Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
File: 7e690adc-099c-4d58-ad1b-856f693d90b3.roa (raw, json)
Hash identifier: Y+NBmB+GsXwWNyTFeuWZ5EwLSansV9C8UTSUMqHSQQQ=
Subject key identifier: 42:84:7D:F1:DE:0D:A4:D0:27:7D:94:56:3D:57:FD:0A:05:37:8D:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C2AC2C4C577D79914462B5C575F196BACC2C614
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
Signing time: Mon 13 Oct 2025 18:00:06 +0000
ROA not before: Mon 13 Oct 2025 18:00:06 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:2a:c2:c4:c5:77:d7:99:14:46:2b:5c:57:5f:19:6b:ac:c2:c6:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 18:00:06 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=d7b05f04ab390e6643c78f03fa653e07280339c0f1ff9e7f82620b8daf595881, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f0:eb:23:59:1f:aa:65:ef:30:2a:e2:03:98:
82:80:46:09:4f:5b:9b:51:63:74:2e:93:36:f2:10:
18:f4:35:58:d3:3c:2f:dd:70:b5:3a:fb:55:67:df:
d6:96:00:a4:9d:e0:a4:ae:45:0d:6b:13:64:36:55:
2f:84:68:db:fc:74:be:17:78:59:82:1d:f7:f5:b2:
4b:27:93:4b:68:1b:fd:d6:fe:f5:03:43:2a:7a:16:
bc:dd:03:0b:1c:17:29:e5:e2:91:71:71:9f:4a:1c:
bb:15:db:8b:1c:ed:3c:99:f0:92:1c:15:db:48:5e:
00:7c:53:68:ec:63:f7:a0:f4:86:ba:25:da:36:95:
47:77:72:a3:9b:a3:ae:2d:85:50:86:e3:c7:f4:65:
12:ad:eb:f0:41:cf:5e:7d:ca:a8:20:14:e2:ef:f9:
53:57:53:be:f3:ca:ec:30:f4:d4:a2:51:52:8f:d9:
43:68:e7:c2:0e:9f:f0:be:f2:c0:97:75:35:1e:66:
95:31:cc:39:cb:ac:a5:1a:13:61:43:0b:3f:4b:6a:
37:e9:b2:ca:b6:45:23:e1:ef:a1:1b:f6:27:91:c1:
be:0e:89:7c:dd:bc:f1:1f:ca:11:4c:48:a0:25:13:
31:d8:d0:ca:4c:52:4c:67:fc:22:d8:95:97:31:ba:
74:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:84:7D:F1:DE:0D:A4:D0:27:7D:94:56:3D:57:FD:0A:05:37:8D:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
50:b7:08:04:12:a4:e9:72:f0:31:2d:c6:83:03:c3:d8:c6:cf:
45:13:25:c6:97:7f:84:39:d2:1a:d2:7f:5d:29:82:4c:0b:ef:
ee:9c:bb:2f:03:64:a5:f1:93:ed:f4:e6:0b:6f:3d:53:6c:21:
16:42:29:b3:7c:30:01:28:56:c7:d9:5c:17:d7:aa:fc:73:29:
26:21:5a:36:6f:bc:81:c7:73:7c:6f:2b:2a:0d:70:b4:d2:88:
1e:bd:f7:2f:35:26:39:6a:d6:94:91:a1:14:8a:df:4f:9a:a3:
37:d9:61:fd:e1:cb:29:6e:95:0d:5b:bd:09:da:35:50:46:ea:
a5:05:a3:e5:63:49:8c:38:e7:f6:3a:db:52:b0:cf:aa:35:ff:
44:95:f7:e4:17:27:a9:49:91:25:6c:d8:a8:d8:0a:7d:84:da:
3a:af:e4:14:4d:d1:47:44:46:da:2f:8f:fa:99:3e:5a:60:2d:
fb:6b:13:d8:6c:72:dd:29:a7:28:cb:9f:e1:b7:60:56:4f:47:
d6:46:7b:ef:6c:77:11:56:8a:42:1a:4d:9a:31:37:7c:e6:85:
86:d5:c7:3a:0b:ef:44:15:74:08:a9:6e:87:41:5a:85:20:6b:
b1:bf:51:73:c0:40:8b:fc:a3:9d:0a:92:e9:fc:4b:f2:fe:44:
ec:87:fe:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHCrCxMV315kURitcV18Za6zCxhQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxODAwMDZaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3YjA1ZjA0YWIzOTBlNjY0M2M3OGYwM2ZhNjUzZTA3MjgwMzM5YzBmMWZm
OWU3ZjgyNjIwYjhkYWY1OTU4ODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3w6yNZH6pl7zAq4gOYgoBGCU9bm1FjdC6TNvIQGPQ1WNM8L91wtTr7VWff
1pYApJ3gpK5FDWsTZDZVL4Ro2/x0vhd4WYId9/WySyeTS2gb/db+9QNDKnoWvN0D
CxwXKeXikXFxn0ocuxXbixztPJnwkhwV20heAHxTaOxj96D0hrol2jaVR3dyo5uj
ri2FUIbjx/RlEq3r8EHPXn3KqCAU4u/5U1dTvvPK7DD01KJRUo/ZQ2jnwg6f8L7y
wJd1NR5mlTHMOcuspRoTYUMLP0tqN+myyrZFI+HvoRv2J5HBvg6JfN288R/KEUxI
oCUTMdjQykxSTGf8ItiVlzG6dFkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRChH3x
3g2k0Cd9lFY9V/0KBTeNXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2U2OTBhZGMtMDk5Yy00ZDU4LWFkMWItODU2ZjY5M2Q5MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQBQtwgEEqTpcvAxLcaDA8PYxs9FEyXGl3+EOdIa
0n9dKYJMC+/unLsvA2Sl8ZPt9OYLbz1TbCEWQimzfDABKFbH2VwX16r8cykmIVo2
b7yBx3N8bysqDXC00ogevfcvNSY5ataUkaEUit9PmqM32WH94cspbpUNW70J2jVQ
RuqlBaPlY0mMOOf2OttSsM+qNf9ElffkFyepSZElbNio2Ap9hNo6r+QUTdFHREba
L4/6mT5aYC37axPYbHLdKacoy5/ht2BWT0fWRnvvbHcRVopCGk2aMTd85oWG1cc6
C+9EFXQIqW6HQVqFIGuxv1FzwECL/KOdCpLp/Evy/kTsh/5j
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:21 2025 by rpki-client