Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
File: c7743543-1a04-47c2-8128-1b90de9136a9.roa (raw, json)
Hash identifier: 8V1axLa6xOMMY141QiNZjbiw9DiUhiGcjl/MSAgLJAM=
Subject key identifier: 99:95:82:13:D0:86:85:C7:95:8F:0C:75:AA:76:E0:35:0A:55:EA:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25E8457BADAFC5711F5263ECCCF0153DFEB5A4DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
Signing time: Fri 26 Sep 2025 18:50:20 +0000
ROA not before: Fri 26 Sep 2025 18:50:20 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:e8:45:7b:ad:af:c5:71:1f:52:63:ec:cc:f0:15:3d:fe:b5:a4:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:50:20 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=03c87b24deab2bf031007bf9a93bf609ff0dd51cd8086b28b67541ca41016933, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:26:ca:a6:cb:1a:91:b0:ff:6d:8f:08:4e:09:
d5:70:99:2e:d3:aa:d6:fc:db:d2:0b:8f:ad:85:4f:
2d:3b:98:f5:ac:e8:4a:e2:0d:cc:8a:fd:a4:a9:f5:
c3:f9:54:6b:d8:2a:58:c5:28:5f:c9:f4:51:26:59:
88:1c:01:92:a1:eb:3d:4e:53:12:0f:5b:c8:a5:47:
b9:7a:6c:a6:a0:d1:e0:25:75:04:45:72:fd:4e:67:
d1:6c:c5:91:ed:b0:56:04:fe:44:e1:96:6c:56:1a:
f7:59:1d:cb:e2:a8:ab:d7:14:e0:1f:55:66:2b:d8:
3c:c3:36:f8:16:d6:c8:01:08:6c:1f:03:fb:dd:96:
5a:64:fe:98:f1:11:0d:a0:69:e3:0c:3c:18:c2:65:
03:3e:14:53:c5:1d:d6:c2:b8:5f:c4:51:04:8d:d8:
86:8e:86:99:90:03:58:a2:bd:0f:f4:16:d5:0f:d5:
35:10:94:6e:60:51:c6:fe:4b:e2:db:68:42:1e:80:
8a:88:d7:ed:b2:43:d0:60:cd:88:86:cf:00:73:48:
44:85:57:f7:ae:3c:f6:b9:bd:ae:1f:2f:b8:5c:e7:
97:88:bd:b6:a7:ab:0d:c4:46:ff:49:29:76:e8:13:
eb:47:d4:f0:65:5e:71:30:49:b0:cc:e0:2a:70:a8:
8c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:95:82:13:D0:86:85:C7:95:8F:0C:75:AA:76:E0:35:0A:55:EA:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8090::/48
Signature Algorithm: sha256WithRSAEncryption
a6:9a:2b:ec:c8:6f:3e:6d:33:d9:15:e4:24:e4:e3:73:2f:01:
65:cc:03:7e:f2:7f:3d:80:da:4d:16:e5:6c:05:68:c9:dc:e7:
24:00:7c:95:39:ff:09:b4:22:b6:4d:18:f3:5b:1d:2f:98:8c:
00:a8:3a:0a:cd:38:79:99:f2:db:84:f8:76:90:48:2f:f4:11:
f5:54:a9:06:ac:89:f9:8b:55:5a:5b:0c:8f:bf:c4:81:f0:5b:
4e:79:ba:62:6b:e3:cc:be:e6:8d:2f:ee:ff:13:bd:12:44:e8:
22:9a:54:cd:bb:51:3f:30:db:7b:d7:c3:cb:fe:b3:99:b5:3b:
4a:2f:88:13:22:13:d2:7c:b3:c5:39:0b:5a:31:d2:0c:85:f5:
89:cb:29:f4:7f:ce:1b:c4:aa:4e:a0:23:8a:ef:f3:33:37:32:
f6:8e:72:a3:3b:23:d3:0f:4a:78:e9:d5:c8:07:2e:93:53:e4:
f9:88:2f:71:78:1e:3f:65:12:9e:32:db:0c:d7:24:98:14:5e:
81:6f:03:71:da:95:3e:d0:8b:16:d6:b6:1b:eb:08:39:17:80:
85:bb:dc:e9:17:6a:a5:0c:b1:bf:fb:08:7f:63:a9:49:9d:0c:
ae:86:cf:1d:31:21:f3:0d:0e:74:77:d9:53:ef:b5:17:14:fb:
b0:a3:46:e0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJehFe62vxXEfUmPszPAVPf61pN0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODUwMjBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzYzg3YjI0ZGVhYjJiZjAzMTAwN2JmOWE5M2JmNjA5ZmYwZGQ1MWNkODA4
NmIyOGI2NzU0MWNhNDEwMTY5MzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4myqbLGpGw/22PCE4J1XCZLtOq1vzb0guPrYVPLTuY9azoSuINzIr9pKn1
w/lUa9gqWMUoX8n0USZZiBwBkqHrPU5TEg9byKVHuXpspqDR4CV1BEVy/U5n0WzF
ke2wVgT+ROGWbFYa91kdy+Koq9cU4B9VZivYPMM2+BbWyAEIbB8D+92WWmT+mPER
DaBp4ww8GMJlAz4UU8Ud1sK4X8RRBI3Yho6GmZADWKK9D/QW1Q/VNRCUbmBRxv5L
4ttoQh6AiojX7bJD0GDNiIbPAHNIRIVX96489rm9rh8vuFznl4i9tqerDcRG/0kp
dugT60fU8GVecTBJsMzgKnCojJMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSZlYIT
0IaFx5WPDHWqduA1ClXq9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc3NDM1NDMtMWEwNC00N2MyLTgxMjgtMWI5MGRlOTEzNmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
kDANBgkqhkiG9w0BAQsFAAOCAQEAppor7MhvPm0z2RXkJOTjcy8BZcwDfvJ/PYDa
TRblbAVoydznJAB8lTn/CbQitk0Y81sdL5iMAKg6Cs04eZny24T4dpBIL/QR9VSp
BqyJ+YtVWlsMj7/EgfBbTnm6YmvjzL7mjS/u/xO9EkToIppUzbtRPzDbe9fDy/6z
mbU7Si+IEyIT0nyzxTkLWjHSDIX1icsp9H/OG8SqTqAjiu/zMzcy9o5yozsj0w9K
eOnVyAcuk1Pk+YgvcXgeP2USnjLbDNckmBRegW8DcdqVPtCLFta2G+sIOReAhbvc
6RdqpQyxv/sIf2OpSZ0MrobPHTEh8w0OdHfZU++1FxT7sKNG4A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:26 2025 by rpki-client