Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa
File: 7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa (raw, json)
Hash identifier: qxJDDpx1pUulM/Frcr/mA7A9PA4GA6Kl/GbGoSpPyno=
Subject key identifier: C1:C4:9A:9C:24:47:DB:02:FD:25:28:4A:B1:DB:4C:F3:9A:5B:C3:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14448A7FB69AA0F932117BADF0E8C75D7795D52A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa
Signing time: Wed 08 Oct 2025 16:38:25 +0000
ROA not before: Wed 08 Oct 2025 16:38:25 +0000
ROA not after: Wed 12 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:44:8a:7f:b6:9a:a0:f9:32:11:7b:ad:f0:e8:c7:5d:77:95:d5:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 8 16:38:25 2025 GMT
Not After : Nov 12 23:59:59 2025 GMT
Subject: serialNumber=0c7c7a99026c8cd38c4cb4277df581b6ca26fe26f5ec04eb39987a0eb202d5a0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a2:de:cc:e2:bf:c6:78:f7:2b:d8:f0:dd:c5:
73:5b:20:da:58:c8:e3:cc:0f:b5:b4:af:ea:ef:fe:
e5:8b:cd:e7:75:cd:ee:c0:7a:0f:34:1b:4a:be:54:
b2:3d:18:0e:42:8e:a5:57:da:7a:80:c6:7f:95:ee:
74:0b:7b:13:65:c8:d1:a1:27:dd:38:a6:d8:b0:e3:
4f:22:8f:0e:01:bd:0a:54:4e:06:ba:38:f8:7e:62:
86:3d:04:db:61:94:9e:30:df:7d:e5:6f:05:51:a5:
3d:13:2d:b1:82:49:7b:46:b1:2b:f5:01:a1:79:e7:
e8:b1:7d:fb:69:ca:21:01:a0:70:d3:3b:ad:04:35:
e4:cf:e9:33:73:cc:32:3b:d0:32:2b:63:fa:27:3f:
72:a9:30:ed:ac:fe:8c:7c:3f:9d:80:8a:66:e0:30:
d4:08:d0:cd:47:c7:15:6c:f4:ed:17:ef:db:fd:3c:
ae:79:2c:dc:00:6d:c2:b4:e0:12:06:4f:3d:ab:0b:
7c:df:1f:47:ef:17:58:ce:b2:e7:1e:5f:f7:13:ab:
09:be:b6:24:43:7b:98:97:7a:ac:ec:9a:27:7b:32:
19:90:83:7c:a9:99:ce:8d:d7:e8:0b:bf:d8:f3:97:
f2:27:a1:a7:4a:61:1f:2d:b4:be:a6:dd:e4:cc:48:
2e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C4:9A:9C:24:47:DB:02:FD:25:28:4A:B1:DB:4C:F3:9A:5B:C3:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/42
Signature Algorithm: sha256WithRSAEncryption
1c:71:87:c1:29:fc:95:27:27:31:a8:c0:2c:bd:d5:34:95:ec:
e7:36:98:56:4e:92:e7:76:ae:ce:47:2e:1d:f7:e3:f3:d2:8f:
30:b3:2e:f7:f8:26:d7:08:e2:89:4c:79:a1:fa:57:fb:23:2c:
04:fa:0c:0b:1a:d1:c9:a9:57:6f:f2:57:d5:c9:d4:b0:a9:ba:
fd:22:1e:56:74:08:bd:56:92:fd:53:c3:9c:5a:2e:22:b4:94:
37:c1:81:35:9c:6a:cd:0c:7a:a5:2f:5a:8d:66:c4:da:f8:af:
0a:b3:a4:5b:fe:7f:8d:dd:ce:33:36:c3:7b:bb:44:11:b4:63:
9b:18:86:d8:37:d4:ca:88:f3:a3:fe:d2:82:3f:89:19:90:e2:
a0:01:9a:a9:e6:85:44:26:bd:58:52:c3:ca:0e:48:00:9a:8b:
bb:73:9c:7c:38:5a:17:03:45:b3:22:ec:3f:49:ed:43:5b:b9:
fe:14:c1:c8:a3:1c:3f:66:b3:91:98:32:29:7b:af:4b:de:b9:
c7:d2:ff:7b:ed:e9:79:a6:07:ff:a7:ac:d4:4e:59:3a:d7:0a:
5c:b5:52:28:cc:98:37:24:1f:16:95:d9:65:a2:a1:9c:2c:3e:
c5:a6:9e:02:7d:21:17:46:77:1d:3b:17:ad:ea:58:25:9d:3c:
82:c8:1c:e3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFESKf7aaoPkyEXut8OjHXXeV1SowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDgxNjM4MjVaFw0yNTExMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjN2M3YTk5MDI2YzhjZDM4YzRjYjQyNzdkZjU4MWI2Y2EyNmZlMjZmNWVj
MDRlYjM5OTg3YTBlYjIwMmQ1YTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALai3sziv8Z49yvY8N3Fc1sg2ljI48wPtbSv6u/+5YvN53XN7sB6DzQbSr5U
sj0YDkKOpVfaeoDGf5XudAt7E2XI0aEn3Tim2LDjTyKPDgG9ClROBro4+H5ihj0E
22GUnjDffeVvBVGlPRMtsYJJe0axK/UBoXnn6LF9+2nKIQGgcNM7rQQ15M/pM3PM
MjvQMitj+ic/cqkw7az+jHw/nYCKZuAw1AjQzUfHFWz07Rfv2/08rnks3ABtwrTg
EgZPPasLfN8fR+8XWM6y5x5f9xOrCb62JEN7mJd6rOyaJ3syGZCDfKmZzo3X6Au/
2POX8iehp0phHy20vqbd5MxILh8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTBxJqc
JEfbAv0lKEqx20zzmlvDMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2YzNDUyY2MtYTJmYi00NWNhLTk2MTctOGRiNDViZDNjNTQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBioF0BsA
ADANBgkqhkiG9w0BAQsFAAOCAQEAHHGHwSn8lScnMajALL3VNJXs5zaYVk6S53au
zkcuHffj89KPMLMu9/gm1wjiiUx5ofpX+yMsBPoMCxrRyalXb/JX1cnUsKm6/SIe
VnQIvVaS/VPDnFouIrSUN8GBNZxqzQx6pS9ajWbE2vivCrOkW/5/jd3OMzbDe7tE
EbRjmxiG2DfUyojzo/7Sgj+JGZDioAGaqeaFRCa9WFLDyg5IAJqLu3OcfDhaFwNF
syLsP0ntQ1u5/hTByKMcP2azkZgyKXuvS965x9L/e+3peaYH/6es1E5ZOtcKXLVS
KMyYNyQfFpXZZaKhnCw+xaaeAn0hF0Z3HTsXrepYJZ08gsgc4w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:30 2025 by rpki-client