Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
File: 7ce413ad-560d-4eb8-915b-8c6e01d97910.roa (raw, json)
Hash identifier: 4M541bdmY4NihbFICkCZF8zxm7tdbbWEQrn77+fDeUU=
Subject key identifier: 1F:17:B2:36:E4:29:25:45:79:3C:DE:B8:F5:EF:0D:3B:7C:15:81:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 428A85EAE2DF2EF7A8DC9E07A5E1BE30FB46CE86
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
Signing time: Fri 26 Sep 2025 19:11:47 +0000
ROA not before: Fri 26 Sep 2025 19:11:47 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:8a:85:ea:e2:df:2e:f7:a8:dc:9e:07:a5:e1:be:30:fb:46:ce:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:11:47 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a710f10e1da301321388ad806307b09713019f62676d3c99b1d334ffa572fac7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:91:62:55:60:00:99:c0:75:dc:92:59:9f:c3:
6d:6a:fa:13:8a:7c:a9:86:a7:48:a9:52:1c:fa:01:
13:a6:94:0d:08:c4:5e:2c:6f:36:21:3b:93:a8:e2:
da:9b:99:7f:f9:df:7e:b9:f2:4c:84:cf:16:55:a5:
a0:f9:68:76:ad:2b:f4:c5:1d:6d:74:62:8d:44:0a:
d7:10:4b:1d:54:80:85:80:f1:a9:0b:1e:e7:77:35:
ab:05:10:97:1b:2c:c2:7d:77:0c:0a:a9:81:c8:fc:
48:1e:d7:fc:74:a9:87:ba:8c:5b:e6:08:20:fc:d5:
52:97:e8:9e:a1:c4:6d:a6:17:7c:b5:ae:90:d2:fc:
07:8c:68:55:45:27:dd:4a:9d:b8:d3:9b:78:55:93:
f9:5b:cb:41:d8:94:dd:b8:63:63:dc:59:62:78:83:
c0:4a:c4:42:6d:4b:20:f5:64:c1:2f:f8:48:1d:d6:
52:09:e4:a5:d5:26:3b:fa:87:a2:5b:41:e9:fb:01:
74:69:4e:bb:d4:94:c9:71:cf:a4:d7:26:65:0f:cf:
0a:48:39:29:b4:46:55:69:d3:7f:e4:68:33:36:41:
2e:52:fb:00:6a:80:9a:62:94:82:3f:5d:06:b7:ba:
e7:10:a9:db:6c:c2:c7:f0:92:06:8b:f8:18:90:96:
78:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:17:B2:36:E4:29:25:45:79:3C:DE:B8:F5:EF:0D:3B:7C:15:81:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:5000::/40
Signature Algorithm: sha256WithRSAEncryption
86:b3:ac:ad:66:52:19:04:87:84:b7:2d:c5:db:7f:20:1b:8a:
12:87:17:09:71:bd:5d:72:2d:b3:40:6e:b4:d5:57:ed:c1:7f:
3e:cd:8a:fc:a8:98:51:31:a3:4e:2b:60:a8:fe:2c:93:8c:18:
b7:11:cf:de:58:eb:aa:6c:58:56:10:4d:8e:7d:5e:cd:26:24:
d8:d1:a0:e5:cb:b0:c5:d9:70:42:a9:be:47:ca:3c:be:ae:d0:
e1:bf:0d:79:70:c3:36:5c:76:bd:90:4a:03:92:cd:37:3c:d7:
69:63:b8:4d:8a:73:1e:2a:cd:f5:be:17:f8:8d:1e:2b:70:b6:
01:56:7f:0d:26:d0:64:52:91:ec:5f:b5:e3:20:19:0c:d2:0e:
6d:7c:79:79:72:42:b4:b9:a2:b4:71:ee:8d:4d:a6:0b:0c:3d:
d0:a5:d9:23:e0:e3:03:28:d8:e0:76:d5:37:04:f0:0a:eb:59:
93:06:9e:84:6e:32:ac:8a:f8:71:e9:12:be:78:c0:10:2c:df:
96:01:93:9f:08:89:1e:45:1b:da:06:0c:44:65:9f:33:08:cc:
6b:6a:91:1e:1a:4f:48:67:9d:4b:ed:bc:22:c5:d5:6f:51:8c:
b3:78:1c:b3:9f:ad:13:5f:cd:03:e7:08:2f:74:2c:17:b8:89:
c0:d2:2a:45
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQoqF6uLfLveo3J4HpeG+MPtGzoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTExNDdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3MTBmMTBlMWRhMzAxMzIxMzg4YWQ4MDYzMDdiMDk3MTMwMTlmNjI2NzZk
M2M5OWIxZDMzNGZmYTU3MmZhYzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJGRYlVgAJnAddySWZ/DbWr6E4p8qYanSKlSHPoBE6aUDQjEXixvNiE7k6ji
2puZf/nffrnyTITPFlWloPlodq0r9MUdbXRijUQK1xBLHVSAhYDxqQse53c1qwUQ
lxsswn13DAqpgcj8SB7X/HSph7qMW+YIIPzVUpfonqHEbaYXfLWukNL8B4xoVUUn
3UqduNObeFWT+VvLQdiU3bhjY9xZYniDwErEQm1LIPVkwS/4SB3WUgnkpdUmO/qH
oltB6fsBdGlOu9SUyXHPpNcmZQ/PCkg5KbRGVWnTf+RoMzZBLlL7AGqAmmKUgj9d
Bre65xCp22zCx/CSBov4GJCWeE0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfF7I2
5CklRXk83rj17w07fBWBqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NlNDEzYWQtNTYwZC00ZWI4LTkxNWItOGM2ZTAxZDk3OTEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCGs6ytZlIZBIeEty3F238gG4oShxcJcb1dci2z
QG601VftwX8+zYr8qJhRMaNOK2Co/iyTjBi3Ec/eWOuqbFhWEE2OfV7NJiTY0aDl
y7DF2XBCqb5Hyjy+rtDhvw15cMM2XHa9kEoDks03PNdpY7hNinMeKs31vhf4jR4r
cLYBVn8NJtBkUpHsX7XjIBkM0g5tfHl5ckK0uaK0ce6NTaYLDD3Qpdkj4OMDKNjg
dtU3BPAK61mTBp6EbjKsivhx6RK+eMAQLN+WAZOfCIkeRRvaBgxEZZ8zCMxrapEe
Gk9IZ51L7bwixdVvUYyzeByzn60TX80D5wgvdCwXuInA0ipF
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:17 2025 by rpki-client