Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
File: b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa (raw, json)
Hash identifier: J5o9YahmCdyvl3/Lriro1Vnparppwbb0G7hJFSHgVCA=
Subject key identifier: 63:73:79:7C:53:F7:21:A2:0E:C6:26:26:D9:3B:AE:57:1F:DB:F5:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 328C1DD8F387A8EE3DE7EB37E7C490B72D6AE537
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
Signing time: Fri 26 Sep 2025 19:51:41 +0000
ROA not before: Fri 26 Sep 2025 19:51:41 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:8c:1d:d8:f3:87:a8:ee:3d:e7:eb:37:e7:c4:90:b7:2d:6a:e5:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:51:41 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=ac2e69172a2a58c6c49250b05ecebd67b2dd7e15cc49518228e46d39f531ac9c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9e:c8:12:80:f5:c2:56:82:ba:eb:34:6b:da:
a4:8e:f8:13:72:43:da:77:b9:b6:9e:ec:fa:7a:29:
06:5b:63:18:db:54:b1:19:11:01:06:19:c8:9b:1a:
d6:89:1b:5f:89:2f:0d:7b:3c:6d:53:42:94:59:75:
31:dd:2d:a8:7e:39:e6:00:a2:cd:89:4a:0d:fc:45:
f6:83:a7:65:3f:2b:b4:3c:be:dc:cc:c9:9e:24:85:
6a:36:89:8f:72:7a:09:87:8e:d2:41:5f:76:03:9b:
26:38:00:6e:f4:6c:62:31:ab:53:57:a5:36:0d:b2:
bd:06:47:85:1a:ac:6e:62:22:e5:1c:5b:e3:0d:ed:
7a:db:32:0d:ce:0d:35:f9:12:47:6e:8f:f2:44:fe:
1d:3f:09:d7:7b:4a:b4:7c:8d:60:05:ed:b9:7d:ac:
27:14:85:e1:60:6d:57:a8:05:01:b0:63:ca:70:b5:
a1:3b:6d:f8:9b:97:2b:4c:21:5e:15:db:9a:97:20:
4a:b3:c8:82:d9:54:57:42:31:87:06:4d:4a:1f:af:
05:1a:f5:b2:e6:de:9f:f6:58:43:82:8e:ba:dc:0a:
ef:00:e1:4f:5b:e5:00:61:5a:42:87:f5:99:6d:fc:
81:db:07:37:f5:5a:6d:85:e8:6c:fd:f3:5b:a4:36:
43:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:73:79:7C:53:F7:21:A2:0E:C6:26:26:D9:3B:AE:57:1F:DB:F5:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:800::/38
Signature Algorithm: sha256WithRSAEncryption
a7:24:5b:e2:77:75:6a:4c:12:1e:64:42:75:2b:f3:3a:8e:de:
dc:71:83:11:cd:e6:e4:ee:35:55:3e:b2:92:04:07:54:52:ee:
6f:c5:7a:24:c1:5c:4a:0f:2b:11:58:2e:18:13:6d:36:fb:dc:
be:2c:ad:bf:31:68:d9:f8:d5:5c:64:aa:45:19:6b:67:01:89:
c2:87:2c:45:44:21:3a:f2:58:70:42:5a:cb:dd:bb:2f:e9:09:
4b:25:0e:a2:8c:35:27:82:38:38:80:a6:da:e8:ec:68:5f:ed:
26:4c:a4:b1:a3:bb:e9:24:8e:05:fb:5a:a1:ae:3c:33:76:af:
7a:1d:fe:ce:2f:1a:cb:60:1f:0a:47:f8:8a:37:ce:da:2b:56:
22:90:22:58:2e:c2:d8:b7:73:3f:4d:1a:59:62:6d:d0:03:9f:
f2:e1:68:76:83:11:99:0a:de:43:2d:10:6f:f2:3c:37:ac:5d:
79:bc:85:9b:17:34:14:c3:a0:60:ae:f4:d2:41:ce:84:ac:f6:
86:74:5f:c1:31:d7:27:9b:c1:a9:98:5c:5a:2e:80:78:c9:fe:
61:26:ee:73:f8:99:b5:04:4c:58:5e:88:85:f2:3b:6f:44:e1:
9d:ba:e9:70:2f:2a:2f:09:c5:76:48:da:cd:8a:f0:bc:39:90:
cc:22:4a:61
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMowd2POHqO495+s358SQty1q5TcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTUxNDFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjMmU2OTE3MmEyYTU4YzZjNDkyNTBiMDVlY2ViZDY3YjJkZDdlMTVjYzQ5
NTE4MjI4ZTQ2ZDM5ZjUzMWFjOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+eyBKA9cJWgrrrNGvapI74E3JD2ne5tp7s+nopBltjGNtUsRkRAQYZyJsa
1okbX4kvDXs8bVNClFl1Md0tqH455gCizYlKDfxF9oOnZT8rtDy+3MzJniSFajaJ
j3J6CYeO0kFfdgObJjgAbvRsYjGrU1elNg2yvQZHhRqsbmIi5Rxb4w3tetsyDc4N
NfkSR26P8kT+HT8J13tKtHyNYAXtuX2sJxSF4WBtV6gFAbBjynC1oTtt+JuXK0wh
XhXbmpcgSrPIgtlUV0IxhwZNSh+vBRr1suben/ZYQ4KOutwK7wDhT1vlAGFaQof1
mW38gdsHN/VabYXobP3zW6Q2Q70CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRjc3l8
U/chog7GJibZO65XH9v1FTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yjc2NjgzZmItZDQxZi00YmZkLWJhNzgtYjRiMjQ5MmFjZDFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4I
MA0GCSqGSIb3DQEBCwUAA4IBAQCnJFvid3VqTBIeZEJ1K/M6jt7ccYMRzebk7jVV
PrKSBAdUUu5vxXokwVxKDysRWC4YE202+9y+LK2/MWjZ+NVcZKpFGWtnAYnChyxF
RCE68lhwQlrL3bsv6QlLJQ6ijDUngjg4gKba6OxoX+0mTKSxo7vpJI4F+1qhrjwz
dq96Hf7OLxrLYB8KR/iKN87aK1YikCJYLsLYt3M/TRpZYm3QA5/y4Wh2gxGZCt5D
LRBv8jw3rF15vIWbFzQUw6BgrvTSQc6ErPaGdF/BMdcnm8GpmFxaLoB4yf5hJu5z
+Jm1BExYXoiF8jtvROGduulwLyovCcV2SNrNivC8OZDMIkph
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:08 2025 by rpki-client