Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2b7a4eb-e2de-4458-a759-5125161eb686.roa
File: d2b7a4eb-e2de-4458-a759-5125161eb686.roa (raw, json)
Hash identifier: hn4nzuKKeVx6LXN1JGuh5O5g2DnXLQLaWWPSPXw7IiU=
Subject key identifier: 76:86:C9:A2:C3:DF:CA:4E:EF:A8:4E:AD:1D:5E:F8:E6:BD:E6:18:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F579978AAAA460DA282EAA67DB9A761BE5AA5EF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2b7a4eb-e2de-4458-a759-5125161eb686.roa
Signing time: Fri 10 Oct 2025 17:04:21 +0000
ROA not before: Fri 10 Oct 2025 17:04:21 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:57:99:78:aa:aa:46:0d:a2:82:ea:a6:7d:b9:a7:61:be:5a:a5:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:04:21 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=ebf70e2d2fd7c96efad80a98d0324f08ed964cc91168aff2c5652e7886297fef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:92:8f:f4:f4:b7:32:81:9c:92:0f:d9:f6:ce:
c3:42:d6:74:20:e9:22:80:f3:9d:99:b5:be:41:14:
0e:d1:93:f4:57:4e:de:3f:74:1c:6b:ea:f7:f8:0e:
e4:1f:b4:4e:49:2a:82:82:d5:26:43:3d:4e:fd:12:
0b:c1:96:ad:dd:fc:34:fb:2a:c7:73:fd:b7:19:60:
2e:75:04:01:10:79:54:0a:c7:44:5b:db:a0:16:e7:
2d:b1:89:c5:c7:a2:4d:c8:01:3a:1f:b3:42:10:02:
94:a7:89:6e:7e:14:7c:03:5d:12:4b:d2:60:2d:fd:
4e:c7:8d:cb:8a:c0:a0:d4:c0:a6:5f:8a:2c:68:45:
b3:33:5c:3a:58:9a:a4:e7:5c:0e:63:36:3d:f5:22:
bb:42:ee:33:20:73:97:64:fb:d8:9d:6c:12:cb:f8:
62:0c:49:cd:15:e0:0a:3b:4f:95:bd:17:2f:df:f0:
c6:33:83:68:2c:d1:fa:cb:7c:86:59:0d:42:1b:4e:
d4:67:8b:d6:dd:ab:b3:26:01:85:b2:bb:27:6f:a0:
bf:6c:ad:90:3f:05:02:6f:26:59:0a:f5:ad:91:91:
f2:2b:0f:7b:a0:d0:6e:8b:cc:63:55:cc:c0:d0:3e:
b6:25:b4:96:50:96:c1:c7:74:ef:c5:45:b2:79:f9:
6a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:86:C9:A2:C3:DF:CA:4E:EF:A8:4E:AD:1D:5E:F8:E6:BD:E6:18:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2b7a4eb-e2de-4458-a759-5125161eb686.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:a000::/40
Signature Algorithm: sha256WithRSAEncryption
be:db:01:a6:7a:7d:e0:a5:67:2f:48:46:4e:2b:b9:84:fa:01:
e3:91:66:cc:ff:0f:47:99:b7:5a:a3:b6:d7:38:39:0d:76:4f:
82:4c:af:ab:d6:73:6e:d4:3f:fb:ee:48:7f:97:9e:c4:c0:12:
ac:df:ec:c7:84:7a:50:b8:4a:69:23:1d:d2:af:42:3e:ff:5a:
48:0a:3d:48:6d:40:a5:f4:ce:fb:ee:75:11:24:9b:49:51:e0:
ad:44:2c:77:79:1c:9a:d1:00:0e:94:24:2d:3d:73:a7:df:ed:
7a:9a:1d:f5:a2:66:3e:63:2a:25:ba:90:9f:84:a0:31:52:95:
5f:2e:c8:04:0b:04:75:81:e6:0d:89:f3:0e:23:08:e4:05:27:
2f:b7:6b:c7:8a:53:38:74:ae:e0:3b:45:b6:05:da:d2:53:8a:
04:58:1e:6a:cf:02:c5:6d:e9:0f:ab:e3:9e:f6:cd:89:49:80:
92:c7:60:83:5d:c2:d6:99:90:f4:a6:a6:f1:46:74:84:3d:c5:
7f:60:cf:8f:df:74:8b:7d:80:15:d6:9a:1a:2f:9b:d9:de:15:
0c:f0:c7:49:17:1e:d1:9b:76:62:42:32:96:42:8a:c4:81:e7:
52:0f:c3:fb:c0:ba:77:32:43:99:92:e9:30:a9:8a:92:df:2d:
44:f3:35:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf1eZeKqqRg2iguqmfbmnYb5ape8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzA0MjFaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGViZjcwZTJkMmZkN2M5NmVmYWQ4MGE5OGQwMzI0ZjA4ZWQ5NjRjYzkxMTY4
YWZmMmM1NjUyZTc4ODYyOTdmZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuSj/T0tzKBnJIP2fbOw0LWdCDpIoDznZm1vkEUDtGT9FdO3j90HGvq9/gO
5B+0TkkqgoLVJkM9Tv0SC8GWrd38NPsqx3P9txlgLnUEARB5VArHRFvboBbnLbGJ
xceiTcgBOh+zQhAClKeJbn4UfANdEkvSYC39TseNy4rAoNTApl+KLGhFszNcOlia
pOdcDmM2PfUiu0LuMyBzl2T72J1sEsv4YgxJzRXgCjtPlb0XL9/wxjODaCzR+st8
hlkNQhtO1GeL1t2rsyYBhbK7J2+gv2ytkD8FAm8mWQr1rZGR8isPe6DQbovMY1XM
wNA+tiW0llCWwcd078VFsnn5ai0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR2hsmi
w9/KTu+oTq0dXvjmveYYwjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJiN2E0ZWItZTJkZS00NDU4LWE3NTktNTEyNTE2MWViNjg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fmg
MA0GCSqGSIb3DQEBCwUAA4IBAQC+2wGmen3gpWcvSEZOK7mE+gHjkWbM/w9Hmbda
o7bXODkNdk+CTK+r1nNu1D/77kh/l57EwBKs3+zHhHpQuEppIx3Sr0I+/1pICj1I
bUCl9M777nURJJtJUeCtRCx3eRya0QAOlCQtPXOn3+16mh31omY+YyolupCfhKAx
UpVfLsgECwR1geYNifMOIwjkBScvt2vHilM4dK7gO0W2BdrSU4oEWB5qzwLFbekP
q+Oe9s2JSYCSx2CDXcLWmZD0pqbxRnSEPcV/YM+P33SLfYAV1poaL5vZ3hUM8MdJ
Fx7Rm3ZiQjKWQorEgedSD8P7wLp3MkOZkukwqYqS3y1E8zVT
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:46:59 2025 by rpki-client