Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c5c3bf14-b850-4e48-bcfb-b119e8ad8001.roa
File: c5c3bf14-b850-4e48-bcfb-b119e8ad8001.roa (raw, json)
Hash identifier: AA/9kIPkUKd7aRZgENO2u9zpoE1wLdmtNYfCdM2OI8s=
Subject key identifier: AB:B9:7D:E6:8C:B2:78:04:34:DF:53:8C:2C:0F:56:D5:3F:C0:07:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E3AC0677196C7E8B91296B92977B0B4CB018DC0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c5c3bf14-b850-4e48-bcfb-b119e8ad8001.roa
Signing time: Mon 06 Oct 2025 17:51:00 +0000
ROA not before: Mon 06 Oct 2025 17:51:00 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:3a:c0:67:71:96:c7:e8:b9:12:96:b9:29:77:b0:b4:cb:01:8d:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:51:00 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=6b5c95339e098add42963efea987cfb3200b3b3e8f12bca0ab1fcb324bd72a66, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6d:45:8b:b1:f8:2e:9e:3e:85:87:d7:42:57:
f6:24:15:b3:21:ce:cc:20:31:b8:bf:e1:a2:b6:35:
c9:2d:a6:98:5f:93:a4:a1:9a:4c:95:c9:e4:24:bc:
93:0e:23:fb:83:5a:30:12:96:f3:a5:74:44:f5:0f:
4d:45:79:21:cd:d9:c7:cf:0c:b3:a5:17:6e:6c:16:
c7:33:33:8e:fd:29:11:43:25:ee:65:8c:d0:eb:76:
ca:24:f6:20:05:5a:db:f2:79:d9:bb:4f:4c:66:94:
64:d0:b4:9f:59:ed:1a:b6:3f:45:f4:a4:7f:ae:1b:
85:d9:61:58:9b:d5:95:f2:2d:dc:66:18:e9:d9:b0:
ad:bb:52:84:ae:e2:40:dd:2b:b1:9c:af:45:03:ca:
15:a6:f3:b0:5e:c2:0d:cf:8a:29:f3:dc:d2:e1:b9:
7f:90:41:31:54:42:5d:eb:86:31:82:96:a1:a9:00:
5f:19:e6:93:18:ed:90:36:a8:e6:8e:49:b6:60:63:
d7:52:55:12:e4:61:07:1b:94:cf:b4:14:e0:54:f8:
2f:15:a5:ad:98:03:39:73:62:59:70:2a:80:76:39:
09:4e:b2:55:b2:ef:dc:6b:26:64:72:2e:83:88:de:
07:62:6d:85:c6:59:10:35:86:bb:fb:1a:bf:1b:d1:
4a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B9:7D:E6:8C:B2:78:04:34:DF:53:8C:2C:0F:56:D5:3F:C0:07:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c5c3bf14-b850-4e48-bcfb-b119e8ad8001.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:8020::/48
Signature Algorithm: sha256WithRSAEncryption
66:cc:88:ce:c2:c9:4c:06:e1:99:82:40:18:5d:42:3e:40:65:
60:4f:a5:92:d7:e9:89:da:b6:6c:4b:16:25:fe:bf:88:29:7b:
4f:52:32:1a:65:cd:77:85:67:32:33:c5:14:75:82:a7:23:6e:
4c:82:59:7d:3f:8e:3e:2b:13:3a:7c:ab:4c:38:95:57:b5:32:
b6:9b:c5:1e:b6:f4:96:a5:e6:4d:2f:1d:34:1d:14:01:e2:12:
c1:9a:fd:be:e8:ba:f0:05:4e:c1:6e:f4:5a:ca:cf:5f:25:f4:
8d:7a:1b:31:cf:81:06:c4:44:2e:af:c5:0b:94:55:15:80:ba:
4e:e1:42:b4:0e:3e:15:74:51:d9:9e:2c:6f:54:f7:83:df:ab:
37:61:09:f2:ca:2f:0e:c5:84:b2:6c:89:2c:51:fc:ca:02:81:
7d:9e:a7:27:4f:18:9d:13:04:ad:87:f8:49:12:7d:9f:fa:4c:
6d:1d:b0:46:a3:04:a8:1d:b0:6c:25:62:1f:09:40:56:e7:80:
64:16:4b:97:27:52:81:fc:1d:eb:15:4c:21:8a:63:a8:40:65:
b7:7a:68:36:de:fa:33:b2:14:53:d0:c4:d9:d6:dd:6d:1f:18:
76:0d:44:10:f1:56:a6:82:e8:43:ac:99:06:08:28:7e:c2:52:
28:5e:3a:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfjrAZ3GWx+i5Epa5KXewtMsBjcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUxMDBaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiNWM5NTMzOWUwOThhZGQ0Mjk2M2VmZWE5ODdjZmIzMjAwYjNiM2U4ZjEy
YmNhMGFiMWZjYjMyNGJkNzJhNjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9tRYux+C6ePoWH10JX9iQVsyHOzCAxuL/horY1yS2mmF+TpKGaTJXJ5CS8
kw4j+4NaMBKW86V0RPUPTUV5Ic3Zx88Ms6UXbmwWxzMzjv0pEUMl7mWM0Ot2yiT2
IAVa2/J52btPTGaUZNC0n1ntGrY/RfSkf64bhdlhWJvVlfIt3GYY6dmwrbtShK7i
QN0rsZyvRQPKFabzsF7CDc+KKfPc0uG5f5BBMVRCXeuGMYKWoakAXxnmkxjtkDao
5o5JtmBj11JVEuRhBxuUz7QU4FT4LxWlrZgDOXNiWXAqgHY5CU6yVbLv3GsmZHIu
g4jeB2JthcZZEDWGu/savxvRSsECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSruX3m
jLJ4BDTfU4wsD1bVP8AHtTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzVjM2JmMTQtYjg1MC00ZTQ4LWJjZmItYjExOWU4YWQ4MDAxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H2A
IDANBgkqhkiG9w0BAQsFAAOCAQEAZsyIzsLJTAbhmYJAGF1CPkBlYE+lktfpidq2
bEsWJf6/iCl7T1IyGmXNd4VnMjPFFHWCpyNuTIJZfT+OPisTOnyrTDiVV7UytpvF
Hrb0lqXmTS8dNB0UAeISwZr9vui68AVOwW70WsrPXyX0jXobMc+BBsRELq/FC5RV
FYC6TuFCtA4+FXRR2Z4sb1T3g9+rN2EJ8sovDsWEsmyJLFH8ygKBfZ6nJ08YnRME
rYf4SRJ9n/pMbR2wRqMEqB2wbCViHwlAVueAZBZLlydSgfwd6xVMIYpjqEBlt3po
Nt76M7IUU9DE2dbdbR8Ydg1EEPFWpoLoQ6yZBggofsJSKF46aw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:27 2025 by rpki-client