Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
File: ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa (raw, json)
Hash identifier: I5jv1pU73tqfA3FUosLXFQVlPld/00su9iIIiZQA6/U=
Subject key identifier: B8:6F:CE:EA:FD:8E:DF:F5:6E:A4:1D:62:E7:05:B4:CA:58:D4:4D:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B408A44B2BB64D94A663B59F143693F9D6AD92D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
Signing time: Mon 13 Oct 2025 17:55:56 +0000
ROA not before: Mon 13 Oct 2025 17:55:56 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:40:8a:44:b2:bb:64:d9:4a:66:3b:59:f1:43:69:3f:9d:6a:d9:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:55:56 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=1a3c06b061915b1e02fc19a46395fe6f4d258e5f69bd917db420636491d33246, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3f:63:32:29:80:3c:63:39:bd:11:2c:00:67:
16:c5:bc:48:74:30:1a:c2:47:7b:04:b2:35:87:36:
49:3d:36:61:7b:4e:bd:8f:c9:66:e0:f6:07:c9:30:
74:cd:05:82:10:4c:26:1b:27:4d:31:a5:b2:63:1d:
e0:75:f8:83:40:b7:05:f0:bc:53:36:37:99:62:f1:
14:a8:93:7a:20:52:77:7e:d9:e3:8d:4e:a6:86:b9:
9d:de:ef:07:b3:dd:58:af:b2:7e:aa:d5:ab:91:69:
25:d8:e2:e9:79:00:8b:19:74:03:f0:ef:c6:5a:e6:
df:18:97:c3:10:73:3e:1e:57:5e:15:cb:89:88:e7:
db:2c:04:a8:b1:b2:03:c1:90:73:1c:b4:3f:9f:b4:
4a:a4:db:e5:1b:17:dc:14:3f:82:3e:d1:59:7d:0c:
d0:8a:8c:d2:1d:6d:4c:50:2b:85:b2:7b:70:46:8b:
4b:6b:3a:fc:42:31:65:49:b1:47:76:9b:eb:b8:e6:
8a:44:c8:24:50:3a:74:3b:32:fc:82:5d:97:3d:ae:
35:c3:4f:a1:31:fc:78:f2:36:1e:8a:d4:a8:62:e2:
da:a5:f2:cf:aa:1f:8e:5a:9c:42:88:7e:8f:7d:72:
c1:f4:ba:cc:f2:a6:b9:85:81:0c:53:35:25:96:14:
ed:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6F:CE:EA:FD:8E:DF:F5:6E:A4:1D:62:E7:05:B4:CA:58:D4:4D:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
85:60:98:ed:74:cf:a5:bf:a4:0d:7e:6f:32:15:6d:b8:79:eb:
e2:fa:1c:8b:07:da:bb:c1:2f:d3:76:ff:87:da:2b:b6:ac:5f:
36:90:8b:be:2e:74:27:07:a0:13:58:77:1a:c9:c7:06:5a:df:
ea:fc:a8:42:e5:80:91:26:7e:8a:16:00:33:64:0b:9a:4e:ad:
b1:ae:9d:77:65:bf:b5:b3:b9:80:75:13:e9:4c:5b:51:77:5e:
b4:fd:e9:08:f8:26:c2:e5:77:dd:ca:01:65:08:c7:a4:b9:28:
d6:4f:c8:34:6d:52:01:16:b7:16:9e:ef:ae:a1:36:e8:8f:7b:
fc:03:7a:ca:c1:c1:5f:85:e1:87:1f:04:31:a1:1b:2e:f7:6a:
5a:d0:4f:e9:c3:95:33:b9:aa:3f:13:db:01:11:e8:f6:b5:97:
e5:6e:c9:0c:83:9c:d3:8a:9e:95:0b:b3:3a:61:f0:ec:ad:23:
ac:a4:aa:90:af:34:76:2b:b0:51:ee:14:41:4c:d8:68:89:90:
6a:30:64:8c:bf:d9:dc:d5:b9:43:e8:62:2d:7c:8d:7b:37:f2:
d5:3d:14:5f:60:f2:f6:da:4b:fa:03:f0:e6:7a:e5:f5:eb:e9:
9b:a6:63:0a:ed:14:7b:55:0b:1c:bc:99:01:fe:16:e4:c1:7b:
01:13:0f:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe0CKRLK7ZNlKZjtZ8UNpP51q2S0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU1NTZaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhM2MwNmIwNjE5MTViMWUwMmZjMTlhNDYzOTVmZTZmNGQyNThlNWY2OWJk
OTE3ZGI0MjA2MzY0OTFkMzMyNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN8/YzIpgDxjOb0RLABnFsW8SHQwGsJHewSyNYc2ST02YXtOvY/JZuD2B8kw
dM0FghBMJhsnTTGlsmMd4HX4g0C3BfC8UzY3mWLxFKiTeiBSd37Z441Opoa5nd7v
B7PdWK+yfqrVq5FpJdji6XkAixl0A/Dvxlrm3xiXwxBzPh5XXhXLiYjn2ywEqLGy
A8GQcxy0P5+0SqTb5RsX3BQ/gj7RWX0M0IqM0h1tTFArhbJ7cEaLS2s6/EIxZUmx
R3ab67jmikTIJFA6dDsy/IJdlz2uNcNPoTH8ePI2HorUqGLi2qXyz6ofjlqcQoh+
j31ywfS6zPKmuYWBDFM1JZYU7UMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4b87q
/Y7f9W6kHWLnBbTKWNRNNDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWM3ZDE2NTMtMmZhMy00ODE3LThlMDAtODdlNmMzZjJhOWMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQCFYJjtdM+lv6QNfm8yFW24eevi+hyLB9q7wS/T
dv+H2iu2rF82kIu+LnQnB6ATWHcayccGWt/q/KhC5YCRJn6KFgAzZAuaTq2xrp13
Zb+1s7mAdRPpTFtRd160/ekI+CbC5XfdygFlCMekuSjWT8g0bVIBFrcWnu+uoTbo
j3v8A3rKwcFfheGHHwQxoRsu92pa0E/pw5Uzuao/E9sBEej2tZflbskMg5zTip6V
C7M6YfDsrSOspKqQrzR2K7BR7hRBTNhoiZBqMGSMv9nc1blD6GItfI17N/LVPRRf
YPL22kv6A/DmeuX16+mbpmMK7RR7VQscvJkB/hbkwXsBEw+/
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:46 2025 by rpki-client