Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d5c1975f-38f0-4d51-8d30-eba837df833e.roa
File: d5c1975f-38f0-4d51-8d30-eba837df833e.roa (raw, json)
Hash identifier: qaKl2HsqgTshFOJTq2YCmEm7BCoIUBi0AAsIKHEy2zo=
Subject key identifier: D6:C0:2D:28:A6:4C:13:7C:57:34:71:4F:58:5B:C8:87:36:35:3E:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 144D60A779C9422B915C007A92B0501DFA9479B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d5c1975f-38f0-4d51-8d30-eba837df833e.roa
Signing time: Mon 06 Oct 2025 17:50:58 +0000
ROA not before: Mon 06 Oct 2025 17:50:58 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:4d:60:a7:79:c9:42:2b:91:5c:00:7a:92:b0:50:1d:fa:94:79:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:58 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=e577bf562cd3d3a03186ce9ef56db9a669714e0ef455a2704564b87bf5fd2034, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ed:62:34:7c:ed:f3:f4:75:f4:0a:29:a5:dc:
6e:df:ad:39:e9:dd:cb:cf:91:fd:7a:5c:da:f6:92:
15:a4:00:d0:7b:19:26:24:84:7c:3b:94:1e:07:a5:
ca:ca:29:13:83:4d:6c:05:93:57:af:21:6e:03:f4:
83:98:43:1f:3b:71:bd:17:e5:78:e8:09:85:c5:37:
c4:b6:be:85:f1:f1:08:52:a7:df:70:32:34:71:6b:
df:17:ac:e5:07:73:dd:9b:81:d9:17:a2:0d:4d:f5:
d5:74:59:d5:22:b9:55:2e:b4:16:89:5a:01:48:17:
ba:06:32:d9:1f:82:5c:70:e2:1c:1c:f0:fa:45:6b:
6f:18:47:d0:10:3a:22:63:4c:98:0c:a0:4e:bd:f7:
71:02:46:b8:05:60:4d:55:4c:32:b1:0d:ee:45:38:
b2:e4:c2:e8:72:68:ff:a2:4c:d0:91:8d:37:2a:45:
72:a8:52:13:8c:aa:c9:83:8a:e7:39:d7:45:95:20:
13:f8:2b:8b:91:84:cc:ec:f1:50:f9:d6:8e:d7:c1:
77:89:40:89:b7:92:21:69:59:97:27:e6:c9:59:32:
cc:cc:21:d4:d5:95:ce:5d:61:40:58:b0:14:f8:ca:
5f:a6:8b:e5:03:bb:eb:b7:1d:c7:86:ca:6d:bc:85:
f1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C0:2D:28:A6:4C:13:7C:57:34:71:4F:58:5B:C8:87:36:35:3E:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d5c1975f-38f0-4d51-8d30-eba837df833e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:c000::/40
Signature Algorithm: sha256WithRSAEncryption
01:c7:ee:37:19:f7:30:76:cb:3a:20:e3:40:b7:88:98:0f:61:
55:5f:a8:33:5c:28:5d:1e:f8:c1:5f:f0:03:30:3c:0b:53:84:
5b:db:bf:7f:ca:95:f5:00:f2:0b:b2:c6:c2:22:45:cd:9a:02:
73:3a:83:cd:2b:ba:da:6b:c7:04:28:7a:fb:c7:0a:e1:22:9e:
77:e7:65:42:ae:93:c1:e1:3e:2f:b8:ed:52:30:95:c3:4d:d8:
c6:43:56:34:3b:d0:20:52:79:92:3b:f7:55:d0:90:5b:8c:49:
c2:c2:df:09:ff:93:0f:14:47:f4:36:9b:d4:32:61:e6:f8:15:
49:87:97:b3:b6:83:7a:ae:53:af:e1:9a:1b:19:09:d2:03:55:
a3:d2:e7:73:e6:aa:45:1c:b5:0d:a4:f1:b8:b7:d3:30:da:00:
24:c5:5c:a2:68:3f:04:e0:a4:17:95:3d:e4:4b:a8:31:bb:9e:
c9:de:ab:5c:db:4b:6f:fe:3f:50:b7:ca:97:93:a0:3c:00:9b:
75:2f:ff:88:ae:c9:33:29:0d:89:87:da:02:b9:f0:e7:7a:8a:
20:9b:d8:fc:67:88:47:10:56:4b:de:29:56:ba:bc:f7:23:b5:
b3:ac:67:85:7a:1a:1c:d0:14:c5:4b:ae:b1:88:3c:c9:80:4e:
91:b7:f3:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFE1gp3nJQiuRXAB6krBQHfqUebUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwNThaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1NzdiZjU2MmNkM2QzYTAzMTg2Y2U5ZWY1NmRiOWE2Njk3MTRlMGVmNDU1
YTI3MDQ1NjRiODdiZjVmZDIwMzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOrtYjR87fP0dfQKKaXcbt+tOendy8+R/Xpc2vaSFaQA0HsZJiSEfDuUHgel
ysopE4NNbAWTV68hbgP0g5hDHztxvRfleOgJhcU3xLa+hfHxCFKn33AyNHFr3xes
5Qdz3ZuB2ReiDU311XRZ1SK5VS60FolaAUgXugYy2R+CXHDiHBzw+kVrbxhH0BA6
ImNMmAygTr33cQJGuAVgTVVMMrEN7kU4suTC6HJo/6JM0JGNNypFcqhSE4yqyYOK
5znXRZUgE/gri5GEzOzxUPnWjtfBd4lAibeSIWlZlyfmyVkyzMwh1NWVzl1hQFiw
FPjKX6aL5QO767cdx4bKbbyF8WcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWwC0o
pkwTfFc0cU9YW8iHNjU+fzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDVjMTk3NWYtMzhmMC00ZDUxLThkMzAtZWJhODM3ZGY4MzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H3A
MA0GCSqGSIb3DQEBCwUAA4IBAQABx+43Gfcwdss6IONAt4iYD2FVX6gzXChdHvjB
X/ADMDwLU4Rb279/ypX1APILssbCIkXNmgJzOoPNK7raa8cEKHr7xwrhIp5352VC
rpPB4T4vuO1SMJXDTdjGQ1Y0O9AgUnmSO/dV0JBbjEnCwt8J/5MPFEf0NpvUMmHm
+BVJh5eztoN6rlOv4ZobGQnSA1Wj0udz5qpFHLUNpPG4t9Mw2gAkxVyiaD8E4KQX
lT3kS6gxu57J3qtc20tv/j9Qt8qXk6A8AJt1L/+IrskzKQ2Jh9oCufDneoogm9j8
Z4hHEFZL3ilWurz3I7WzrGeFehoc0BTFS66xiDzJgE6Rt/M/
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:12:53 2025 by rpki-client