Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
File: b0fb422a-c1ce-4269-b503-2c8145fc798a.roa (raw, json)
Hash identifier: OGDROr72b032KD3ziYq3xH+QlHB1waFR+Z0AnscNNsE=
Subject key identifier: 05:A6:AF:60:A1:A3:45:35:80:9A:3B:3D:96:71:3C:4B:7C:A3:BB:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38A71B0967915F324BBA8EDA7E1A8F6F032D9568
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
Signing time: Fri 26 Sep 2025 19:00:13 +0000
ROA not before: Fri 26 Sep 2025 19:00:13 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:a7:1b:09:67:91:5f:32:4b:ba:8e:da:7e:1a:8f:6f:03:2d:95:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:00:13 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=006c733041900ed37b50face8015f696f99c7c0fee4fffde528f941bfe75b3f4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0f:98:8e:15:76:d2:cc:36:04:e6:7c:34:10:
ff:1e:17:1f:bf:28:61:da:9a:28:46:29:ed:85:9e:
02:6f:1f:b7:76:2f:d1:66:49:f4:97:cd:2b:ba:fc:
b3:02:23:f8:35:83:74:c3:0f:70:f8:ef:f4:a6:2e:
56:f2:3a:b5:52:0b:79:3f:3f:82:4d:d1:bf:42:3a:
0e:30:2b:f3:80:62:06:72:7c:99:3e:d2:25:69:13:
db:68:53:6b:77:39:62:cc:4c:65:69:50:39:05:4f:
e8:51:b7:30:0d:22:ea:ee:d8:b8:26:5c:bb:1d:2f:
cc:30:76:82:d5:c2:1c:44:33:bf:c1:2c:cb:81:cc:
2c:a7:e5:1f:b7:9c:25:13:e5:07:0c:aa:fc:8e:4e:
85:2b:14:7b:0f:d4:7b:ab:5c:3b:b4:70:5e:48:92:
4e:81:92:da:90:60:8b:54:0f:e1:dd:26:98:b7:27:
f8:32:26:10:29:ec:e1:70:24:1b:39:94:63:5f:19:
41:a9:95:6f:4b:bb:c5:d8:68:60:d0:1c:c2:49:3d:
cb:e1:49:17:59:53:9f:d8:5b:f5:ae:6a:6f:a4:d8:
34:2e:c3:59:7d:52:1c:de:e3:60:2e:a3:ff:35:5d:
d8:36:c7:35:4e:94:29:9c:31:4c:f9:99:92:30:44:
cd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A6:AF:60:A1:A3:45:35:80:9A:3B:3D:96:71:3C:4B:7C:A3:BB:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a020::/48
Signature Algorithm: sha256WithRSAEncryption
10:9f:72:ab:d7:d4:c8:f7:6b:27:32:a3:da:1f:3c:df:e3:23:
10:43:f4:d4:30:e0:e7:81:42:c6:de:81:74:98:5a:4e:12:21:
9c:b2:f1:3c:5a:b2:67:9f:89:96:d9:c3:1a:5c:7d:15:a5:2b:
ea:8a:a1:32:b0:a0:d8:49:10:1d:19:e3:6d:f0:a1:8b:00:20:
d0:5d:58:af:23:e1:e6:4c:2c:20:63:46:be:56:ff:82:bb:99:
a4:fd:a6:ee:b6:bf:98:41:c3:cc:e5:f1:bf:78:3e:98:91:b6:
6b:aa:95:2d:4c:10:6b:07:59:99:32:0b:d7:57:1d:ff:b2:da:
4e:ff:f2:52:86:c9:77:f3:a6:71:95:f6:9b:24:b7:b6:2f:45:
45:f2:6b:86:0f:eb:f9:f5:4c:ff:bb:48:dc:80:21:59:85:9e:
8c:ff:2e:fa:0b:bf:4a:6e:9c:64:6f:ca:5f:41:a1:bf:89:81:
b5:e7:11:13:df:56:ee:c3:c7:54:a5:70:84:4e:0a:00:5b:63:
cd:64:6d:46:98:3a:d4:9d:d0:ac:ca:f3:b5:64:7f:44:93:61:
5e:86:53:6e:6f:6b:da:46:ea:ab:5b:7a:8e:36:30:fb:6b:b4:
80:c8:0b:20:c6:36:e3:92:88:fa:b5:d9:24:b6:4a:25:fc:f7:
16:ca:49:2b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOKcbCWeRXzJLuo7afhqPbwMtlWgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTAwMTNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwNmM3MzMwNDE5MDBlZDM3YjUwZmFjZTgwMTVmNjk2Zjk5YzdjMGZlZTRm
ZmZkZTUyOGY5NDFiZmU3NWIzZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANwPmI4VdtLMNgTmfDQQ/x4XH78oYdqaKEYp7YWeAm8ft3Yv0WZJ9JfNK7r8
swIj+DWDdMMPcPjv9KYuVvI6tVILeT8/gk3Rv0I6DjAr84BiBnJ8mT7SJWkT22hT
a3c5YsxMZWlQOQVP6FG3MA0i6u7YuCZcux0vzDB2gtXCHEQzv8Esy4HMLKflH7ec
JRPlBwyq/I5OhSsUew/Ue6tcO7RwXkiSToGS2pBgi1QP4d0mmLcn+DImECns4XAk
GzmUY18ZQamVb0u7xdhoYNAcwkk9y+FJF1lTn9hb9a5qb6TYNC7DWX1SHN7jYC6j
/zVd2DbHNU6UKZwxTPmZkjBEzcMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQFpq9g
oaNFNYCaOz2WcTxLfKO7ijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBmYjQyMmEtYzFjZS00MjY5LWI1MDMtMmM4MTQ1ZmM3OThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
IDANBgkqhkiG9w0BAQsFAAOCAQEAEJ9yq9fUyPdrJzKj2h883+MjEEP01DDg54FC
xt6BdJhaThIhnLLxPFqyZ5+JltnDGlx9FaUr6oqhMrCg2EkQHRnjbfChiwAg0F1Y
ryPh5kwsIGNGvlb/gruZpP2m7ra/mEHDzOXxv3g+mJG2a6qVLUwQawdZmTIL11cd
/7LaTv/yUobJd/OmcZX2myS3ti9FRfJrhg/r+fVM/7tI3IAhWYWejP8u+gu/Sm6c
ZG/KX0Ghv4mBtecRE99W7sPHVKVwhE4KAFtjzWRtRpg61J3QrMrztWR/RJNhXoZT
bm9r2kbqq1t6jjYw+2u0gMgLIMY245KI+rXZJLZKJfz3FspJKw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:37 2025 by rpki-client