Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa
File: b7f51085-242e-4975-929d-5a48b9aa7650.roa (raw, json)
Hash identifier: t1T1Xzd1+uZi1fagxTC6c948Y6MZUAu84VgLWE8FR7M=
Subject key identifier: 16:3A:2D:F0:3E:C0:E1:98:23:4D:36:BE:20:59:22:88:C3:89:DE:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23BF3241F3D855DDBAC18104E10AFD43991DBE8F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa
Signing time: Fri 17 Oct 2025 21:10:19 +0000
ROA not before: Fri 17 Oct 2025 21:10:19 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:bf:32:41:f3:d8:55:dd:ba:c1:81:04:e1:0a:fd:43:99:1d:be:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 17 21:10:19 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=d5ab79dd7d4981f1e49803c1630baaa314460962a9725cba7841c6d331064624, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:31:00:21:27:7b:ed:ae:f0:9e:56:a7:88:dc:
35:f4:5d:45:e4:f9:24:39:89:f8:0a:7f:9e:ef:4c:
f7:86:5a:62:37:57:7b:2f:2d:7c:3f:1e:d1:91:51:
b3:18:86:04:a6:2e:fb:7f:86:a6:b7:c9:62:47:4c:
2d:a0:0c:f6:d9:23:46:b8:fc:e5:28:52:94:e6:23:
81:7c:6e:8a:4e:69:1a:7b:2f:50:41:6f:ad:de:dd:
9d:30:12:37:8b:84:1b:ba:ba:15:89:56:27:8c:f6:
34:e4:a2:48:0f:58:3d:dc:9c:d7:e6:ed:15:68:39:
41:cc:85:a3:04:43:1a:1f:4d:26:c9:b2:fd:c7:85:
05:f8:cd:1d:13:fd:55:39:9e:a7:72:56:cc:e1:1d:
f5:65:4f:16:96:1a:33:3e:1a:4b:23:2a:75:c5:ad:
fd:5e:a1:7d:db:5d:5e:17:a0:8c:cc:6b:da:55:32:
b6:69:60:90:eb:7d:99:2c:01:63:aa:1b:f5:77:90:
a5:8f:bb:7d:98:ea:bb:18:33:cf:a4:15:98:a6:39:
3b:59:68:5d:36:8b:8c:dd:ac:5b:64:25:f3:fd:3d:
70:37:e1:ed:04:5e:7f:03:30:22:0f:d0:d1:0a:d1:
1f:54:a8:28:1d:f8:72:b5:c7:33:d8:eb:d8:26:d7:
27:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:3A:2D:F0:3E:C0:E1:98:23:4D:36:BE:20:59:22:88:C3:89:DE:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:5000::/40
Signature Algorithm: sha256WithRSAEncryption
40:c7:a4:f0:ee:ee:e2:e9:c1:eb:19:5a:71:39:e6:c5:62:10:
92:b3:b6:7b:60:8a:12:f7:0b:f7:22:24:f5:f6:bf:3a:c7:2f:
94:3a:9e:06:cd:13:c4:04:2c:7b:90:53:57:46:95:d8:4c:8f:
cf:4e:40:47:49:b7:a2:a6:26:0a:35:b1:18:66:cc:76:24:2c:
09:4c:33:d1:55:d3:20:3e:50:7c:8d:8f:34:e5:04:bd:cf:31:
95:36:1b:88:aa:4a:9e:ae:69:12:15:dd:73:39:98:b0:5d:73:
8f:7e:53:30:80:71:40:2d:1b:08:c0:d9:fb:e3:d0:bb:53:08:
b4:54:93:42:cb:3e:27:0d:f4:cd:bf:7b:8e:96:b8:f0:90:17:
62:d1:cb:74:66:60:9e:28:7e:32:26:d5:22:59:f1:ae:21:1e:
50:bf:d6:fa:ec:c1:af:71:a4:a3:99:91:3b:31:f1:ed:d5:ae:
9a:d8:59:de:7e:8e:d6:48:4c:33:bf:75:cd:b1:95:a8:ff:8c:
32:63:29:79:a8:c9:56:55:70:5f:84:d0:67:52:80:92:49:c3:
03:18:5c:52:10:2b:12:f7:de:af:7c:f7:ec:e8:01:93:54:a0:
e2:52:b8:3c:73:ec:c8:4c:11:e1:c0:93:7b:de:b5:47:2a:87:
4d:ba:14:f6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI78yQfPYVd26wYEE4Qr9Q5kdvo8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTcyMTEwMTlaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1YWI3OWRkN2Q0OTgxZjFlNDk4MDNjMTYzMGJhYWEzMTQ0NjA5NjJhOTcy
NWNiYTc4NDFjNmQzMzEwNjQ2MjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOsxACEne+2u8J5Wp4jcNfRdReT5JDmJ+Ap/nu9M94ZaYjdXey8tfD8e0ZFR
sxiGBKYu+3+GprfJYkdMLaAM9tkjRrj85ShSlOYjgXxuik5pGnsvUEFvrd7dnTAS
N4uEG7q6FYlWJ4z2NOSiSA9YPdyc1+btFWg5QcyFowRDGh9NJsmy/ceFBfjNHRP9
VTmep3JWzOEd9WVPFpYaMz4aSyMqdcWt/V6hfdtdXhegjMxr2lUytmlgkOt9mSwB
Y6ob9XeQpY+7fZjquxgzz6QVmKY5O1loXTaLjN2sW2Ql8/09cDfh7QRefwMwIg/Q
0QrRH1SoKB34crXHM9jr2CbXJ3MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWOi3w
PsDhmCNNNr4gWSKIw4newTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdmNTEwODUtMjQyZS00OTc1LTkyOWQtNWE0OGI5YWE3NjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBAx6Tw7u7i6cHrGVpxOebFYhCSs7Z7YIoS9wv3
IiT19r86xy+UOp4GzRPEBCx7kFNXRpXYTI/PTkBHSbeipiYKNbEYZsx2JCwJTDPR
VdMgPlB8jY805QS9zzGVNhuIqkqermkSFd1zOZiwXXOPflMwgHFALRsIwNn749C7
Uwi0VJNCyz4nDfTNv3uOlrjwkBdi0ct0ZmCeKH4yJtUiWfGuIR5Qv9b67MGvcaSj
mZE7MfHt1a6a2Fnefo7WSEwzv3XNsZWo/4wyYyl5qMlWVXBfhNBnUoCSScMDGFxS
ECsS996vfPfs6AGTVKDiUrg8c+zITBHhwJN73rVHKodNuhT2
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:07 2025 by rpki-client