Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a74aaa95-252d-4e97-92fa-1c779bc72adc.roa
File: a74aaa95-252d-4e97-92fa-1c779bc72adc.roa (raw, json)
Hash identifier: 7rrkD+qrVj9bbAtUREEBvTpaSGCCBqtowU9k+pHFeNs=
Subject key identifier: 84:D4:2C:08:7F:3D:48:E9:78:9E:0B:E2:6E:76:9F:55:CD:7A:D1:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2BDB547408B89171FCDF1778C5FB794ADBA567D8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a74aaa95-252d-4e97-92fa-1c779bc72adc.roa
Signing time: Mon 06 Oct 2025 18:00:09 +0000
ROA not before: Mon 06 Oct 2025 18:00:09 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:db:54:74:08:b8:91:71:fc:df:17:78:c5:fb:79:4a:db:a5:67:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:00:09 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=deb0c7d2459771b69f3b3364a439025595432935001d0c3a9f374fbd732a6ddc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:24:83:e9:08:22:d9:46:69:79:ec:fb:b7:b8:
43:ad:cc:f0:f7:79:12:c4:d3:7d:0a:c0:6d:b4:d2:
f8:26:9f:bb:19:59:55:f9:66:1c:03:84:e5:de:6c:
93:5f:65:15:7a:39:d9:25:43:a1:72:b9:90:c4:34:
d1:83:56:24:b4:85:ae:31:60:84:b5:39:40:12:1c:
2f:ad:98:c8:55:2c:9a:96:d0:50:14:53:52:0a:ff:
4e:ae:a2:75:9a:06:33:1c:99:22:e8:9c:ec:8c:76:
ed:15:d5:c2:d5:49:e6:79:29:68:46:8d:fd:14:1e:
bd:0a:e5:36:3a:ce:5c:18:ee:af:87:0e:7e:18:7f:
b9:62:eb:a3:c5:a8:01:ec:02:ec:4b:6a:32:26:27:
4e:89:ff:74:92:40:01:4a:00:74:37:0e:82:1d:49:
aa:6d:8a:80:5a:b5:d4:c8:17:43:27:ca:ff:3b:55:
c2:27:26:c9:1b:d5:99:10:0c:fc:76:c6:19:28:5c:
3a:c9:b8:7c:8c:2a:59:68:f1:be:fe:47:84:9d:d1:
d3:53:25:5a:b7:c2:0d:cc:0d:88:aa:64:30:d4:4d:
85:9c:af:ff:55:36:72:08:66:07:a7:b0:43:33:5a:
8d:93:6c:7c:92:a4:29:bc:6f:e5:d5:5b:27:27:80:
3d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D4:2C:08:7F:3D:48:E9:78:9E:0B:E2:6E:76:9F:55:CD:7A:D1:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a74aaa95-252d-4e97-92fa-1c779bc72adc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8080::/46
Signature Algorithm: sha256WithRSAEncryption
7c:99:2a:b6:cb:77:79:2a:6f:9a:36:83:fd:9f:f7:c0:d5:71:
62:01:b9:49:4f:25:d4:70:55:ca:01:82:8c:b3:26:32:c7:0a:
6c:4f:ab:4a:e3:17:ac:86:5b:71:e6:8e:d6:04:88:22:15:70:
e7:78:06:03:b3:ae:df:41:41:e5:36:35:09:d1:20:12:3c:9a:
a3:cb:e2:37:c6:23:a8:a7:8e:dc:d3:2b:c4:ef:8b:89:a1:a6:
9d:6f:f3:f2:02:2e:c0:e3:f7:35:6e:09:8d:5e:31:7c:06:06:
7a:04:c2:70:74:70:c2:3a:d5:b1:ad:76:2a:5d:48:90:7d:7a:
37:10:e7:11:bb:21:48:2f:1a:68:64:4c:9c:6f:62:8d:7c:1d:
4c:f0:91:43:b9:a1:01:7e:57:45:e0:a8:a6:58:e2:b4:3d:88:
2b:a7:b5:4a:c0:42:ed:0e:40:3d:85:6f:ca:90:55:fc:a7:32:
63:4d:10:b5:d1:0d:54:27:b8:e9:ac:84:ad:51:70:8a:b0:3e:
59:af:86:a4:3c:9d:41:4e:62:98:3a:6f:45:4c:b7:0f:01:36:
67:6d:0b:03:b1:c8:22:44:88:a9:37:91:64:d2:69:85:8a:82:
07:6a:d1:87:66:02:3b:e1:33:9a:f7:80:8f:0b:9d:f3:f8:9d:
07:07:00:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUK9tUdAi4kXH83xd4xft5StulZ9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAwMDlaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlYjBjN2QyNDU5NzcxYjY5ZjNiMzM2NGE0MzkwMjU1OTU0MzI5MzUwMDFk
MGMzYTlmMzc0ZmJkNzMyYTZkZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJokg+kIItlGaXns+7e4Q63M8Pd5EsTTfQrAbbTS+CafuxlZVflmHAOE5d5s
k19lFXo52SVDoXK5kMQ00YNWJLSFrjFghLU5QBIcL62YyFUsmpbQUBRTUgr/Tq6i
dZoGMxyZIuic7Ix27RXVwtVJ5nkpaEaN/RQevQrlNjrOXBjur4cOfhh/uWLro8Wo
AewC7EtqMiYnTon/dJJAAUoAdDcOgh1Jqm2KgFq11MgXQyfK/ztVwicmyRvVmRAM
/HbGGShcOsm4fIwqWWjxvv5HhJ3R01MlWrfCDcwNiKpkMNRNhZyv/1U2cghmB6ew
QzNajZNsfJKkKbxv5dVbJyeAPbECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSE1CwI
fz1I6XieC+Judp9VzXrR8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc0YWFhOTUtMjUyZC00ZTk3LTkyZmEtMWM3NzliYzcyYWRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
gDANBgkqhkiG9w0BAQsFAAOCAQEAfJkqtst3eSpvmjaD/Z/3wNVxYgG5SU8l1HBV
ygGCjLMmMscKbE+rSuMXrIZbceaO1gSIIhVw53gGA7Ou30FB5TY1CdEgEjyao8vi
N8YjqKeO3NMrxO+LiaGmnW/z8gIuwOP3NW4JjV4xfAYGegTCcHRwwjrVsa12Kl1I
kH16NxDnEbshSC8aaGRMnG9ijXwdTPCRQ7mhAX5XReCopljitD2IK6e1SsBC7Q5A
PYVvypBV/KcyY00QtdENVCe46ayErVFwirA+Wa+GpDydQU5imDpvRUy3DwE2Z20L
A7HIIkSIqTeRZNJphYqCB2rRh2YCO+EzmveAjwud8/idBwcAzw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:38 2025 by rpki-client