Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
File: b9f26696-5522-477d-b8bf-72de7350b09a.roa (raw, json)
Hash identifier: TuYLa5pgmy0GL6xk0/45pm4wstlVuvUt/qNMAUqo/9Y=
Subject key identifier: 43:F3:BE:62:D6:92:BF:74:A0:19:6B:54:24:56:1F:42:3A:3E:C7:53
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 423B80A810F74C9CAEE3CCECF0C47ABBB7CAAEA9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
Signing time: Fri 26 Sep 2025 18:50:48 +0000
ROA not before: Fri 26 Sep 2025 18:50:48 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:3b:80:a8:10:f7:4c:9c:ae:e3:cc:ec:f0:c4:7a:bb:b7:ca:ae:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:50:48 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=06e0b7501c6a21ea3fe60d7c1144bb0429af63ef319b49d71c05ba2cc9cbdc73, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ef:d9:82:2d:02:08:e2:2d:e4:ed:63:d2:d4:
68:da:72:dc:ac:02:b9:d4:b9:db:37:95:3b:f4:a4:
67:c8:81:4f:57:cb:ce:fa:17:68:f3:72:ee:f2:11:
31:a7:0f:04:7e:31:b6:78:a6:8e:5a:40:de:b8:12:
17:06:11:93:fb:02:0a:63:f0:29:59:54:78:59:8f:
ba:43:d2:4d:5d:13:b9:b2:54:d8:0e:c1:19:90:ce:
30:9e:a9:83:b4:d6:a2:ee:82:a9:90:75:44:8f:2d:
02:d7:c1:e4:45:ea:57:99:d5:8e:1d:f8:75:a6:69:
1c:95:15:dd:a6:ff:a2:4b:f0:0b:67:a7:6d:2e:e3:
82:4d:fc:fb:47:08:5c:41:ce:4a:af:3a:aa:bf:69:
7a:7d:50:67:05:9a:5f:2c:03:ce:b2:97:ab:46:64:
20:0d:9e:3c:a0:e9:2a:51:2a:04:12:92:a1:17:6e:
35:8a:25:94:26:18:4e:21:ec:4c:98:1e:5f:9c:a6:
1c:ef:01:af:c8:ca:28:32:68:54:6e:b5:ff:a1:8e:
ff:bf:a7:ca:71:fc:d6:fb:de:38:4f:e6:db:4b:06:
aa:0d:34:7f:a7:76:4f:8d:cc:2b:da:a3:3a:2f:2c:
77:83:4f:1e:91:af:92:51:49:c5:ff:82:c9:43:e5:
0e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F3:BE:62:D6:92:BF:74:A0:19:6B:54:24:56:1F:42:3A:3E:C7:53
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5000::/40
Signature Algorithm: sha256WithRSAEncryption
b2:25:8a:29:35:01:dc:64:1b:79:0c:12:b2:81:d3:ef:7f:27:
9f:60:e6:06:8e:3a:1a:cd:a3:46:1c:2b:c4:fa:ca:f3:19:f9:
b9:55:7b:fd:98:60:db:98:3a:ca:8f:80:71:a8:2c:23:dc:75:
ea:21:58:80:b3:d1:af:6b:0a:0b:de:99:16:77:0d:23:f2:ad:
3e:3a:37:b7:9a:6e:45:7c:c6:a7:55:7d:f3:58:40:ec:83:cf:
0b:5e:32:8c:eb:fd:63:b5:96:d9:98:76:d6:87:55:1c:e7:7e:
06:92:f3:ec:2b:64:cd:94:20:b0:eb:af:49:7f:55:39:95:a1:
33:38:05:b1:3c:5f:a4:7c:49:d1:70:1c:ec:c4:e7:fc:33:87:
7a:47:a1:72:9c:c3:c3:4b:73:5c:4a:10:16:f6:8e:64:c7:e9:
0a:97:7b:a8:d8:ed:13:dd:98:f1:95:8e:14:83:1b:c3:46:99:
a0:cc:b4:dc:94:0f:c5:7d:73:a4:16:1e:81:d6:b4:5f:9d:49:
54:4e:bf:58:2f:b7:ae:bf:b8:7b:33:1c:37:64:a1:46:53:12:
c8:5f:ca:8e:19:3c:78:3f:4e:49:99:90:ee:68:58:8b:9f:f2:
06:a9:14:38:97:39:e5:59:91:ab:b8:7f:58:d3:51:33:f9:f5:
9c:2a:92:60
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQjuAqBD3TJyu48zs8MR6u7fKrqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODUwNDhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2ZTBiNzUwMWM2YTIxZWEzZmU2MGQ3YzExNDRiYjA0MjlhZjYzZWYzMTli
NDlkNzFjMDViYTJjYzljYmRjNzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKPv2YItAgjiLeTtY9LUaNpy3KwCudS52zeVO/SkZ8iBT1fLzvoXaPNy7vIR
MacPBH4xtnimjlpA3rgSFwYRk/sCCmPwKVlUeFmPukPSTV0TubJU2A7BGZDOMJ6p
g7TWou6CqZB1RI8tAtfB5EXqV5nVjh34daZpHJUV3ab/okvwC2enbS7jgk38+0cI
XEHOSq86qr9pen1QZwWaXywDzrKXq0ZkIA2ePKDpKlEqBBKSoRduNYollCYYTiHs
TJgeX5ymHO8Br8jKKDJoVG61/6GO/7+nynH81vveOE/m20sGqg00f6d2T43MK9qj
Oi8sd4NPHpGvklFJxf+CyUPlDgkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRD875i
1pK/dKAZa1QkVh9COj7HUzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjlmMjY2OTYtNTUyMi00NzdkLWI4YmYtNzJkZTczNTBiMDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCyJYopNQHcZBt5DBKygdPvfyefYOYGjjoazaNG
HCvE+srzGfm5VXv9mGDbmDrKj4BxqCwj3HXqIViAs9GvawoL3pkWdw0j8q0+Oje3
mm5FfManVX3zWEDsg88LXjKM6/1jtZbZmHbWh1Uc534GkvPsK2TNlCCw669Jf1U5
laEzOAWxPF+kfEnRcBzsxOf8M4d6R6FynMPDS3NcShAW9o5kx+kKl3uo2O0T3Zjx
lY4UgxvDRpmgzLTclA/FfXOkFh6B1rRfnUlUTr9YL7euv7h7Mxw3ZKFGUxLIX8qO
GTx4P05JmZDuaFiLn/IGqRQ4lznlWZGruH9Y01Ez+fWcKpJg
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:00 2025 by rpki-client