Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa
File: 7d5bbe6e-da67-4af0-af12-c86f93a16721.roa (raw, json)
Hash identifier: knieVHzWh/lOuL8JxeUUH/eyLSocrYvWMHNKeAMYIBQ=
Subject key identifier: 5B:50:33:47:00:44:94:04:4F:63:72:DF:40:4E:0D:D6:6D:4B:34:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7375BF05932616FB569AE1764FF135C85E3DB93E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa
Signing time: Fri 26 Sep 2025 19:11:17 +0000
ROA not before: Fri 26 Sep 2025 19:11:17 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:75:bf:05:93:26:16:fb:56:9a:e1:76:4f:f1:35:c8:5e:3d:b9:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:11:17 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=0247db71f8457ad7d5090b8441d9ff7ef56e6a564215fe2ea213e380112d9c8f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:61:a9:12:51:61:de:39:18:11:be:ab:1c:9b:
77:b5:b3:79:82:1b:d2:e3:11:68:67:19:f6:96:c8:
25:12:1a:c1:06:1c:eb:97:69:e0:23:29:bc:6e:ea:
ec:61:37:ae:d6:21:65:12:e2:e6:49:c7:c4:cf:4e:
e8:4a:cb:1a:56:0f:cc:d1:f3:18:3e:7a:de:02:c7:
43:ba:92:5e:97:85:5b:c7:42:d1:06:f9:5d:7f:c0:
38:f0:f1:e2:8d:65:c9:b8:3b:fb:5e:09:02:d7:cc:
56:ff:94:7c:b2:69:18:7d:15:b0:50:70:d3:c6:fd:
91:18:8b:66:be:b3:ab:43:36:a3:88:d7:a1:2a:0e:
b1:67:19:a2:40:33:68:c5:dc:c8:77:65:df:15:a1:
29:44:3c:b9:ef:18:52:e8:c8:33:a9:9a:65:46:b8:
1e:f1:c0:61:1d:43:0e:73:b2:8f:0c:44:23:df:72:
ce:3f:38:95:1d:a1:4a:74:02:3d:ec:3a:11:1a:fe:
a9:79:71:02:e5:12:88:61:c0:ff:f1:3b:25:ae:2e:
f3:4f:f2:03:f7:f1:4c:51:c0:94:27:28:30:6e:63:
d8:5b:bc:10:ab:c0:c7:f7:f6:94:42:1e:b5:eb:99:
0f:fc:6a:4b:5f:eb:a5:ee:69:16:fe:53:fb:61:42:
8e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:50:33:47:00:44:94:04:4F:63:72:DF:40:4E:0D:D6:6D:4B:34:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:6000::/40
Signature Algorithm: sha256WithRSAEncryption
b2:48:49:49:09:db:c4:a9:77:f7:f8:f3:d6:b1:4e:ea:34:eb:
0d:e0:42:33:ff:2e:d7:1d:f5:e4:e9:b5:5f:92:1b:71:3b:e8:
22:47:77:ed:d6:22:04:f3:42:86:72:a3:26:fc:8c:af:06:55:
79:79:3f:33:9c:9d:57:27:33:4a:45:5d:47:91:3a:bd:35:59:
31:44:38:f3:4f:87:0a:25:00:38:76:4f:5f:00:49:31:1b:60:
71:5c:44:2f:ea:df:66:2e:29:28:da:4d:99:f0:63:89:59:69:
b9:27:55:45:d3:54:b9:63:37:70:fa:b8:da:ec:32:82:d4:6e:
d4:6a:c1:e1:b6:b5:94:19:18:08:37:fb:0d:3e:8e:d8:8e:f7:
85:ec:78:3e:c1:83:9a:53:d2:68:9e:87:52:58:cf:50:38:0c:
6d:ca:1b:7e:8d:7f:ec:88:62:37:9d:58:3f:de:1b:a1:7e:88:
24:5f:b5:43:a3:23:ab:3d:58:61:75:c5:18:b4:26:10:cd:28:
89:97:4f:64:52:93:95:bd:0f:a3:96:1e:c2:04:96:0f:74:8c:
f9:14:51:ab:94:24:18:a0:07:ce:66:52:a8:ba:0f:9d:0b:ad:
3b:0b:33:db:32:91:12:e4:c7:5c:c4:5f:d9:ac:a9:d2:9f:c8:
cc:3d:a1:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc3W/BZMmFvtWmuF2T/E1yF49uT4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTExMTdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyNDdkYjcxZjg0NTdhZDdkNTA5MGI4NDQxZDlmZjdlZjU2ZTZhNTY0MjE1
ZmUyZWEyMTNlMzgwMTEyZDljOGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlhqRJRYd45GBG+qxybd7WzeYIb0uMRaGcZ9pbIJRIawQYc65dp4CMpvG7q
7GE3rtYhZRLi5knHxM9O6ErLGlYPzNHzGD563gLHQ7qSXpeFW8dC0Qb5XX/AOPDx
4o1lybg7+14JAtfMVv+UfLJpGH0VsFBw08b9kRiLZr6zq0M2o4jXoSoOsWcZokAz
aMXcyHdl3xWhKUQ8ue8YUujIM6maZUa4HvHAYR1DDnOyjwxEI99yzj84lR2hSnQC
Pew6ERr+qXlxAuUSiGHA//E7Ja4u80/yA/fxTFHAlCcoMG5j2Fu8EKvAx/f2lEIe
teuZD/xqS1/rpe5pFv5T+2FCjrUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbUDNH
AESUBE9jct9ATg3WbUs0JzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2Q1YmJlNmUtZGE2Ny00YWYwLWFmMTItYzg2ZjkzYTE2NzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9g
MA0GCSqGSIb3DQEBCwUAA4IBAQCySElJCdvEqXf3+PPWsU7qNOsN4EIz/y7XHfXk
6bVfkhtxO+giR3ft1iIE80KGcqMm/IyvBlV5eT8znJ1XJzNKRV1HkTq9NVkxRDjz
T4cKJQA4dk9fAEkxG2BxXEQv6t9mLiko2k2Z8GOJWWm5J1VF01S5Yzdw+rja7DKC
1G7UasHhtrWUGRgIN/sNPo7YjveF7Hg+wYOaU9JonodSWM9QOAxtyht+jX/siGI3
nVg/3huhfogkX7VDoyOrPVhhdcUYtCYQzSiJl09kUpOVvQ+jlh7CBJYPdIz5FFGr
lCQYoAfOZlKoug+dC607CzPbMpES5MdcxF/ZrKnSn8jMPaHS
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:41 2025 by rpki-client