:db:c6:c9:4d:e2:b8:62:ee:8f:94:1d:43:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:20:22 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=44d2cba0ccefdf9404947f3589420b2973baf5791f9df0fbe2827fdb08620508, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:46:87:17:93:7c:ac:7b:7a:11:f4:1f:ad:3e:
69:8e:6c:95:60:7d:a9:9d:8a:5e:69:97:b2:a2:a4:
c7:28:22:53:50:b6:8c:f7:bc:79:37:5a:d1:1a:c0:
5f:cc:b3:90:d2:fe:b9:73:04:a0:ca:b3:e5:95:0f:
8a:fc:4e:ab:85:f9:27:34:64:8a:a2:42:b3:3e:66:
d8:43:25:68:61:fe:63:90:b1:77:73:29:11:70:ae:
dd:d6:a8:a9:ea:e8:64:f4:72:16:0d:d8:96:f7:88:
9e:6e:6e:19:30:ae:ec:66:42:98:f9:64:81:3c:fa:
1a:a4:cd:7c:1f:6e:0c:a5:25:d0:d1:36:db:7d:e1:
1f:16:f0:37:9b:ec:3f:99:ee:5a:88:b0:87:6d:5e:
c7:6b:83:a1:e4:b1:f2:2c:1c:76:db:7d:a9:4c:6f:
69:b6:b7:01:4d:9d:1f:53:d2:11:71:94:25:59:cc:
c7:91:55:0d:44:e2:76:8e:9d:ff:c6:a8:f7:f1:24:
45:56:1c:fa:15:14:b3:27:5f:51:0f:10:a3:7b:81:
06:27:d4:13:ca:6e:5c:bf:5c:0f:82:d9:69:80:05:
56:2d:af:cc:3c:ee:45:c8:a3:a5:10:23:10:c5:ce:
82:2c:cb:9a:0b:df:21:25:ee:a9:dd:bc:18:1b:1d:
68:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:12:2F:C6:14:E6:99:20:BA:76:24:51:3B:C5:85:66:13:5C:11:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b5f45a2-ab79-4ad3-a09e-87b355f76732.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e080::/48
Signature Algorithm: sha256WithRSAEncryption
81:8c:58:f6:21:cf:40:ed:de:ca:3e:07:5f:a8:3a:8d:48:fc:
8b:18:44:11:4d:ae:47:66:03:5f:55:ab:dd:4a:b8:5f:32:29:
67:08:81:b2:7f:e8:9d:51:2b:01:e5:bf:67:ca:a2:5d:dc:2d:
68:1d:c9:69:56:2e:3f:9c:d6:f3:8c:1a:52:f5:14:54:5a:37:
0d:1b:4a:40:a2:4b:a5:61:32:99:6a:b3:75:c9:38:a1:7d:fa:
86:89:a2:bb:5f:a4:b9:1e:8f:3a:44:ad:dd:4c:ef:0e:03:30:
e3:de:86:c3:55:3a:b6:fa:db:96:62:41:ab:35:21:c1:fe:62:
1c:d9:3c:de:c1:81:19:87:48:dc:9c:c0:36:7c:0e:d8:86:58:
65:a3:ff:d1:fb:44:e8:bd:72:6a:29:70:d4:b0:49:8d:9b:5f:
4d:a4:a9:83:a6:bd:ee:8c:3a:9d:66:43:ae:41:f9:67:70:7f:
9e:21:16:42:dd:c2:b4:d7:2a:0d:9b:63:e0:e4:eb:03:c0:95:
c1:78:ed:dc:68:1f:70:fd:81:09:ac:15:88:e7:cf:1d:c8:2f:
4e:c9:8d:ac:ee:2b:98:b7:3d:5a:57:f3:22:b9:05:bd:64:35:
4f:20:25:9a:a7:05:8a:01:21:01:54:f8:85:d9:58:09:0c:02:
78:b2:55:77
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUb2QnAiJb7dvGyU3iuGLuj5QdQ1IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODIwMjJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0ZDJjYmEwY2NlZmRmOTQwNDk0N2YzNTg5NDIwYjI5NzNiYWY1NzkxZjlk
ZjBmYmUyODI3ZmRiMDg2MjA1MDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpGhxeTfKx7ehH0H60+aY5slWB9qZ2KXmmXsqKkxygiU1C2jPe8eTda0RrA
X8yzkNL+uXMEoMqz5ZUPivxOq4X5JzRkiqJCsz5m2EMlaGH+Y5Cxd3MpEXCu3dao
qeroZPRyFg3YlveInm5uGTCu7GZCmPlkgTz6GqTNfB9uDKUl0NE2233hHxbwN5vs
P5nuWoiwh21ex2uDoeSx8iwcdtt9qUxvaba3AU2dH1PSEXGUJVnMx5FVDUTido6d
/8ao9/EkRVYc+hUUsydfUQ8Qo3uBBifUE8puXL9cD4LZaYAFVi2vzDzuRcijpRAj
EMXOgizLmgvfISXuqd28GBsdaAMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTAEi/G
FOaZILp2JFE7xYVmE1wRITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2I1ZjQ1YTItYWI3OS00YWQzLWEwOWUtODdiMzU1Zjc2NzMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg
gDANBgkqhkiG9w0BAQsFAAOCAQEAgYxY9iHPQO3eyj4HX6g6jUj8ixhEEU2uR2YD
X1Wr3Uq4XzIpZwiBsn/onVErAeW/Z8qiXdwtaB3JaVYuP5zW84waUvUUVFo3DRtK
QKJLpWEymWqzdck4oX36homiu1+kuR6POkSt3UzvDgMw496Gw1U6tvrblmJBqzUh
wf5iHNk83sGBGYdI3JzANnwO2IZYZaP/0ftE6L1yailw1LBJjZtfTaSpg6a97ow6
nWZDrkH5Z3B/niEWQt3CtNcqDZtj4OTrA8CVwXjt3GgfcP2BCawViOfPHcgvTsmN
rO4rmLc9WlfzIrkFvWQ1TyAlmqcFigEhAVT4hdlYCQwCeLJVdw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:11 2025 by rpki-client