Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa
File: a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa (raw, json)
Hash identifier: PXE6qpBAsUl5jF/CTLYEsiUtDu5v92tff8I7rPlMZUQ=
Subject key identifier: F9:A5:59:E5:24:23:1E:F3:54:B3:3B:72:3B:50:F5:CA:D0:EF:B1:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BF861211C214FBBDC0C636CA149ADC1C76AE5A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa
Signing time: Fri 10 Oct 2025 17:04:24 +0000
ROA not before: Fri 10 Oct 2025 17:04:24 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:f8:61:21:1c:21:4f:bb:dc:0c:63:6c:a1:49:ad:c1:c7:6a:e5:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:04:24 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=c424b7a4a493fe599585ecfaaa5c298befbd34d75b29abdf14937a7747e4d2a2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0a:57:be:e2:70:21:a9:60:13:20:df:26:9d:
cd:fe:8c:c5:3e:1c:63:78:e0:2b:0b:2e:4f:37:2c:
e6:1b:16:88:67:90:17:5c:bb:ed:42:4d:ce:51:f6:
c7:3f:83:ce:a9:0f:b9:91:d0:68:ca:6b:99:7c:d0:
11:0e:95:b3:38:3e:92:83:a2:ca:3c:72:92:75:95:
d4:30:77:3e:06:9e:6b:74:ab:c0:fc:3f:56:27:00:
66:76:90:f4:6c:b9:53:bb:d7:0e:0c:0a:dc:98:10:
6d:3f:0f:d6:c6:dd:7d:f9:c6:da:a8:5a:e1:57:0c:
a3:35:9a:4d:2c:97:bf:91:ef:5e:cd:95:e9:90:65:
e5:e6:83:80:e5:f1:94:59:dc:3f:c9:5b:fd:82:5b:
db:e0:46:76:f2:d3:55:d9:c1:f9:f8:87:65:80:ac:
60:2f:2f:8f:1b:e5:79:fb:ea:e9:92:85:da:85:83:
e3:e1:40:fc:c5:ec:0d:00:1a:5e:f0:92:94:a1:7f:
a6:fe:ba:96:95:03:d1:fb:b7:9a:9d:27:56:4c:57:
50:40:a8:12:8c:ac:ae:15:76:1e:51:2f:aa:3b:e0:
e8:fa:9c:5c:c1:e1:a6:0b:b3:18:34:c4:2a:56:35:
6a:7d:3e:92:30:6d:42:46:3e:48:fd:0f:c2:ac:4a:
90:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A5:59:E5:24:23:1E:F3:54:B3:3B:72:3B:50:F5:CA:D0:EF:B1:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b::/32
Signature Algorithm: sha256WithRSAEncryption
87:8f:0b:49:c1:88:f8:18:3d:b4:fc:a1:a6:8a:cc:75:e8:a4:
23:7f:fb:8c:23:ef:11:a9:bb:25:e0:ff:b8:09:1a:f1:1c:6f:
1d:82:a3:b5:3b:d7:ff:49:df:50:a9:76:28:39:1e:9c:22:e2:
de:92:42:1f:60:7d:17:84:e4:9b:44:05:3e:c1:b5:bf:f6:7e:
15:42:89:f1:70:17:ac:80:69:2d:32:5d:61:bd:c6:c2:86:c5:
a3:57:67:88:2b:14:30:a7:e7:8a:0a:3a:0f:1a:14:dc:08:dd:
f1:a3:86:0e:f4:8f:92:4f:fa:09:89:84:78:a1:93:ad:91:b1:
91:16:92:0e:4f:fc:98:0d:c7:9f:db:fa:35:68:b9:a2:f6:c5:
7d:84:4c:db:04:4d:f4:d7:96:e1:15:22:8d:48:ea:87:be:d7:
cf:7d:af:3b:b1:ac:4a:5b:75:28:29:a9:cd:15:1a:91:10:54:
92:19:e3:05:1c:2a:f7:85:54:92:3d:67:d1:02:96:78:0c:f0:
ac:c6:81:3e:69:f3:c6:41:53:96:fe:c3:15:0c:af:9e:a1:e0:
3a:f0:08:73:b7:a3:f4:e7:ee:a7:38:4d:95:2e:b1:80:06:a1:
c3:e6:0e:b1:bd:5c:74:46:9b:f0:9d:19:fc:9a:d2:42:39:09:
10:a9:d9:a1
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUe/hhIRwhT7vcDGNsoUmtwcdq5akwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzA0MjRaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0MjRiN2E0YTQ5M2ZlNTk5NTg1ZWNmYWFhNWMyOThiZWZiZDM0ZDc1YjI5
YWJkZjE0OTM3YTc3NDdlNGQyYTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgKV77icCGpYBMg3yadzf6MxT4cY3jgKwsuTzcs5hsWiGeQF1y77UJNzlH2
xz+DzqkPuZHQaMprmXzQEQ6Vszg+koOiyjxyknWV1DB3Pgaea3SrwPw/VicAZnaQ
9Gy5U7vXDgwK3JgQbT8P1sbdffnG2qha4VcMozWaTSyXv5HvXs2V6ZBl5eaDgOXx
lFncP8lb/YJb2+BGdvLTVdnB+fiHZYCsYC8vjxvlefvq6ZKF2oWD4+FA/MXsDQAa
XvCSlKF/pv66lpUD0fu3mp0nVkxXUECoEoysrhV2HlEvqjvg6PqcXMHhpguzGDTE
KlY1an0+kjBtQkY+SP0PwqxKkIkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBT5pVnl
JCMe81SzO3I7UPXK0O+xTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTViY2I3NzAtN2UzZC00Y2NkLWJmMWMtNGNjMTdlYTAxYzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Fsw
DQYJKoZIhvcNAQELBQADggEBAIePC0nBiPgYPbT8oaaKzHXopCN/+4wj7xGpuyXg
/7gJGvEcbx2Co7U71/9J31Cpdig5Hpwi4t6SQh9gfReE5JtEBT7Btb/2fhVCifFw
F6yAaS0yXWG9xsKGxaNXZ4grFDCn54oKOg8aFNwI3fGjhg70j5JP+gmJhHihk62R
sZEWkg5P/JgNx5/b+jVouaL2xX2ETNsETfTXluEVIo1I6oe+1899rzuxrEpbdSgp
qc0VGpEQVJIZ4wUcKveFVJI9Z9EClngM8KzGgT5p88ZBU5b+wxUMr56h4DrwCHO3
o/Tn7qc4TZUusYAGocPmDrG9XHRGm/CdGfya0kI5CRCp2aE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:16 2025 by rpki-client