Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
File: b01a5a70-e8bc-4c88-8f86-597d891eae77.roa (raw, json)
Hash identifier: tCUbPduvzVVD4LrcepDmCIXvvr6z5u4PqXU2GefKbuM=
Subject key identifier: 7A:00:9C:7D:DB:39:53:89:37:0F:E4:82:AF:5B:75:7F:0F:00:2C:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17662DBBE3D2B708E7D99DB6D2B077483AD965AA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
Signing time: Fri 26 Sep 2025 19:00:16 +0000
ROA not before: Fri 26 Sep 2025 19:00:16 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:66:2d:bb:e3:d2:b7:08:e7:d9:9d:b6:d2:b0:77:48:3a:d9:65:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:00:16 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=bb98004c2a7313baf1d5e7833f6ad7953c754981fb8772c0d856ba81738f9efc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d3:25:82:5c:09:eb:59:ba:79:ab:ff:02:f5:
e7:31:e7:29:71:ab:03:83:3b:96:22:10:0a:c4:0d:
c7:c4:f9:ea:eb:02:3f:41:9e:ec:33:37:81:6d:d0:
bb:80:be:e8:16:a1:ef:c9:64:b1:6c:e4:9f:a9:46:
8a:86:f7:99:99:c4:20:0b:8d:84:10:31:f9:54:71:
72:20:fe:72:7a:c7:36:62:6b:85:95:ba:2f:ac:c2:
ae:eb:c6:05:1b:12:27:41:4e:c9:2f:bb:71:37:87:
45:f7:bb:74:2f:ab:7a:ea:33:1f:9e:6d:6c:df:21:
33:ef:6c:f5:0a:92:f3:51:7d:29:3a:79:df:d8:49:
9a:96:02:66:6e:4d:cf:c7:8c:98:99:e7:c4:a5:32:
c2:76:b9:97:2c:33:c4:fa:7f:e9:74:87:84:1c:04:
3d:3d:fa:a3:9b:a1:31:5f:a4:87:99:8d:7c:04:af:
d2:e7:3d:49:49:9a:ac:5e:e5:f1:65:35:86:49:9b:
32:2a:6c:0a:28:27:f8:a7:c8:df:af:97:e8:93:72:
23:89:d5:3d:11:d2:0d:87:b3:19:32:b3:b3:a2:59:
ed:8c:7e:b8:5d:5a:1c:1e:c3:ab:be:22:19:67:2a:
5c:95:eb:38:03:05:c5:b5:2f:5a:2d:d1:9f:f9:bd:
15:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:00:9C:7D:DB:39:53:89:37:0F:E4:82:AF:5B:75:7F:0F:00:2C:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2080::/48
Signature Algorithm: sha256WithRSAEncryption
9d:1a:6e:d6:36:e2:79:7d:1b:71:13:60:30:ce:58:06:58:b7:
68:36:6b:1b:6b:ac:0e:bb:a9:d4:d9:31:f5:b7:b3:d9:00:be:
44:8b:27:d6:d0:38:82:ee:62:cc:05:6d:2d:56:53:73:28:4b:
36:ec:d1:68:3c:a3:ac:b1:b3:28:e8:ff:6e:3f:a1:8c:f7:5f:
a6:58:d2:60:9c:7c:08:92:af:0a:f0:bf:65:50:8e:88:5d:c3:
67:d7:df:08:a9:a3:34:0b:55:c9:70:85:1c:bf:08:2f:47:22:
6b:1f:60:6a:14:f3:de:71:dc:39:09:b1:d0:ac:e6:e4:18:71:
d9:7c:f0:e3:b1:29:c2:b0:a7:87:c9:cc:e4:f0:58:3c:2a:25:
25:9c:2d:75:46:e6:54:9b:66:8d:e7:a1:54:2d:05:6c:ff:f5:
4c:16:ad:89:d5:32:32:20:35:c7:05:95:da:03:ea:ec:db:10:
73:62:7f:90:54:59:37:b6:e6:f7:80:d8:dc:62:b3:96:9d:03:
1e:8d:17:27:9e:2c:bf:84:09:89:ec:c5:07:2a:0c:88:10:77:
ac:c4:9e:b3:c1:3f:1d:0e:01:03:62:97:b7:2c:91:65:68:6b:
7e:55:cd:b0:32:36:2a:85:84:df:e3:5a:b0:6d:b2:ac:be:c3:
ef:ce:9a:02
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUF2Ytu+PStwjn2Z220rB3SDrZZaowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTAwMTZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiOTgwMDRjMmE3MzEzYmFmMWQ1ZTc4MzNmNmFkNzk1M2M3NTQ5ODFmYjg3
NzJjMGQ4NTZiYTgxNzM4ZjllZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrTJYJcCetZunmr/wL15zHnKXGrA4M7liIQCsQNx8T56usCP0Ge7DM3gW3Q
u4C+6Bah78lksWzkn6lGiob3mZnEIAuNhBAx+VRxciD+cnrHNmJrhZW6L6zCruvG
BRsSJ0FOyS+7cTeHRfe7dC+reuozH55tbN8hM+9s9QqS81F9KTp539hJmpYCZm5N
z8eMmJnnxKUywna5lywzxPp/6XSHhBwEPT36o5uhMV+kh5mNfASv0uc9SUmarF7l
8WU1hkmbMipsCign+KfI36+X6JNyI4nVPRHSDYezGTKzs6JZ7Yx+uF1aHB7Dq74i
GWcqXJXrOAMFxbUvWi3Rn/m9FZ0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR6AJx9
2zlTiTcP5IKvW3V/DwAs3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjAxYTVhNzAtZThiYy00Yzg4LThmODYtNTk3ZDg5MWVhZTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
gDANBgkqhkiG9w0BAQsFAAOCAQEAnRpu1jbieX0bcRNgMM5YBli3aDZrG2usDrup
1Nkx9bez2QC+RIsn1tA4gu5izAVtLVZTcyhLNuzRaDyjrLGzKOj/bj+hjPdfpljS
YJx8CJKvCvC/ZVCOiF3DZ9ffCKmjNAtVyXCFHL8IL0ciax9gahTz3nHcOQmx0Kzm
5Bhx2Xzw47EpwrCnh8nM5PBYPColJZwtdUbmVJtmjeehVC0FbP/1TBatidUyMiA1
xwWV2gPq7NsQc2J/kFRZN7bm94DY3GKzlp0DHo0XJ54sv4QJiezFByoMiBB3rMSe
s8E/HQ4BA2KXtyyRZWhrflXNsDI2KoWE3+NasG2yrL7D786aAg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:34 2025 by rpki-client