Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa
File: 93549c76-d7f3-48f4-9e55-b485fec00b13.roa (raw, json)
Hash identifier: 6G4wlxvo+vY4Zd5+2/cFaM+TAUSe3vfksBdoPTwOdhk=
Subject key identifier: A1:A4:5A:FF:EC:9E:E8:36:7C:FF:35:19:A3:F8:02:4D:30:B2:74:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FCC301FF755D9C7BB9AD22DD528E2E9A074F67C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa
Signing time: Fri 17 Oct 2025 23:20:17 +0000
ROA not before: Fri 17 Oct 2025 23:20:17 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:cc:30:1f:f7:55:d9:c7:bb:9a:d2:2d:d5:28:e2:e9:a0:74:f6:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 17 23:20:17 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=1b8a3e531f1948699267325907b8043f5ac3fb507a227621ebb00138e60e307c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ff:e9:1c:eb:85:b1:12:97:09:51:18:3f:82:
5c:d2:c5:54:36:9e:43:92:ef:0a:d4:b3:7c:74:fe:
fc:ab:fd:17:fb:ea:82:24:95:fb:72:fa:dc:9c:8f:
fe:0b:da:ac:a1:6c:6d:a5:f1:e7:84:c1:1d:02:c7:
37:79:6d:a5:0f:38:35:f4:f3:58:2a:58:ad:f7:f4:
e6:7d:c5:6b:db:33:7b:20:f1:fc:1b:9b:c0:27:17:
fc:b4:c0:ac:89:cd:c7:c7:d1:ca:f5:3a:fd:52:0b:
e9:c5:6c:0e:4d:11:05:85:e5:2d:ba:50:d5:6c:91:
d0:34:d3:3c:c6:d8:d8:c2:27:6d:7b:72:3b:df:71:
bc:91:b0:bd:1d:75:65:f3:16:ef:fa:b4:e4:b9:d8:
bb:77:60:bb:fe:63:e1:87:8b:9a:cb:ca:35:09:c3:
4b:ea:f9:52:d9:f0:ce:a5:0d:9e:29:93:ea:21:99:
53:86:7f:2c:24:99:0e:9c:d1:8b:f6:ef:3c:31:e9:
c3:37:24:98:42:72:11:bd:16:48:c7:5b:ef:f6:be:
f9:b6:97:96:fb:5a:88:c1:38:47:f8:9f:c6:79:18:
86:92:05:b3:70:13:4d:94:26:b7:9e:c8:95:86:cc:
f4:2a:f1:09:4c:3a:1c:45:da:4b:88:cb:34:05:c6:
74:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A4:5A:FF:EC:9E:E8:36:7C:FF:35:19:A3:F8:02:4D:30:B2:74:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:a000::/40
Signature Algorithm: sha256WithRSAEncryption
0a:fc:66:88:be:19:9f:48:bd:48:ae:b6:53:05:c2:59:1e:34:
0c:5a:25:c4:ca:78:4e:7d:9c:8a:c6:dc:13:9a:f4:a2:3a:e7:
b7:c5:80:9d:f9:24:40:fc:80:8d:f6:9c:cf:b1:e9:2a:77:5a:
55:98:47:a3:86:7b:57:de:8f:48:5d:a9:bf:09:3f:65:ff:bc:
a3:cf:e8:e1:9a:71:73:3d:d2:54:2b:00:19:c9:8b:4e:c4:ea:
7b:2a:5b:6f:b3:9e:c6:a3:5c:c1:92:0b:6f:52:89:49:d9:83:
39:79:73:43:66:cc:32:bb:8d:57:64:3d:70:22:f7:de:31:56:
aa:4d:e5:cd:93:dc:b1:21:eb:92:36:70:ec:7e:00:fb:8e:49:
4e:7c:81:09:1b:b6:9a:71:4b:fb:8d:59:1c:3b:b0:cf:83:7b:
43:20:59:04:d4:56:a0:4d:f9:79:c3:4a:5a:c5:d1:1d:d2:4e:
19:23:b2:21:e9:de:8b:66:09:1d:f2:01:3f:9a:a5:e3:d5:4b:
d5:86:ac:1a:a9:1d:21:4d:a2:06:38:07:30:d9:5a:4f:c3:84:
4e:ea:94:1e:f8:94:b0:d7:e6:71:60:c1:71:65:7c:5a:21:4b:
5b:78:ee:6a:fb:03:03:12:92:21:ac:2f:11:f6:2e:15:fa:68:
86:67:13:c4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD8wwH/dV2ce7mtIt1Sji6aB09nwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTcyMzIwMTdaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiOGEzZTUzMWYxOTQ4Njk5MjY3MzI1OTA3YjgwNDNmNWFjM2ZiNTA3YTIy
NzYyMWViYjAwMTM4ZTYwZTMwN2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANr/6RzrhbESlwlRGD+CXNLFVDaeQ5LvCtSzfHT+/Kv9F/vqgiSV+3L63JyP
/gvarKFsbaXx54TBHQLHN3ltpQ84NfTzWCpYrff05n3Fa9szeyDx/BubwCcX/LTA
rInNx8fRyvU6/VIL6cVsDk0RBYXlLbpQ1WyR0DTTPMbY2MInbXtyO99xvJGwvR11
ZfMW7/q05LnYu3dgu/5j4YeLmsvKNQnDS+r5UtnwzqUNnimT6iGZU4Z/LCSZDpzR
i/bvPDHpwzckmEJyEb0WSMdb7/a++baXlvtaiME4R/ifxnkYhpIFs3ATTZQmt57I
lYbM9CrxCUw6HEXaS4jLNAXGdHcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBShpFr/
7J7oNnz/NRmj+AJNMLJ0izAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM1NDljNzYtZDdmMy00OGY0LTllNTUtYjQ4NWZlYzAwYjEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hug
MA0GCSqGSIb3DQEBCwUAA4IBAQAK/GaIvhmfSL1IrrZTBcJZHjQMWiXEynhOfZyK
xtwTmvSiOue3xYCd+SRA/ICN9pzPsekqd1pVmEejhntX3o9IXam/CT9l/7yjz+jh
mnFzPdJUKwAZyYtOxOp7Kltvs57Go1zBkgtvUolJ2YM5eXNDZswyu41XZD1wIvfe
MVaqTeXNk9yxIeuSNnDsfgD7jklOfIEJG7aacUv7jVkcO7DPg3tDIFkE1FagTfl5
w0paxdEd0k4ZI7Ih6d6LZgkd8gE/mqXj1UvVhqwaqR0hTaIGOAcw2VpPw4RO6pQe
+JSw1+ZxYMFxZXxaIUtbeO5q+wMDEpIhrC8R9i4V+miGZxPE
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:33 2025 by rpki-client