Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
File: d7bcc124-bcd8-42ec-911f-1b551dceda68.roa (raw, json)
Hash identifier: 2ZPHlxqMnyNqwfB3DaLIUF1uGHKsC+8ucSuqah56v5Q=
Subject key identifier: 57:D8:F5:7A:45:73:25:29:0E:64:92:EB:E2:6B:12:C1:27:FB:A5:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A9C1834F31E22715A68CFB878CDB181BF3CF021
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
Signing time: Fri 26 Sep 2025 19:21:44 +0000
ROA not before: Fri 26 Sep 2025 19:21:44 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:9c:18:34:f3:1e:22:71:5a:68:cf:b8:78:cd:b1:81:bf:3c:f0:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:21:44 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=b2d4ab15b15d54c28fac5502447b9a3ad4d0251600c90f0bbc38013e5c0dbc61, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b4:ff:7d:96:5f:ff:eb:50:d6:3f:8b:9b:fd:
77:ff:6d:df:b2:18:a0:e5:44:05:53:ae:31:d8:62:
9a:71:6d:cf:55:56:13:64:e1:81:6a:29:0d:70:87:
af:d0:39:ca:40:4f:57:98:02:92:be:76:e3:21:0f:
79:e7:6f:3b:f9:32:48:2e:0e:2f:5a:fb:5b:52:f2:
6a:f5:a0:97:35:2a:6d:1f:c4:4d:52:82:e1:e7:81:
1a:f7:93:87:62:65:86:22:c1:26:c9:c8:d0:34:fc:
02:60:01:69:73:dd:19:40:8c:f2:68:1a:65:85:5f:
db:c7:bd:cd:5a:5b:94:96:be:c7:9d:ce:82:8e:ce:
99:ad:b6:4c:29:57:23:3f:fb:5d:e6:8f:9b:82:59:
3b:5b:bc:1c:76:35:57:a6:e0:4b:28:76:7a:c4:91:
2d:a0:46:c3:7c:4b:a0:fd:21:61:51:51:99:0d:62:
ef:e5:14:41:02:13:03:0c:cd:24:de:b6:09:3e:c2:
dc:bd:79:7b:d1:68:b7:c9:19:2f:e8:dc:a4:a0:5a:
6a:2e:3a:7b:06:4b:8b:2d:bf:53:c7:2e:ba:24:4d:
46:19:6a:5c:2b:5a:6c:29:ca:56:87:9b:21:a2:55:
11:87:32:51:6c:e1:08:07:a6:08:95:f0:1d:64:40:
2b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D8:F5:7A:45:73:25:29:0E:64:92:EB:E2:6B:12:C1:27:FB:A5:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:e000::/40
Signature Algorithm: sha256WithRSAEncryption
5b:4b:51:06:42:e5:60:07:d9:29:c1:70:3b:db:fd:85:b2:f1:
29:f9:fd:0a:73:da:43:a6:63:2c:d7:6e:0b:c4:74:18:a7:26:
96:57:8d:bc:a1:e2:22:8d:d3:b4:53:07:d0:75:d5:e7:e9:c1:
3a:3a:9e:c8:ee:36:3b:00:22:15:42:3e:1e:93:60:ff:fe:b7:
71:75:b8:e1:87:cf:c8:4f:f8:86:b2:36:41:ee:62:e5:d9:db:
3c:ba:9b:a8:a1:e1:e2:e6:6e:03:88:f4:59:c6:8a:5e:76:28:
b1:8e:56:fc:30:4c:ee:65:c1:31:29:73:61:dc:88:58:d4:7f:
26:f4:45:cd:dd:5b:ac:7d:11:a7:17:d1:55:9e:ea:0c:8d:e6:
24:65:e2:06:26:2f:82:8c:f6:7b:43:c5:ee:b3:a3:76:b9:74:
83:70:64:8a:06:b3:15:ca:67:d1:3f:8c:2b:7b:30:77:b1:0d:
2a:37:6b:f4:8f:60:b1:72:d6:23:7f:94:81:5d:3e:bd:a1:38:
3d:3c:52:85:b4:05:35:7c:01:e8:dc:47:89:6a:bc:6a:11:f0:
cd:cc:f3:8f:a0:c9:7f:dc:d0:0a:bb:db:0d:f5:4d:8e:4c:cb:
2c:0e:39:74:ed:a4:e4:48:62:a8:27:a4:9d:b9:84:49:99:1b:
a9:14:7c:8f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGpwYNPMeInFaaM+4eM2xgb888CEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTIxNDRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyZDRhYjE1YjE1ZDU0YzI4ZmFjNTUwMjQ0N2I5YTNhZDRkMDI1MTYwMGM5
MGYwYmJjMzgwMTNlNWMwZGJjNjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+0/32WX//rUNY/i5v9d/9t37IYoOVEBVOuMdhimnFtz1VWE2ThgWopDXCH
r9A5ykBPV5gCkr524yEPeedvO/kySC4OL1r7W1LyavWglzUqbR/ETVKC4eeBGveT
h2JlhiLBJsnI0DT8AmABaXPdGUCM8mgaZYVf28e9zVpblJa+x53Ogo7Oma22TClX
Iz/7XeaPm4JZO1u8HHY1V6bgSyh2esSRLaBGw3xLoP0hYVFRmQ1i7+UUQQITAwzN
JN62CT7C3L15e9Fot8kZL+jcpKBaai46ewZLiy2/U8cuuiRNRhlqXCtabCnKVoeb
IaJVEYcyUWzhCAemCJXwHWRAK+0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRX2PV6
RXMlKQ5kkuviaxLBJ/ul1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdiY2MxMjQtYmNkOC00MmVjLTkxMWYtMWI1NTFkY2VkYTY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7g
MA0GCSqGSIb3DQEBCwUAA4IBAQBbS1EGQuVgB9kpwXA72/2FsvEp+f0Kc9pDpmMs
124LxHQYpyaWV428oeIijdO0UwfQddXn6cE6Op7I7jY7ACIVQj4ek2D//rdxdbjh
h8/IT/iGsjZB7mLl2ds8upuooeHi5m4DiPRZxopediixjlb8MEzuZcExKXNh3IhY
1H8m9EXN3VusfRGnF9FVnuoMjeYkZeIGJi+CjPZ7Q8Xus6N2uXSDcGSKBrMVymfR
P4wrezB3sQ0qN2v0j2CxctYjf5SBXT69oTg9PFKFtAU1fAHo3EeJarxqEfDNzPOP
oMl/3NAKu9sN9U2OTMssDjl07aTkSGKoJ6SduYRJmRupFHyP
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:43 2025 by rpki-client