Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
File: 97535b7f-b66d-439d-9398-8336783c9ea4.roa (raw, json)
Hash identifier: 0GM06Gu2nGtll/kgnkRFNrA4qLCx1acyapVRlk8pGx8=
Subject key identifier: 7F:2B:8D:D4:31:95:BE:3B:DC:2A:5E:52:44:70:11:07:14:81:C3:6D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B3DB994943B3686764B34826A245E5B7893D59B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
Signing time: Fri 26 Sep 2025 18:20:59 +0000
ROA not before: Fri 26 Sep 2025 18:20:59 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:3d:b9:94:94:3b:36:86:76:4b:34:82:6a:24:5e:5b:78:93:d5:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:20:59 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=727d8f1027f931a3ad51d70052c1a9ac018eca86d1259045d4d7d538d270568c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ca:0a:a2:d9:62:7d:cc:d0:87:01:c0:9b:82:
1a:86:18:a6:b9:28:96:98:7e:f9:fc:c8:7a:93:82:
fd:ff:52:a9:a2:94:aa:aa:0b:a5:df:e2:0f:9b:f2:
b7:54:0c:dd:4d:a1:bd:96:ed:0a:ed:83:dd:8f:64:
a8:07:3c:8e:f9:86:9d:b8:50:b8:e8:8a:5b:80:6f:
a8:1f:b1:2a:fa:7a:7b:d9:a1:46:a9:d5:5f:a6:bc:
b9:85:34:1e:d8:88:fe:83:66:15:4b:4a:48:db:b9:
62:21:27:85:4d:04:62:a0:ca:f7:ea:8c:c3:2d:41:
fa:f6:2b:77:b1:65:45:e6:05:ae:d7:15:5b:53:65:
e5:6f:c3:66:68:cc:f9:b9:53:26:f6:84:64:76:57:
41:90:a2:bf:75:44:18:ba:ec:4d:4a:b7:62:e9:f5:
4a:a6:2e:27:e5:85:f4:1f:d6:0c:94:6d:cb:f5:2e:
42:cd:0d:49:cd:38:70:10:55:30:91:ec:ef:41:52:
77:ec:5f:6d:32:c0:ba:7c:7f:01:1f:b8:c9:50:69:
b8:0e:c0:a3:83:25:dc:3b:5f:68:49:74:8f:d5:1f:
b2:7f:1f:8d:4f:d8:9d:2a:48:a2:49:6c:13:8c:e5:
00:1d:cf:37:2a:07:a2:cc:c2:24:ed:12:dc:92:29:
5a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:2B:8D:D4:31:95:BE:3B:DC:2A:5E:52:44:70:11:07:14:81:C3:6D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5040::/48
Signature Algorithm: sha256WithRSAEncryption
77:4b:59:39:fe:c7:e7:a4:79:b1:0f:1c:2f:d5:7f:a6:2c:95:
33:25:b2:73:b7:a9:1f:2c:69:e5:1f:0c:73:cd:05:29:26:b3:
b7:ac:d0:8f:0e:78:38:32:8f:54:20:f9:fb:d9:ba:5f:8a:db:
9b:18:4f:79:e3:97:25:c3:81:5a:df:72:7c:c5:d7:96:d3:b3:
e4:4e:da:26:24:e8:b5:f5:51:c5:c9:cf:be:bd:36:ad:4e:e6:
1d:34:fa:3f:ff:68:01:b9:be:69:c7:54:bb:54:c1:3a:a7:28:
59:5c:71:d8:7b:b0:ee:ab:0b:83:ad:98:de:d9:8a:34:1e:89:
c7:9a:a7:f6:dd:d6:86:2e:3c:f0:6c:d8:09:2c:7b:45:78:24:
73:9a:e6:84:b2:92:98:e3:ba:aa:82:2d:6b:4d:0e:b4:64:a6:
b6:7b:cf:b9:34:7b:0a:fd:08:bb:0a:3d:2c:d1:5d:00:66:23:
fb:cc:83:b5:59:9c:11:a4:fc:aa:e2:c4:9b:6d:f5:9d:00:2b:
b4:2d:fa:10:2c:8e:1e:4f:fa:b2:cf:83:bc:0c:9f:0a:a5:61:
ce:de:e8:30:b8:fb:ad:c7:01:01:d7:03:da:06:b1:44:a0:25:
d5:9f:86:8a:98:fd:b0:81:77:14:5c:0c:05:19:53:96:96:e2:
2e:9a:69:23
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaz25lJQ7NoZ2SzSCaiReW3iT1ZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODIwNTlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyN2Q4ZjEwMjdmOTMxYTNhZDUxZDcwMDUyYzFhOWFjMDE4ZWNhODZkMTI1
OTA0NWQ0ZDdkNTM4ZDI3MDU2OGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHKCqLZYn3M0IcBwJuCGoYYprkolph++fzIepOC/f9SqaKUqqoLpd/iD5vy
t1QM3U2hvZbtCu2D3Y9kqAc8jvmGnbhQuOiKW4BvqB+xKvp6e9mhRqnVX6a8uYU0
HtiI/oNmFUtKSNu5YiEnhU0EYqDK9+qMwy1B+vYrd7FlReYFrtcVW1Nl5W/DZmjM
+blTJvaEZHZXQZCiv3VEGLrsTUq3Yun1SqYuJ+WF9B/WDJRty/UuQs0NSc04cBBV
MJHs70FSd+xfbTLAunx/AR+4yVBpuA7Ao4Ml3DtfaEl0j9Ufsn8fjU/YnSpIokls
E4zlAB3PNyoHoszCJO0S3JIpWt8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR/K43U
MZW+O9wqXlJEcBEHFIHDbTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc1MzViN2YtYjY2ZC00MzlkLTkzOTgtODMzNjc4M2M5ZWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAd0tZOf7H56R5sQ8cL9V/piyVMyWyc7epHyxp
5R8Mc80FKSazt6zQjw54ODKPVCD5+9m6X4rbmxhPeeOXJcOBWt9yfMXXltOz5E7a
JiTotfVRxcnPvr02rU7mHTT6P/9oAbm+acdUu1TBOqcoWVxx2Huw7qsLg62Y3tmK
NB6Jx5qn9t3Whi488GzYCSx7RXgkc5rmhLKSmOO6qoIta00OtGSmtnvPuTR7Cv0I
uwo9LNFdAGYj+8yDtVmcEaT8quLEm231nQArtC36ECyOHk/6ss+DvAyfCqVhzt7o
MLj7rccBAdcD2gaxRKAl1Z+Gipj9sIF3FFwMBRlTlpbiLpppIw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:30 2025 by rpki-client