Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
File: b7d242ad-482b-4700-888a-b677a178a4bf.roa (raw, json)
Hash identifier: GD/+NcrE/s4WslVVewcczFfhg01wvNQpGsW6MGp1mPI=
Subject key identifier: A4:E2:C5:74:A4:ED:21:5C:C3:F1:DA:38:5C:53:62:3A:CF:AE:F9:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A0A0982811B10630C6AAB6D9013DE3E1C3E6F6E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
Signing time: Fri 26 Sep 2025 19:01:33 +0000
ROA not before: Fri 26 Sep 2025 19:01:33 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:0a:09:82:81:1b:10:63:0c:6a:ab:6d:90:13:de:3e:1c:3e:6f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:01:33 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=295c227aa0f051d411bc7cbe9e362d265dea6c6fc575af5921105e5153ac754b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:c5:b5:b0:fc:55:6a:ee:bd:9e:dd:af:73:a2:
89:39:a5:ee:3f:7f:8d:dc:48:62:82:4e:22:1d:36:
97:2c:da:6b:5a:fa:f7:a0:69:18:25:0f:4a:d4:42:
05:41:84:8d:a4:d8:62:85:d3:1b:87:26:5e:35:37:
df:97:fd:62:cb:71:b6:0b:df:81:20:49:d9:52:64:
8a:2b:92:08:a3:cc:c0:ab:df:70:86:78:4c:de:7f:
3d:f8:a9:ad:43:24:3c:5a:39:af:87:49:8c:c2:4b:
48:e3:5e:b7:a7:08:d6:94:4d:5d:1c:c1:fa:cb:c5:
25:68:45:4b:75:b1:01:e1:57:f1:66:d8:4a:a9:aa:
32:e9:d6:21:7c:8b:74:d2:b5:56:57:6a:fb:51:01:
8d:9d:0d:dc:9b:6d:72:ef:fa:74:07:10:2d:a7:9a:
24:48:77:35:dd:61:59:28:9b:1d:ca:df:e4:48:be:
32:dc:fb:21:19:9d:0e:7f:cf:3c:a4:c4:c0:f2:a6:
a4:6d:84:4d:61:2d:0d:d4:32:6c:7b:69:15:a4:32:
8c:54:c7:58:e7:4e:c4:0c:91:96:ee:d0:9c:d1:e5:
93:77:a8:b3:c2:c5:7a:52:ab:4b:e6:89:a1:54:2f:
f4:26:2f:b9:71:be:20:22:dc:03:81:69:34:24:46:
57:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E2:C5:74:A4:ED:21:5C:C3:F1:DA:38:5C:53:62:3A:CF:AE:F9:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6080::/48
Signature Algorithm: sha256WithRSAEncryption
b0:d0:d4:5a:b7:30:0f:05:cb:25:dc:9e:b4:81:1d:25:39:41:
10:c2:13:7f:2f:4f:68:85:1b:d0:67:7c:53:f1:44:02:74:06:
54:c6:38:f0:76:82:d3:46:96:86:54:64:01:38:a7:6f:7e:dc:
45:b2:3e:d3:d5:e2:da:46:55:1e:bf:f3:5f:e8:ab:84:5f:b8:
50:44:38:65:7f:73:9e:d2:72:20:aa:f8:b3:ec:db:ca:81:49:
90:a0:10:c5:ac:8a:2b:e8:a1:cb:a2:45:c6:62:78:3c:da:47:
bc:9f:5e:8c:c0:c3:ed:3b:c7:bd:82:3e:ed:3f:f4:bb:4a:40:
e5:6e:c6:ae:5d:3c:14:9a:52:1e:13:2d:a6:40:73:04:f0:f4:
a1:0d:5f:31:33:fa:90:b5:50:e6:ab:50:b0:4a:d4:13:49:99:
ca:7e:9e:81:0b:cf:b0:4a:73:1b:df:06:ae:03:82:22:cf:23:
e8:6a:59:93:c3:5a:03:f2:bc:b4:47:b6:65:6d:72:9d:9d:27:
ae:f0:47:a0:ca:06:fb:73:1d:f6:90:52:ae:5f:2f:7c:c3:79:
4e:f6:33:ec:b2:7d:e1:bf:da:7e:23:80:fb:38:96:62:48:c9:
f6:de:44:1a:df:84:33:b0:07:3e:ce:cb:44:57:14:b1:04:e2:
60:e8:4f:45
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUegoJgoEbEGMMaqttkBPePhw+b24wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTAxMzNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5NWMyMjdhYTBmMDUxZDQxMWJjN2NiZTllMzYyZDI2NWRlYTZjNmZjNTc1
YWY1OTIxMTA1ZTUxNTNhYzc1NGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO7FtbD8VWruvZ7dr3OiiTml7j9/jdxIYoJOIh02lyzaa1r696BpGCUPStRC
BUGEjaTYYoXTG4cmXjU335f9YstxtgvfgSBJ2VJkiiuSCKPMwKvfcIZ4TN5/Pfip
rUMkPFo5r4dJjMJLSONet6cI1pRNXRzB+svFJWhFS3WxAeFX8WbYSqmqMunWIXyL
dNK1Vldq+1EBjZ0N3Jttcu/6dAcQLaeaJEh3Nd1hWSibHcrf5Ei+Mtz7IRmdDn/P
PKTEwPKmpG2ETWEtDdQybHtpFaQyjFTHWOdOxAyRlu7QnNHlk3eos8LFelKrS+aJ
oVQv9CYvuXG+ICLcA4FpNCRGV/8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSk4sV0
pO0hXMPx2jhcU2I6z675vDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdkMjQyYWQtNDgyYi00NzAwLTg4OGEtYjY3N2ExNzhhNGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
gDANBgkqhkiG9w0BAQsFAAOCAQEAsNDUWrcwDwXLJdyetIEdJTlBEMITfy9PaIUb
0Gd8U/FEAnQGVMY48HaC00aWhlRkATinb37cRbI+09Xi2kZVHr/zX+irhF+4UEQ4
ZX9zntJyIKr4s+zbyoFJkKAQxayKK+ihy6JFxmJ4PNpHvJ9ejMDD7TvHvYI+7T/0
u0pA5W7Grl08FJpSHhMtpkBzBPD0oQ1fMTP6kLVQ5qtQsErUE0mZyn6egQvPsEpz
G98GrgOCIs8j6GpZk8NaA/K8tEe2ZW1ynZ0nrvBHoMoG+3Md9pBSrl8vfMN5TvYz
7LJ94b/afiOA+ziWYkjJ9t5EGt+EM7AHPs7LRFcUsQTiYOhPRQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:51:20 2025 by rpki-client