Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
File: a7031a07-12ba-45f8-a53b-6bd5b713c999.roa (raw, json)
Hash identifier: ccAXdMgjSVTge+f+ZUlQvL/HK8RYGzcVZdd6wFCJkbY=
Subject key identifier: E9:25:39:FD:69:7C:6F:D1:BD:EA:22:84:88:1B:07:39:A5:2E:C2:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B6538BA9F0B4771ECE0A3A9658CA1370CEDF312
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
Signing time: Fri 26 Sep 2025 19:51:43 +0000
ROA not before: Fri 26 Sep 2025 19:51:43 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:65:38:ba:9f:0b:47:71:ec:e0:a3:a9:65:8c:a1:37:0c:ed:f3:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:51:43 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=18d11001fba488063f33be8bf94bfc0a118a18327c414385e767027b73754bc1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:88:59:a8:05:d4:2a:74:76:1f:24:8a:a0:67:
7f:ea:df:54:ac:6b:51:50:a9:e4:1e:79:a0:8a:af:
ec:76:d3:8f:77:fb:76:a4:5e:61:ff:cb:91:42:10:
fc:b3:ed:92:f9:e9:0d:21:80:e0:8d:4f:1c:9d:0c:
cb:42:39:01:e4:43:df:a1:48:ca:fb:7b:94:a9:a3:
28:1d:fb:6f:1c:df:45:6d:4e:a5:56:5d:dd:31:e2:
b8:ec:3a:15:8f:a2:9b:bb:89:fe:58:e1:4b:47:82:
95:b3:47:90:5e:c4:c6:c7:0f:ff:dd:0b:7c:32:8d:
15:5b:06:43:93:d5:ef:60:4a:04:33:51:43:c8:ea:
ff:78:d8:8a:05:84:35:87:78:65:79:5e:1e:60:57:
3a:58:08:13:d4:56:e8:85:8e:f6:09:e8:9e:55:10:
7d:49:11:4a:21:7b:3c:a9:4d:db:30:71:f3:97:03:
84:98:23:79:8f:94:28:31:40:25:a0:87:c0:2f:c4:
fd:44:78:d8:44:66:e4:d9:86:34:8a:ce:d5:28:c7:
6d:8e:c9:71:d9:1f:c3:b5:67:13:5e:f5:2c:a2:66:
c8:af:b5:0c:83:25:37:49:2a:b7:ac:4f:bd:ee:79:
d9:63:47:bf:57:42:33:3b:45:83:7a:02:1c:86:15:
27:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:25:39:FD:69:7C:6F:D1:BD:EA:22:84:88:1B:07:39:A5:2E:C2:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:400::/38
Signature Algorithm: sha256WithRSAEncryption
02:8b:df:22:2b:71:aa:33:57:e6:1a:aa:2f:45:07:6e:29:16:
c4:02:0c:6b:97:c5:be:3a:d0:2c:a0:73:6c:c0:c6:82:e4:d2:
35:97:c2:e3:db:7b:35:39:88:42:4a:cb:57:cf:1f:70:86:3b:
64:61:43:5f:06:9c:f5:8f:a9:ef:26:c3:52:d1:e0:ca:68:77:
d1:25:52:0e:62:57:98:12:93:63:88:2d:f5:1f:42:e5:ac:48:
8e:9a:c9:08:95:79:a4:9e:0c:ad:eb:ea:60:df:da:1d:73:9c:
95:d7:6a:42:5a:32:e6:cc:e7:ed:71:3b:8c:16:30:b3:4e:4a:
ed:8a:a2:8f:8a:a5:c6:db:11:e6:9e:80:b5:34:7d:ec:0f:78:
cb:51:90:62:5a:21:b4:64:05:e1:9e:6d:65:53:31:68:43:4b:
0e:3d:68:58:32:06:91:f9:10:fd:2c:ac:8e:09:fd:64:d6:5c:
c0:64:e5:34:b5:dd:ca:61:9b:d4:0b:1f:18:0d:22:ea:43:43:
5c:17:c0:81:dc:c6:10:38:31:fd:0c:25:05:65:63:34:b6:e2:
eb:23:e4:97:cf:64:c1:5b:55:48:2a:13:05:c3:72:98:6f:1e:
70:c9:1a:e3:95:0f:a4:82:58:b4:74:f0:c9:52:da:f3:51:f0:
60:fc:99:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK2U4up8LR3Hs4KOpZYyhNwzt8xIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTUxNDNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4ZDExMDAxZmJhNDg4MDYzZjMzYmU4YmY5NGJmYzBhMTE4YTE4MzI3YzQx
NDM4NWU3NjcwMjdiNzM3NTRiYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOWIWagF1Cp0dh8kiqBnf+rfVKxrUVCp5B55oIqv7HbTj3f7dqReYf/LkUIQ
/LPtkvnpDSGA4I1PHJ0My0I5AeRD36FIyvt7lKmjKB37bxzfRW1OpVZd3THiuOw6
FY+im7uJ/ljhS0eClbNHkF7ExscP/90LfDKNFVsGQ5PV72BKBDNRQ8jq/3jYigWE
NYd4ZXleHmBXOlgIE9RW6IWO9gnonlUQfUkRSiF7PKlN2zBx85cDhJgjeY+UKDFA
JaCHwC/E/UR42ERm5NmGNIrO1SjHbY7Jcdkfw7VnE171LKJmyK+1DIMlN0kqt6xP
ve552WNHv1dCMztFg3oCHIYVJ80CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTpJTn9
aXxv0b3qIoSIGwc5pS7CjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTcwMzFhMDctMTJiYS00NWY4LWE1M2ItNmJkNWI3MTNjOTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoE
MA0GCSqGSIb3DQEBCwUAA4IBAQACi98iK3GqM1fmGqovRQduKRbEAgxrl8W+OtAs
oHNswMaC5NI1l8Lj23s1OYhCSstXzx9whjtkYUNfBpz1j6nvJsNS0eDKaHfRJVIO
YleYEpNjiC31H0LlrEiOmskIlXmkngyt6+pg39odc5yV12pCWjLmzOftcTuMFjCz
TkrtiqKPiqXG2xHmnoC1NH3sD3jLUZBiWiG0ZAXhnm1lUzFoQ0sOPWhYMgaR+RD9
LKyOCf1k1lzAZOU0td3KYZvUCx8YDSLqQ0NcF8CB3MYQODH9DCUFZWM0tuLrI+SX
z2TBW1VIKhMFw3KYbx5wyRrjlQ+kgli0dPDJUtrzUfBg/JlZ
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:15:58 2025 by rpki-client