Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
File: 9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa (raw, json)
Hash identifier: O5xTFg1317cuM2N9b+JiM85N2gk+kSvCqDFo/ZSSF/k=
Subject key identifier: A9:11:BE:73:DF:54:73:2B:FC:3B:48:F6:CF:69:D8:C8:53:D0:6F:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7020232B9C08FFFA81F65E22EF3BA7B9CE9AEAEB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
Signing time: Fri 26 Sep 2025 19:11:34 +0000
ROA not before: Fri 26 Sep 2025 19:11:34 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:20:23:2b:9c:08:ff:fa:81:f6:5e:22:ef:3b:a7:b9:ce:9a:ea:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:11:34 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=6e4f5390c2c505a64773f5d05553f154349d411a03b30c13559e4475fd0db616, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:02:fe:21:66:88:f0:83:17:48:f8:bc:58:1e:
79:a4:a5:69:37:02:2a:2a:64:f1:0b:89:25:9d:15:
14:55:da:40:76:41:46:7d:2c:68:6e:99:5e:c4:01:
e2:48:55:17:4e:16:ff:66:8b:ac:3c:c0:5e:3c:8d:
08:85:70:d3:be:d8:4e:02:ce:ed:e8:d2:1a:a3:d8:
77:ac:3e:96:e4:35:ac:97:ad:b6:e9:d0:72:d3:eb:
ae:84:28:bb:a9:e2:15:41:7b:5e:a8:a7:36:6d:d1:
25:6c:f6:67:08:24:09:8d:5a:51:c4:57:31:e7:92:
02:00:85:8f:e3:5a:bb:50:8d:bc:d7:b1:56:5c:d5:
71:f2:7a:8d:a9:f4:9b:ac:01:1e:ed:38:2d:45:1c:
64:91:8f:c9:11:4b:2b:94:d7:42:d4:51:14:48:da:
12:ef:bf:b0:32:f1:77:8b:3e:19:85:d0:f8:11:c1:
9d:62:0c:66:0f:87:d8:ef:bb:c7:61:f0:9f:9e:38:
90:a7:6b:ec:1b:3f:da:e5:d9:10:9b:bb:aa:fa:44:
5a:39:2b:da:14:fe:9d:5f:78:87:ca:16:15:9c:67:
31:36:c0:a1:5c:b5:40:af:94:c7:66:bb:d5:57:b0:
86:90:1d:39:f8:e4:2e:9f:ff:9a:b9:5a:1d:c7:e9:
0f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:11:BE:73:DF:54:73:2B:FC:3B:48:F6:CF:69:D8:C8:53:D0:6F:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a000::/40
Signature Algorithm: sha256WithRSAEncryption
76:6f:2e:1d:8b:39:89:7d:3f:74:99:84:fb:30:6b:dd:0c:6d:
e9:97:56:1f:26:75:e1:36:bf:b8:6a:0c:f2:10:a6:d2:86:0c:
17:46:1c:3d:ea:aa:95:5b:a4:22:00:57:28:20:91:0b:2f:aa:
88:46:29:e5:02:55:9f:f7:09:1b:c1:ff:02:6a:b9:81:5a:88:
e7:d8:b9:37:d0:ab:3b:7e:c0:e1:d3:ea:6c:02:da:90:79:a4:
a3:09:51:4d:84:5a:7f:39:ba:ab:78:9e:88:57:ea:98:46:e1:
7e:b5:8c:81:7c:b6:f7:a6:f2:ce:c3:6a:e5:b3:6d:97:48:b5:
26:b4:48:c4:36:4c:fa:80:2c:6d:9d:c6:ce:e7:57:9a:6b:d2:
14:f4:fa:12:b3:98:61:14:96:af:b9:59:0e:d6:2d:b2:d8:25:
96:38:b6:a6:72:21:5e:e5:7a:24:7d:f4:8b:48:95:9c:df:95:
c4:af:70:3d:8c:ff:68:be:eb:97:08:4a:d2:d2:b4:de:5a:b6:
39:15:08:be:ec:93:59:5e:ed:5a:c1:5d:e6:c9:a6:38:b3:d5:
37:b8:06:70:c2:d2:2c:2a:aa:45:d2:74:ec:67:ba:6f:e9:54:
79:f3:0a:5e:86:24:6b:3f:29:6f:6d:76:d2:17:9c:7d:87:ee:
9a:d9:80:fc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcCAjK5wI//qB9l4i7zunuc6a6uswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTExMzRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlNGY1MzkwYzJjNTA1YTY0NzczZjVkMDU1NTNmMTU0MzQ5ZDQxMWEwM2Iz
MGMxMzU1OWU0NDc1ZmQwZGI2MTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0C/iFmiPCDF0j4vFgeeaSlaTcCKipk8QuJJZ0VFFXaQHZBRn0saG6ZXsQB
4khVF04W/2aLrDzAXjyNCIVw077YTgLO7ejSGqPYd6w+luQ1rJettunQctPrroQo
u6niFUF7XqinNm3RJWz2ZwgkCY1aUcRXMeeSAgCFj+Nau1CNvNexVlzVcfJ6jan0
m6wBHu04LUUcZJGPyRFLK5TXQtRRFEjaEu+/sDLxd4s+GYXQ+BHBnWIMZg+H2O+7
x2Hwn544kKdr7Bs/2uXZEJu7qvpEWjkr2hT+nV94h8oWFZxnMTbAoVy1QK+Ux2a7
1VewhpAdOfjkLp//mrlaHcfpD+MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSpEb5z
31RzK/w7SPbPadjIU9BvPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZkOTg3ZmEtMzBlOC00MGJjLTg5YzItZDg5NzA1ZDVmYjgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACg
MA0GCSqGSIb3DQEBCwUAA4IBAQB2by4dizmJfT90mYT7MGvdDG3pl1YfJnXhNr+4
agzyEKbShgwXRhw96qqVW6QiAFcoIJELL6qIRinlAlWf9wkbwf8CarmBWojn2Lk3
0Ks7fsDh0+psAtqQeaSjCVFNhFp/ObqreJ6IV+qYRuF+tYyBfLb3pvLOw2rls22X
SLUmtEjENkz6gCxtncbO51eaa9IU9PoSs5hhFJavuVkO1i2y2CWWOLamciFe5Xok
ffSLSJWc35XEr3A9jP9ovuuXCErS0rTeWrY5FQi+7JNZXu1awV3myaY4s9U3uAZw
wtIsKqpF0nTsZ7pv6VR58wpehiRrPylvbXbSF5x9h+6a2YD8
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:12 2025 by rpki-client