Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
File: 9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa (raw, json)
Hash identifier: dfSLGD+FdkjNycxpKfxmAlzmoj8NEHuNp6/s5p7CckM=
Subject key identifier: 41:F4:BA:40:11:19:70:18:DA:41:CD:C0:30:75:61:91:8B:17:A4:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EEC5A3954985EF721BAB059AF0656F51C558F83
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
Signing time: Mon 06 Oct 2025 18:00:04 +0000
ROA not before: Mon 06 Oct 2025 18:00:04 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:90c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:ec:5a:39:54:98:5e:f7:21:ba:b0:59:af:06:56:f5:1c:55:8f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:00:04 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=1ad714ed9e8d6333dd65fd62956bcd73c62d3fad455b1eb1b7226a15f85a2f23, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:07:de:22:e1:60:6c:3a:97:8d:2e:48:2a:34:
bf:2f:55:ad:4b:34:81:bf:3c:b3:7a:82:65:8b:ee:
3a:76:b1:a1:f2:47:0c:ff:48:96:cf:c6:cd:f4:83:
96:90:ed:44:ac:6c:f3:25:8a:e4:a4:cc:5b:8e:77:
27:fe:d3:5e:b1:8e:7d:53:30:42:f0:e6:57:64:f0:
0a:94:8f:ce:f3:6c:9a:9a:df:71:fa:66:c0:c8:ee:
33:1a:85:3d:4f:08:68:32:62:7c:83:6f:a6:cf:f4:
8f:69:59:9d:f6:1b:d1:b8:54:fc:82:29:93:40:53:
b4:33:4e:71:c4:1a:12:41:5b:ab:72:f8:ba:6f:fb:
52:e6:7a:b5:4f:84:eb:72:60:f5:52:24:6a:28:97:
92:8e:3a:cc:27:7c:26:97:32:93:b5:84:01:99:6b:
fe:99:e8:fa:b0:3e:70:71:d6:59:bc:f5:a2:2e:1f:
2f:24:f8:53:ca:7c:fb:b2:aa:9a:8b:5d:44:1a:9d:
3b:ca:4a:57:e9:51:8f:26:2c:28:2b:17:2c:46:b4:
dc:da:80:41:84:f7:58:4a:98:28:6f:fd:62:c3:45:
71:9a:31:fa:6d:2d:a6:be:66:2f:7f:e5:4a:66:6b:
46:00:f2:ef:66:ac:ad:e9:14:b6:ce:28:f2:f1:78:
f5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F4:BA:40:11:19:70:18:DA:41:CD:C0:30:75:61:91:8B:17:A4:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:90c0::/46
Signature Algorithm: sha256WithRSAEncryption
71:65:70:e5:b3:b2:e5:1e:95:ea:89:13:01:6e:c6:47:63:a9:
d9:d1:64:34:bf:f2:81:21:1a:e4:16:0b:56:d8:ab:e8:aa:89:
bc:da:d3:3a:6c:69:bc:a7:f3:c7:48:98:9b:e1:59:54:70:03:
26:14:77:6f:d7:85:0f:68:2f:52:df:84:d4:c8:5b:b4:eb:d8:
96:b3:50:7b:db:de:6b:df:3a:98:79:d5:52:f8:c3:9e:c3:75:
c9:c0:9b:c4:37:86:1e:e1:ae:8b:21:9c:23:38:8d:9f:42:c3:
67:53:42:ac:5d:5a:21:98:09:4b:ac:b8:14:34:2a:80:92:c8:
7a:f3:c3:cc:02:61:9f:e4:83:1f:f9:9f:e9:88:b2:f1:84:a0:
27:17:fc:9e:cd:a2:11:a2:43:7b:99:d2:e7:1d:5a:de:78:62:
04:69:1a:7b:b0:ce:9f:56:b1:4a:8a:b9:53:fa:24:04:30:8a:
e0:cc:f8:4a:62:97:86:4e:61:7c:2f:fd:df:0e:26:27:09:f3:
6e:4a:17:9d:67:f5:a0:55:68:2e:e6:60:86:00:60:57:c3:34:
fd:e2:d0:a7:4a:ab:dd:dc:7d:45:16:f5:be:1a:ed:a0:ba:08:
88:b6:48:ed:08:c6:c7:55:50:61:a1:78:4e:fc:fb:bb:fa:d0:
b1:18:f8:5b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDuxaOVSYXvchurBZrwZW9RxVj4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAwMDRaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhZDcxNGVkOWU4ZDYzMzNkZDY1ZmQ2Mjk1NmJjZDczYzYyZDNmYWQ0NTVi
MWViMWI3MjI2YTE1Zjg1YTJmMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkH3iLhYGw6l40uSCo0vy9VrUs0gb88s3qCZYvuOnaxofJHDP9Ils/GzfSD
lpDtRKxs8yWK5KTMW453J/7TXrGOfVMwQvDmV2TwCpSPzvNsmprfcfpmwMjuMxqF
PU8IaDJifINvps/0j2lZnfYb0bhU/IIpk0BTtDNOccQaEkFbq3L4um/7UuZ6tU+E
63Jg9VIkaiiXko46zCd8Jpcyk7WEAZlr/pno+rA+cHHWWbz1oi4fLyT4U8p8+7Kq
motdRBqdO8pKV+lRjyYsKCsXLEa03NqAQYT3WEqYKG/9YsNFcZox+m0tpr5mL3/l
SmZrRgDy72asrekUts4o8vF49ScCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRB9LpA
ERlwGNpBzcAwdWGRixekVjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE1ZmVjMmQtMmM0MC00MDY4LTliY2YtYzQ3ZDc2MDFkMDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAcWVw5bOy5R6V6okTAW7GR2Op2dFkNL/ygSEa
5BYLVtir6KqJvNrTOmxpvKfzx0iYm+FZVHADJhR3b9eFD2gvUt+E1MhbtOvYlrNQ
e9vea986mHnVUvjDnsN1ycCbxDeGHuGuiyGcIziNn0LDZ1NCrF1aIZgJS6y4FDQq
gJLIevPDzAJhn+SDH/mf6Yiy8YSgJxf8ns2iEaJDe5nS5x1a3nhiBGkae7DOn1ax
Soq5U/okBDCK4Mz4SmKXhk5hfC/93w4mJwnzbkoXnWf1oFVoLuZghgBgV8M0/eLQ
p0qr3dx9RRb1vhrtoLoIiLZI7QjGx1VQYaF4Tvz7u/rQsRj4Ww==
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:19:04 2025 by rpki-client