Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
File: dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa (raw, json)
Hash identifier: 01qx52W7hfBUdttOdsVxABYU0Ao+Dm6BFzT06z08nZw=
Subject key identifier: 7B:9E:FF:A9:2A:09:31:39:8C:C0:22:F5:8C:24:90:A8:71:C4:4B:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0458943F6097D30DBBBC447D9EE92FB76F613B5A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
Signing time: Fri 26 Sep 2025 19:10:06 +0000
ROA not before: Fri 26 Sep 2025 19:10:06 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:58:94:3f:60:97:d3:0d:bb:bc:44:7d:9e:e9:2f:b7:6f:61:3b:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:10:06 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=f799ea49969f875d81446b5f38f1f0c2331d76985663f3d008efbdb3e27f0fb6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2b:77:28:59:54:27:2c:c1:41:72:58:93:f0:
f5:0b:69:0e:66:7b:85:d9:21:1f:1f:2c:57:fd:99:
d4:e9:1a:a5:d2:b7:0a:11:08:73:f2:dd:aa:fa:45:
2e:75:69:37:cc:82:fe:a1:ca:0c:8c:2f:4a:87:3b:
37:fb:dc:b3:7e:88:9c:bd:4f:39:fe:7d:c8:12:45:
8f:bb:99:aa:6f:e8:bd:79:ed:7f:6c:03:87:1b:35:
d5:b0:c5:1f:64:49:d4:db:02:95:3a:42:2f:50:55:
6c:3e:8e:94:77:22:21:5b:88:a4:2d:20:91:02:7b:
d6:2d:4b:41:93:00:ae:8c:d2:3f:8b:cc:99:ba:f1:
1f:2a:3d:ab:6f:fa:84:96:2a:6e:b8:9f:c2:41:68:
47:8a:7e:44:b7:61:c2:96:6e:0e:57:ee:cb:82:ad:
c5:b3:4e:65:77:f5:00:d9:b3:22:53:f5:20:ad:0b:
86:d5:5d:1e:4d:8b:54:9f:61:c1:db:d2:81:ba:89:
a8:6b:71:2c:e0:26:53:06:4c:c4:c8:ef:66:36:3e:
2c:73:e9:f9:24:20:e3:e2:f8:d6:92:60:ad:2a:5d:
f5:aa:79:14:9d:33:92:c8:0b:c4:f6:cd:c6:60:8b:
6f:05:e7:5d:3e:22:17:8f:12:7a:c8:67:8e:9c:0f:
9c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:9E:FF:A9:2A:09:31:39:8C:C0:22:F5:8C:24:90:A8:71:C4:4B:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4000::/40
Signature Algorithm: sha256WithRSAEncryption
c4:7e:bc:ad:a6:7a:16:d1:84:10:ff:b3:4f:30:d0:a6:5b:9b:
4c:fc:43:ec:bf:d2:d8:91:30:e3:f1:fd:71:aa:34:7a:57:9d:
94:98:b8:46:c8:c3:d0:74:35:5c:61:3a:bb:6f:94:1c:3b:5f:
b4:af:63:87:f2:cc:4e:f0:96:7e:43:d9:36:45:51:ea:3f:3a:
bf:a3:06:52:b7:43:99:76:43:2c:09:44:61:58:a2:76:67:1f:
c5:2d:1d:2f:f9:e9:f2:17:e0:d7:33:88:e6:e6:98:97:2b:76:
da:8a:61:41:84:ad:1e:e1:02:7d:1e:47:3d:33:e5:58:6d:b4:
a0:0b:51:f2:83:80:6f:59:56:d1:ba:a2:bb:71:ee:cd:c6:7a:
90:bb:57:1d:d7:5f:21:0b:93:a6:99:ee:f6:d5:7f:32:37:a5:
db:e6:b7:d1:59:e5:7d:29:de:0e:3b:3c:93:0d:15:35:2c:f9:
ee:3d:c2:cc:45:56:f0:fe:c1:22:1d:95:17:52:3a:b3:0f:d0:
54:6a:d0:29:86:ae:db:18:4a:15:7c:dc:b8:e6:a8:69:41:26:
73:b7:d0:04:f2:82:f2:c7:e1:38:31:8c:9c:c4:b0:83:40:0f:
0d:c8:f1:f8:68:d3:29:63:a2:2c:ab:86:5b:9c:fc:7d:c3:f1:
2a:0c:bd:2c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBFiUP2CX0w27vER9nukvt29hO1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTEwMDZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3OTllYTQ5OTY5Zjg3NWQ4MTQ0NmI1ZjM4ZjFmMGMyMzMxZDc2OTg1NjYz
ZjNkMDA4ZWZiZGIzZTI3ZjBmYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUrdyhZVCcswUFyWJPw9QtpDmZ7hdkhHx8sV/2Z1OkapdK3ChEIc/LdqvpF
LnVpN8yC/qHKDIwvSoc7N/vcs36InL1POf59yBJFj7uZqm/ovXntf2wDhxs11bDF
H2RJ1NsClTpCL1BVbD6OlHciIVuIpC0gkQJ71i1LQZMArozSP4vMmbrxHyo9q2/6
hJYqbrifwkFoR4p+RLdhwpZuDlfuy4KtxbNOZXf1ANmzIlP1IK0LhtVdHk2LVJ9h
wdvSgbqJqGtxLOAmUwZMxMjvZjY+LHPp+SQg4+L41pJgrSpd9ap5FJ0zksgLxPbN
xmCLbwXnXT4iF48SeshnjpwPnB0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR7nv+p
KgkxOYzAIvWMJJCoccRLxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJkMmQ1NmEtYjY5OS00YjMzLWExNTMtZmE4MjZiNmI4MGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABA
MA0GCSqGSIb3DQEBCwUAA4IBAQDEfrytpnoW0YQQ/7NPMNCmW5tM/EPsv9LYkTDj
8f1xqjR6V52UmLhGyMPQdDVcYTq7b5QcO1+0r2OH8sxO8JZ+Q9k2RVHqPzq/owZS
t0OZdkMsCURhWKJ2Zx/FLR0v+enyF+DXM4jm5piXK3baimFBhK0e4QJ9Hkc9M+VY
bbSgC1Hyg4BvWVbRuqK7ce7NxnqQu1cd118hC5Omme721X8yN6Xb5rfRWeV9Kd4O
OzyTDRU1LPnuPcLMRVbw/sEiHZUXUjqzD9BUatAphq7bGEoVfNy45qhpQSZzt9AE
8oLyx+E4MYycxLCDQA8NyPH4aNMpY6Isq4ZbnPx9w/EqDL0s
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:20 2025 by rpki-client