Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b57f891e-435b-45db-acce-db052c471fa6.roa
File: b57f891e-435b-45db-acce-db052c471fa6.roa (raw, json)
Hash identifier: F2G5JwUhw0JDxTOBUaxo6zSFNC1SPbrIyQBwaLA/oGc=
Subject key identifier: 5D:60:84:5B:C7:C5:1E:07:BA:91:6E:82:B8:A9:57:8E:03:DD:93:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BE39DF3C68BDDBA674377BE887DF74B9FC07AE4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b57f891e-435b-45db-acce-db052c471fa6.roa
Signing time: Mon 06 Oct 2025 17:50:09 +0000
ROA not before: Mon 06 Oct 2025 17:50:09 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:e3:9d:f3:c6:8b:dd:ba:67:43:77:be:88:7d:f7:4b:9f:c0:7a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:09 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=7eeffa0f9e342091238c5b3983c7d10ce61b20aa3479999ad2cd87835c8b17c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5f:00:f0:ed:d3:ad:77:7d:5e:1c:79:a8:0a:
27:1b:b8:49:2f:0f:07:87:b1:70:81:3a:53:12:7c:
cc:f9:2f:21:21:6b:6f:9d:34:78:73:9d:da:f3:5e:
e9:32:ee:58:de:ae:59:82:84:ed:00:1a:9a:c2:b9:
1e:40:07:60:ad:9e:49:f6:e6:8e:3d:bb:8c:cc:0c:
a3:aa:3c:4a:c5:20:79:1f:b2:21:d0:58:f9:03:f0:
d4:74:21:b2:b0:11:09:e1:2d:95:56:7c:eb:ff:1d:
46:47:df:ff:21:5f:66:ca:51:85:3d:07:00:2d:05:
ee:ea:c1:fc:01:b9:78:95:3e:57:b5:90:17:73:a8:
a6:45:b1:c0:69:8f:f2:ba:69:e9:c4:f3:3d:c3:f3:
18:b3:8b:a7:07:f3:13:db:c5:ac:56:1c:8c:74:f5:
db:79:f0:5e:50:06:63:d6:af:28:96:a5:96:70:8b:
04:a8:cd:0a:60:57:63:d1:b8:e0:55:40:d0:59:ef:
e6:1f:3d:a6:bd:d6:70:4c:0d:cf:e9:72:04:bc:b3:
7a:75:4b:b7:96:c3:59:8b:4a:3e:48:45:01:86:6e:
6a:63:c4:0d:85:37:51:63:fc:e5:23:59:a9:47:78:
28:33:3a:f5:6d:6d:d9:2a:0f:23:4b:bf:e0:c6:5e:
66:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:60:84:5B:C7:C5:1E:07:BA:91:6E:82:B8:A9:57:8E:03:DD:93:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b57f891e-435b-45db-acce-db052c471fa6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:840::/48
Signature Algorithm: sha256WithRSAEncryption
6a:2d:d2:46:33:b7:43:32:2f:94:bc:50:b9:3d:95:60:5e:a9:
e7:8f:57:e2:de:48:41:93:7c:0b:89:fa:f4:31:fb:f8:00:d0:
70:24:7c:c7:51:5e:25:5f:1e:03:d3:b9:56:ed:9e:bd:d4:ec:
ce:48:18:dd:40:05:f3:61:c4:66:56:b3:fa:b9:6b:b3:2d:3a:
a3:35:84:5c:cf:59:a6:77:8f:b7:da:8b:76:3c:d0:94:fa:0a:
28:ed:fd:7e:cc:e8:0e:d2:2b:72:34:df:dd:66:df:9e:75:78:
75:b5:26:d5:bc:17:27:92:85:b9:47:ca:4f:8d:32:38:2a:bc:
96:be:75:2c:52:c3:7f:61:48:68:05:ec:c5:92:f3:17:bd:8a:
6b:7b:42:aa:6a:09:62:43:75:7f:ec:62:97:11:0d:9d:48:f1:
72:6e:d5:65:63:e6:2c:7e:e9:2b:f1:e0:81:27:35:39:66:d1:
cd:5a:9a:92:79:d8:67:2c:db:f6:6b:ac:f7:83:30:52:a8:9f:
a2:3b:ae:ec:bd:67:6d:a0:15:0b:09:98:e8:72:7d:46:05:d2:
16:5b:07:9f:75:c7:a5:c9:55:e9:91:8d:79:66:29:0c:95:72:
cd:db:5d:25:fa:7e:c5:f2:2a:ef:73:62:d0:e4:01:d4:54:ad:
18:98:c5:35
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe+Od88aL3bpnQ3e+iH33S5/AeuQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwMDlaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlZWZmYTBmOWUzNDIwOTEyMzhjNWIzOTgzYzdkMTBjZTYxYjIwYWEzNDc5
OTk5YWQyY2Q4NzgzNWM4YjE3YzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOJfAPDt0613fV4ceagKJxu4SS8PB4excIE6UxJ8zPkvISFrb500eHOd2vNe
6TLuWN6uWYKE7QAamsK5HkAHYK2eSfbmjj27jMwMo6o8SsUgeR+yIdBY+QPw1HQh
srARCeEtlVZ86/8dRkff/yFfZspRhT0HAC0F7urB/AG5eJU+V7WQF3OopkWxwGmP
8rpp6cTzPcPzGLOLpwfzE9vFrFYcjHT123nwXlAGY9avKJallnCLBKjNCmBXY9G4
4FVA0Fnv5h89pr3WcEwNz+lyBLyzenVLt5bDWYtKPkhFAYZuamPEDYU3UWP85SNZ
qUd4KDM69W1t2SoPI0u/4MZeZukCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRdYIRb
x8UeB7qRboK4qVeOA92TyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjU3Zjg5MWUtNDM1Yi00NWRiLWFjY2UtZGIwNTJjNDcxZmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H0I
QDANBgkqhkiG9w0BAQsFAAOCAQEAai3SRjO3QzIvlLxQuT2VYF6p549X4t5IQZN8
C4n69DH7+ADQcCR8x1FeJV8eA9O5Vu2evdTszkgY3UAF82HEZlaz+rlrsy06ozWE
XM9ZpnePt9qLdjzQlPoKKO39fszoDtIrcjTf3WbfnnV4dbUm1bwXJ5KFuUfKT40y
OCq8lr51LFLDf2FIaAXsxZLzF72Ka3tCqmoJYkN1f+xilxENnUjxcm7VZWPmLH7p
K/HggSc1OWbRzVqaknnYZyzb9mus94MwUqifojuu7L1nbaAVCwmY6HJ9RgXSFlsH
n3XHpclV6ZGNeWYpDJVyzdtdJfp+xfIq73Ni0OQB1FStGJjFNQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:33 2025 by rpki-client