Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c6065d-431b-4a4f-98c4-f607358ee480.roa
File: a6c6065d-431b-4a4f-98c4-f607358ee480.roa (raw, json)
Hash identifier: uQrKZL/ekKm72oPwmZ5j1wx7SuXxHR7gWQxpTw7SSus=
Subject key identifier: 8A:8F:D0:15:16:B5:A6:70:62:6F:AB:0C:79:F6:8E:00:AE:A9:38:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 384093D96739CDBB6FA576BC5E40DD7FCF206385
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c6065d-431b-4a4f-98c4-f607358ee480.roa
Signing time: Fri 26 Sep 2025 19:20:06 +0000
ROA not before: Fri 26 Sep 2025 19:20:06 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:40:93:d9:67:39:cd:bb:6f:a5:76:bc:5e:40:dd:7f:cf:20:63:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:20:06 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=aafc73cdd9f289713fbe034f30d025ca849c85a52138b395b93c66768959d990, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fe:36:b9:01:1c:e7:cc:34:58:4e:70:4c:da:
b6:1c:38:f8:db:a6:31:c3:28:46:b9:db:af:9e:c4:
0a:0a:11:74:95:5f:98:62:e4:fa:ca:1c:77:d9:c8:
5a:8d:b7:76:41:d6:d4:27:d9:35:d9:64:03:4b:8e:
56:96:42:32:a4:9a:54:a3:46:b8:57:1f:18:64:fe:
af:7d:86:03:ed:9e:83:5f:59:0f:8b:2d:e6:9f:05:
99:f1:ef:5b:f8:90:85:54:2a:e7:23:ee:d5:a6:1e:
d5:9a:91:81:f5:87:3b:36:6f:54:b4:89:6d:8c:63:
2b:d5:23:90:dc:82:2b:49:f9:d3:ef:33:dd:f7:74:
36:42:3e:83:b4:14:2d:80:e5:20:75:2e:02:68:d1:
9b:83:6a:e6:49:80:b3:40:1d:d2:a8:c5:e3:af:8e:
7b:b7:67:3b:a8:e5:b9:88:81:38:49:14:f3:c0:d8:
97:f6:e4:3f:64:43:d4:4b:fb:99:14:c1:bd:e0:62:
89:2a:87:0c:27:cc:91:3b:53:05:82:c6:f0:29:4d:
b8:32:4c:6d:5d:ce:0c:3b:1e:1a:ef:da:f1:32:b5:
07:10:42:1d:7f:b7:6d:68:fa:da:e4:7f:9e:77:c0:
18:6d:7f:ca:59:8a:83:85:94:4c:3c:27:1d:12:80:
76:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:8F:D0:15:16:B5:A6:70:62:6F:AB:0C:79:F6:8E:00:AE:A9:38:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c6065d-431b-4a4f-98c4-f607358ee480.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:c000::/40
Signature Algorithm: sha256WithRSAEncryption
66:eb:27:e7:e3:64:31:39:e4:e8:ba:d4:f6:4f:d2:40:0e:e4:
3c:a2:ec:d6:4b:6b:e0:ba:c9:3d:af:dc:ef:34:90:61:1a:1a:
2b:c8:60:a4:72:be:71:4c:0d:0a:89:61:06:52:fd:8e:6f:1e:
10:a9:43:a4:b8:91:5d:79:21:12:d0:c7:e5:98:c3:8e:60:3d:
0e:24:94:33:1d:03:62:b8:cc:a7:35:e6:ff:22:c1:03:3d:6d:
2b:00:d8:f7:06:25:ac:a2:77:b1:8b:03:43:9a:fa:13:63:ef:
19:0f:e8:f2:07:7d:79:a6:9e:f9:0a:ec:cf:29:bc:3c:41:42:
ae:03:a7:4c:c5:82:6f:1f:6b:1b:4a:5e:9d:43:eb:3a:61:7c:
b7:63:16:94:3d:26:7f:bd:f9:89:27:60:00:f0:bc:67:f3:aa:
19:68:55:13:c1:7b:9a:59:d3:f7:19:9f:17:10:3b:11:96:f8:
58:9e:45:f8:df:8b:52:ef:a5:bf:b2:23:c7:8e:3e:10:7b:23:
1d:d8:8b:26:b0:ed:bc:73:52:e3:9b:f8:f6:10:96:91:d0:d3:
d2:03:c8:5b:b0:ea:c6:8d:57:86:ac:b0:b0:19:f2:7f:c0:ef:
03:df:ad:f3:0e:c8:89:9e:ef:f0:d5:16:f5:8f:2f:9f:31:96:
75:fe:28:39
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOECT2Wc5zbtvpXa8XkDdf88gY4UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTIwMDZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhZmM3M2NkZDlmMjg5NzEzZmJlMDM0ZjMwZDAyNWNhODQ5Yzg1YTUyMTM4
YjM5NWI5M2M2Njc2ODk1OWQ5OTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKb+NrkBHOfMNFhOcEzathw4+NumMcMoRrnbr57ECgoRdJVfmGLk+socd9nI
Wo23dkHW1CfZNdlkA0uOVpZCMqSaVKNGuFcfGGT+r32GA+2eg19ZD4st5p8FmfHv
W/iQhVQq5yPu1aYe1ZqRgfWHOzZvVLSJbYxjK9UjkNyCK0n50+8z3fd0NkI+g7QU
LYDlIHUuAmjRm4Nq5kmAs0Ad0qjF46+Oe7dnO6jluYiBOEkU88DYl/bkP2RD1Ev7
mRTBveBiiSqHDCfMkTtTBYLG8ClNuDJMbV3ODDseGu/a8TK1BxBCHX+3bWj62uR/
nnfAGG1/ylmKg4WUTDwnHRKAdv0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSKj9AV
FrWmcGJvqwx59o4Arqk4hDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZjNjA2NWQtNDMxYi00YTRmLTk4YzQtZjYwNzM1OGVlNDgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/A
MA0GCSqGSIb3DQEBCwUAA4IBAQBm6yfn42QxOeToutT2T9JADuQ8ouzWS2vgusk9
r9zvNJBhGhoryGCkcr5xTA0KiWEGUv2Obx4QqUOkuJFdeSES0MflmMOOYD0OJJQz
HQNiuMynNeb/IsEDPW0rANj3BiWsonexiwNDmvoTY+8ZD+jyB315pp75CuzPKbw8
QUKuA6dMxYJvH2sbSl6dQ+s6YXy3YxaUPSZ/vfmJJ2AA8Lxn86oZaFUTwXuaWdP3
GZ8XEDsRlvhYnkX434tS76W/siPHjj4QeyMd2IsmsO28c1Ljm/j2EJaR0NPSA8hb
sOrGjVeGrLCwGfJ/wO8D363zDsiJnu/w1Rb1jy+fMZZ1/ig5
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:32 2025 by rpki-client