Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd75b960-96a2-4735-8f78-a99099ccb684.roa
File: bd75b960-96a2-4735-8f78-a99099ccb684.roa (raw, json)
Hash identifier: uDr7nzmDAF38HozY2dch1OeyUUbswc9QPIollUHEFvQ=
Subject key identifier: 5B:F9:C8:88:DB:A4:F1:AA:66:68:7D:5E:A2:57:70:4A:73:4D:16:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0DF413019645E40D376AF7B1B86CECD1453B39A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd75b960-96a2-4735-8f78-a99099ccb684.roa
Signing time: Mon 06 Oct 2025 18:10:02 +0000
ROA not before: Mon 06 Oct 2025 18:10:02 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:f4:13:01:96:45:e4:0d:37:6a:f7:b1:b8:6c:ec:d1:45:3b:39:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:10:02 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=71397cc219910d9464e911de03bd20a3f202a530709914a12076aed87ecfa004, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:24:05:3b:36:c6:d8:19:c3:bd:6c:0c:d9:88:
01:e9:af:71:e7:41:64:56:77:7a:7b:61:a1:18:fa:
28:49:f0:3f:35:3f:7d:f3:48:8f:2d:f3:14:33:a0:
96:a4:6e:a9:5a:82:e0:a0:3b:0e:0d:b0:ef:2f:57:
b9:c3:43:27:83:f0:54:11:a0:57:3b:a2:fe:e4:3a:
ea:e2:b4:73:0d:ad:f2:5c:7a:79:e6:22:6b:05:5d:
b5:bf:73:58:f8:1d:35:b8:34:35:e3:7d:79:82:9f:
3c:84:30:be:45:01:e7:86:a3:35:cf:52:20:e2:b1:
1f:b9:02:3e:ef:86:97:a2:eb:ba:fa:50:f6:b2:14:
68:7c:dc:c0:f2:27:6c:61:08:e1:52:54:92:e9:81:
ef:91:0b:87:e5:14:7a:61:a6:f6:72:6d:36:75:9e:
b4:dd:fc:ad:51:20:d5:13:c5:e9:40:2b:ea:a0:2a:
31:e8:8c:da:9b:c1:19:0d:86:ad:86:fc:04:ca:fa:
ba:14:a7:e1:ec:e9:5b:8e:99:b0:f8:3b:cf:ae:f9:
ae:1d:62:74:0b:33:57:e7:9f:48:87:83:93:ac:2c:
b7:64:73:db:a0:be:3e:d5:56:6c:51:1f:d2:97:47:
d4:00:90:d2:f4:f9:be:d0:f3:9e:f7:ab:c2:4a:3e:
b5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F9:C8:88:DB:A4:F1:AA:66:68:7D:5E:A2:57:70:4A:73:4D:16:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd75b960-96a2-4735-8f78-a99099ccb684.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:1000::/40
Signature Algorithm: sha256WithRSAEncryption
bc:13:cc:b4:06:ba:4d:25:cf:42:d1:c3:17:28:df:d6:f0:d1:
7a:ca:cb:d5:51:08:8c:6d:71:20:8f:c2:15:6f:52:39:aa:b6:
79:81:8d:f7:c3:4d:78:4e:09:b6:fa:83:73:85:a6:9d:6a:b4:
4c:da:44:2f:e5:59:a0:54:1f:a9:92:2e:99:0f:dd:01:4f:aa:
dc:ab:84:f6:79:86:fe:fa:85:93:36:fe:a2:cd:b3:60:1a:06:
56:f6:31:e9:53:f0:d6:0e:a8:43:91:6d:61:67:14:71:e7:06:
de:39:3b:4b:2d:c1:50:a2:d7:51:52:46:0e:32:33:d4:9b:9b:
77:2f:38:0d:95:41:85:25:ba:27:8c:36:8a:5f:75:30:93:a7:
f1:5c:8b:4c:3d:e4:94:46:7f:b7:1c:49:4b:c7:0c:c0:7e:79:
61:e0:82:7e:ba:04:2f:e4:13:aa:df:5a:8e:08:77:af:95:83:
9d:81:68:2a:b0:96:cc:3b:d3:44:93:36:72:a5:fe:f4:97:47:
29:a7:d3:a7:fc:8d:09:1a:ac:f8:5f:b0:f5:f2:c7:d6:37:b1:
51:08:3c:7a:b0:4b:36:21:74:f7:aa:80:31:e1:41:4a:09:12:
84:f8:d3:c9:65:e0:05:a7:80:40:d2:78:83:ab:f8:69:d8:f3:
f4:1e:51:47
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDfQTAZZF5A03avexuGzs0UU7OaAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODEwMDJaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxMzk3Y2MyMTk5MTBkOTQ2NGU5MTFkZTAzYmQyMGEzZjIwMmE1MzA3MDk5
MTRhMTIwNzZhZWQ4N2VjZmEwMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4kBTs2xtgZw71sDNmIAemvcedBZFZ3enthoRj6KEnwPzU/ffNIjy3zFDOg
lqRuqVqC4KA7Dg2w7y9XucNDJ4PwVBGgVzui/uQ66uK0cw2t8lx6eeYiawVdtb9z
WPgdNbg0NeN9eYKfPIQwvkUB54ajNc9SIOKxH7kCPu+Gl6LruvpQ9rIUaHzcwPIn
bGEI4VJUkumB75ELh+UUemGm9nJtNnWetN38rVEg1RPF6UAr6qAqMeiM2pvBGQ2G
rYb8BMr6uhSn4ezpW46ZsPg7z675rh1idAszV+efSIeDk6wst2Rz26C+PtVWbFEf
0pdH1ACQ0vT5vtDznverwko+tQ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRb+ciI
26TxqmZofV6iV3BKc00W2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmQ3NWI5NjAtOTZhMi00NzM1LThmNzgtYTk5MDk5Y2NiNjg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HMQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC8E8y0BrpNJc9C0cMXKN/W8NF6ysvVUQiMbXEg
j8IVb1I5qrZ5gY33w014Tgm2+oNzhaadarRM2kQv5VmgVB+pki6ZD90BT6rcq4T2
eYb++oWTNv6izbNgGgZW9jHpU/DWDqhDkW1hZxRx5wbeOTtLLcFQotdRUkYOMjPU
m5t3LzgNlUGFJbonjDaKX3Uwk6fxXItMPeSURn+3HElLxwzAfnlh4IJ+ugQv5BOq
31qOCHevlYOdgWgqsJbMO9NEkzZypf70l0cpp9On/I0JGqz4X7D18sfWN7FRCDx6
sEs2IXT3qoAx4UFKCRKE+NPJZeAFp4BA0niDq/hp2PP0HlFH
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:19 2025 by rpki-client