Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6d93bd5-1d52-4263-8712-a4d5b929470f.roa
File: d6d93bd5-1d52-4263-8712-a4d5b929470f.roa (raw, json)
Hash identifier: KWMv/m93mzcklGBH1mmJO21xNiCIVG24p0FH0SOd1Go=
Subject key identifier: B8:AF:58:63:08:51:3B:D7:61:D0:2D:13:DB:77:75:85:72:00:9A:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68CA3291C7E17F99521451EEF1B20D170EDE1747
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6d93bd5-1d52-4263-8712-a4d5b929470f.roa
Signing time: Mon 13 Oct 2025 17:55:55 +0000
ROA not before: Mon 13 Oct 2025 17:55:55 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:ca:32:91:c7:e1:7f:99:52:14:51:ee:f1:b2:0d:17:0e:de:17:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:55:55 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=234c641c9a99fa98b05fa60ce03db3ff271bde134ccee9d9d5456c165d089db7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:26:e6:02:07:09:13:6b:85:d2:52:65:d7:87:
26:59:1c:fa:64:90:87:f5:4b:cf:f2:97:c2:81:4a:
63:3a:73:f4:70:45:bb:16:fa:38:81:45:a1:91:fc:
f2:18:73:02:c6:f3:f4:4a:57:32:f3:77:93:ad:35:
0c:df:25:79:c4:ab:a1:a8:7f:77:36:25:5a:c5:82:
7d:4e:4e:0a:1b:a8:4e:37:07:0f:4a:90:f3:eb:9d:
9d:ae:70:4e:0d:b9:97:25:77:36:e1:7b:42:48:e6:
2f:88:e4:97:03:96:da:5a:97:c2:cf:57:8f:1d:2e:
bf:94:42:51:b3:fd:0f:94:65:30:a5:63:22:fb:b1:
e1:2f:0a:5e:f8:d8:e9:e3:71:65:8d:e7:e7:3d:bb:
4b:2e:c1:62:f7:95:45:ba:3d:e6:cf:68:2a:7a:6c:
7a:ee:d8:7e:e4:19:9c:74:d2:fb:1e:7f:dd:98:ef:
02:c7:20:ff:82:5f:06:3c:6d:b1:0f:fa:e2:d1:fd:
d2:e3:fd:8b:17:dc:b8:3b:f0:35:d8:e9:6e:16:6b:
ee:30:24:3e:30:51:8e:2f:89:ce:87:63:a0:ec:62:
41:c7:bd:2a:51:e6:ec:8a:80:77:8b:d4:c4:ee:33:
ec:13:5b:56:88:8d:a4:f6:56:04:ec:e7:cf:f9:6b:
56:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:AF:58:63:08:51:3B:D7:61:D0:2D:13:DB:77:75:85:72:00:9A:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6d93bd5-1d52-4263-8712-a4d5b929470f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:4000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:d2:b5:50:da:50:32:17:4f:f9:f2:da:37:15:e0:a3:22:23:
54:7a:5c:2c:19:96:09:84:d8:4c:d1:e9:dc:17:2f:57:64:52:
07:80:0c:18:df:af:49:a9:de:9d:0c:bc:82:44:a4:77:12:2d:
16:cf:54:59:6d:2c:ce:a6:43:78:c2:88:44:c5:25:ca:0f:c3:
0b:80:20:44:fb:f0:ec:ff:f1:7b:16:e7:0a:32:5a:cf:cc:66:
b1:db:66:0d:c7:b3:18:54:a8:71:39:ef:68:69:8e:81:77:72:
77:60:f3:6f:7e:85:32:93:40:d6:c1:9f:95:08:f7:af:cf:ae:
48:76:d1:72:30:9e:fa:4e:bb:2e:c3:fb:19:61:ff:6a:4e:f3:
8f:9a:f3:2c:22:c5:2d:8f:02:4a:2f:6b:b3:c1:b7:92:25:4d:
2d:cc:50:57:8e:a4:fa:33:0f:ba:42:91:d6:00:4e:cd:b0:b0:
5d:33:7b:e5:54:ad:d8:96:85:d9:e9:b0:ce:81:ce:66:91:9c:
50:5a:8f:e7:78:d1:f5:ad:f4:18:66:a7:76:fa:73:62:53:05:
41:b8:bc:d2:97:e5:56:fa:46:25:22:04:96:fa:cd:38:4e:88:
25:cf:3f:c3:d8:c4:dd:bc:cf:0e:94:17:68:e4:00:6d:1d:01:
24:ca:9d:05
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaMoykcfhf5lSFFHu8bINFw7eF0cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU1NTVaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzNGM2NDFjOWE5OWZhOThiMDVmYTYwY2UwM2RiM2ZmMjcxYmRlMTM0Y2Nl
ZTlkOWQ1NDU2YzE2NWQwODlkYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4m5gIHCRNrhdJSZdeHJlkc+mSQh/VLz/KXwoFKYzpz9HBFuxb6OIFFoZH8
8hhzAsbz9EpXMvN3k601DN8lecSroah/dzYlWsWCfU5OChuoTjcHD0qQ8+udna5w
Tg25lyV3NuF7QkjmL4jklwOW2lqXws9Xjx0uv5RCUbP9D5RlMKVjIvux4S8KXvjY
6eNxZY3n5z27Sy7BYveVRbo95s9oKnpseu7YfuQZnHTS+x5/3ZjvAscg/4JfBjxt
sQ/64tH90uP9ixfcuDvwNdjpbhZr7jAkPjBRji+JzodjoOxiQce9KlHm7IqAd4vU
xO4z7BNbVoiNpPZWBOznz/lrVvsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4r1hj
CFE712HQLRPbd3WFcgCa1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDZkOTNiZDUtMWQ1Mi00MjYzLTg3MTItYTRkNWI5Mjk0NzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRA
MA0GCSqGSIb3DQEBCwUAA4IBAQB70rVQ2lAyF0/58to3FeCjIiNUelwsGZYJhNhM
0encFy9XZFIHgAwY369Jqd6dDLyCRKR3Ei0Wz1RZbSzOpkN4wohExSXKD8MLgCBE
+/Ds//F7FucKMlrPzGax22YNx7MYVKhxOe9oaY6Bd3J3YPNvfoUyk0DWwZ+VCPev
z65IdtFyMJ76Trsuw/sZYf9qTvOPmvMsIsUtjwJKL2uzwbeSJU0tzFBXjqT6Mw+6
QpHWAE7NsLBdM3vlVK3YloXZ6bDOgc5mkZxQWo/neNH1rfQYZqd2+nNiUwVBuLzS
l+VW+kYlIgSW+s04Toglzz/D2MTdvM8OlBdo5ABtHQEkyp0F
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:01 2025 by rpki-client