Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
File: d7ff0a46-4c68-43b8-be33-3f3098623685.roa (raw, json)
Hash identifier: HMpA1WOBC7PuIbQSxUadmatEH+1gxJkPbMilcLNp4z4=
Subject key identifier: 75:FD:99:B1:18:2A:C6:60:6E:E7:16:E8:B4:0B:72:0C:9B:DF:51:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6610F5D9D09132876D899DCA1ACB7A20F3980767
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
Signing time: Fri 26 Sep 2025 18:39:57 +0000
ROA not before: Fri 26 Sep 2025 18:39:57 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:10:f5:d9:d0:91:32:87:6d:89:9d:ca:1a:cb:7a:20:f3:98:07:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:39:57 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a54297a6d62be635cdb1793ea346c7938b1af31c07bb1babfc3335a883ef77d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9f:4c:0f:31:fb:5b:51:56:ac:9f:bf:8a:4b:
ab:a2:37:ce:12:39:69:cb:3f:3f:b7:ec:c4:c3:b3:
10:0b:9d:79:8c:08:b8:c5:41:55:a6:21:0f:20:7c:
66:7a:14:81:30:1f:e9:17:20:d6:a3:da:12:19:e3:
cf:77:e1:e0:cd:c1:cf:16:12:c1:21:1c:c2:7e:2c:
8c:d6:0e:58:db:bc:76:59:b6:1a:28:8c:2d:cd:d8:
4e:1a:dc:f4:8d:1e:bc:47:6c:32:9e:f9:61:54:fe:
76:59:5e:dc:2b:8c:88:9d:06:6c:25:5a:bd:f9:53:
d6:af:99:c4:95:c2:09:57:4b:c9:3a:21:73:e3:1b:
a4:3a:b4:99:97:bf:8f:c3:41:45:b8:aa:26:cd:90:
17:36:bb:fb:72:d0:17:6d:7d:1a:da:55:99:6c:ef:
09:82:99:fc:61:a2:4f:86:3b:fd:78:f8:42:95:a2:
fd:c5:26:67:94:56:05:4b:92:f6:0b:1d:3a:41:91:
32:84:3f:33:92:cc:43:54:a1:b3:ce:93:a1:d8:55:
d1:db:0f:7a:b5:05:7f:76:06:1d:80:3f:89:d7:3c:
79:77:ef:f2:1b:ce:95:09:35:45:7f:79:2c:4b:ed:
c1:13:dd:7f:89:c2:9c:fa:89:c8:48:8a:26:05:be:
31:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:FD:99:B1:18:2A:C6:60:6E:E7:16:E8:B4:0B:72:0C:9B:DF:51:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
b7:6f:99:bd:b6:8d:4b:b2:6f:04:ab:1b:43:35:e3:f2:64:e9:
45:7d:82:74:d5:16:d1:e6:89:97:02:64:8d:a8:c2:eb:24:f4:
e3:1e:39:12:7c:a6:56:5e:a6:29:c3:5f:14:3d:75:a8:75:96:
7e:08:f2:c7:f7:7d:c2:73:44:23:3b:8a:8b:26:5a:98:62:22:
ad:6b:48:51:8b:7e:ac:d5:e5:7e:06:0d:b6:f7:8b:01:8e:f1:
8e:ce:97:e9:7c:fb:ed:29:43:72:7b:ca:d7:c5:62:be:ab:bd:
09:68:f6:7c:aa:35:20:8a:16:8b:d8:cd:b3:b3:fc:4c:60:83:
07:76:04:a2:b4:d2:59:42:89:f7:c8:f6:61:37:96:1b:37:54:
f5:e1:69:5a:d4:6e:54:7c:35:ab:14:35:39:05:d4:0b:79:6b:
d3:4c:b2:d7:0e:cc:39:72:10:73:f0:89:08:28:1f:50:63:00:
1c:c3:60:68:18:12:79:ad:63:8e:d0:10:21:52:ec:6f:9f:04:
bc:21:a9:69:24:bc:9e:07:d3:59:77:a0:5e:c0:c3:70:0f:61:
ef:2a:fd:63:b8:55:bf:e5:73:1e:99:8f:d5:e2:9e:86:f0:f2:
ac:12:d0:9d:11:da:42:57:37:49:24:24:59:48:e3:80:4c:85:
64:cb:e2:9c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZhD12dCRModtiZ3KGst6IPOYB2cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODM5NTdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1NDI5N2E2ZDYyYmU2MzVjZGIxNzkzZWEzNDZjNzkzOGIxYWYzMWMwN2Ji
MWJhYmZjMzMzNWE4ODNlZjc3ZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOfTA8x+1tRVqyfv4pLq6I3zhI5acs/P7fsxMOzEAudeYwIuMVBVaYhDyB8
ZnoUgTAf6Rcg1qPaEhnjz3fh4M3BzxYSwSEcwn4sjNYOWNu8dlm2GiiMLc3YThrc
9I0evEdsMp75YVT+dlle3CuMiJ0GbCVavflT1q+ZxJXCCVdLyTohc+MbpDq0mZe/
j8NBRbiqJs2QFza7+3LQF219GtpVmWzvCYKZ/GGiT4Y7/Xj4QpWi/cUmZ5RWBUuS
9gsdOkGRMoQ/M5LMQ1Shs86TodhV0dsPerUFf3YGHYA/idc8eXfv8hvOlQk1RX95
LEvtwRPdf4nCnPqJyEiKJgW+MRsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR1/Zmx
GCrGYG7nFui0C3IMm99R9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdmZjBhNDYtNGM2OC00M2I4LWJlMzMtM2YzMDk4NjIzNjg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
0DANBgkqhkiG9w0BAQsFAAOCAQEAt2+ZvbaNS7JvBKsbQzXj8mTpRX2CdNUW0eaJ
lwJkjajC6yT04x45EnymVl6mKcNfFD11qHWWfgjyx/d9wnNEIzuKiyZamGIirWtI
UYt+rNXlfgYNtveLAY7xjs6X6Xz77SlDcnvK18Vivqu9CWj2fKo1IIoWi9jNs7P8
TGCDB3YEorTSWUKJ98j2YTeWGzdU9eFpWtRuVHw1qxQ1OQXUC3lr00yy1w7MOXIQ
c/CJCCgfUGMAHMNgaBgSea1jjtAQIVLsb58EvCGpaSS8ngfTWXegXsDDcA9h7yr9
Y7hVv+VzHpmP1eKehvDyrBLQnRHaQlc3SSQkWUjjgEyFZMvinA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:42 2025 by rpki-client