Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
File: dd7649a8-cae4-4d67-90f1-f01144285a2f.roa (raw, json)
Hash identifier: y3cw06TPAUqWwbQHmEID/HNz17u3ab65nQ17/4aaY4c=
Subject key identifier: 4A:1E:A4:CA:D7:C1:18:2B:FD:A1:B6:91:07:E2:CE:E6:6E:36:68:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B78EEC66333B963C781E6278BAAB01FEBA857E6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
Signing time: Fri 26 Sep 2025 18:39:59 +0000
ROA not before: Fri 26 Sep 2025 18:39:59 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:78:ee:c6:63:33:b9:63:c7:81:e6:27:8b:aa:b0:1f:eb:a8:57:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:39:59 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=632d26dc538bc7b531184723d7190dffd032521f22aee98064908122d01dc972, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ab:d4:bb:86:8b:08:6c:8f:7e:3e:cd:82:5a:
0c:79:33:47:bf:43:af:d2:44:92:49:cc:89:72:f7:
ab:b5:d6:53:0c:bb:83:53:26:71:9c:ce:dd:e6:78:
68:09:cf:19:45:f6:44:15:21:37:75:ba:b7:85:88:
68:9e:34:53:95:9d:4d:aa:fd:0d:cc:4e:b6:ca:3d:
b6:f1:9b:5f:85:b3:c1:b2:20:7b:49:3e:b3:c5:fa:
06:c5:b1:ec:0f:f2:fa:b3:50:f2:2b:ef:27:aa:1a:
78:56:e7:02:cc:5f:e2:e2:ab:b6:b4:dd:8e:c7:0d:
5a:d3:0e:eb:84:f5:b7:b1:79:fe:d2:d2:e5:02:53:
33:4d:36:83:e7:c1:97:cd:b9:3e:95:9e:38:3e:68:
f3:20:7e:c7:d5:a6:dc:e0:d2:5f:df:19:fd:96:9f:
a9:c3:2e:a6:b6:67:39:8e:a6:d8:b2:f1:57:a9:5e:
b6:65:5d:ab:ad:97:23:07:3f:a9:26:37:8d:92:ce:
fd:8c:0e:ec:08:aa:31:9a:9a:4e:86:8c:54:d2:7a:
cb:4a:4b:2b:26:25:dc:4d:16:80:ae:9f:42:3a:82:
21:c6:01:0d:0c:7e:e0:cf:18:43:3a:0c:70:99:69:
68:97:35:83:78:80:ef:cb:e5:8f:e2:31:ee:40:2b:
2c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1E:A4:CA:D7:C1:18:2B:FD:A1:B6:91:07:E2:CE:E6:6E:36:68:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4040::/48
Signature Algorithm: sha256WithRSAEncryption
8f:56:33:70:b2:3b:e5:6e:b8:cb:b8:33:5c:17:d0:3f:08:fb:
ee:c5:d7:b2:10:be:d0:ea:26:1b:84:f4:e6:a9:bb:bc:b9:d4:
68:69:d7:23:09:03:c6:d8:45:45:64:a7:6b:12:be:a8:b3:2c:
c9:80:6c:07:c6:18:b4:31:da:f3:00:c1:a1:a1:de:33:4e:38:
df:21:12:31:8b:b7:38:b9:7b:c3:1f:0c:29:a6:f9:c3:2c:d2:
8f:cd:39:32:6b:ba:e2:cd:b6:82:a5:99:0b:a8:d0:5c:86:2f:
d5:56:0f:55:a0:e7:58:b7:44:55:b1:6e:16:01:44:fd:0b:1b:
d9:56:a6:4a:b3:61:42:25:80:9d:8b:25:6b:5f:db:f9:b3:42:
0f:b0:7d:c0:94:dc:26:44:ba:df:8c:27:f8:06:43:44:8f:4a:
fd:67:2d:7a:f7:bb:aa:3d:19:9b:6f:c2:df:81:b6:68:02:49:
00:0b:cc:63:99:ec:a1:97:9e:bb:9b:78:16:33:93:e8:aa:39:
ce:e6:1a:ef:e2:7c:0d:de:04:db:ba:8e:8c:f3:0a:95:63:8c:
91:4a:aa:cd:4d:1c:8c:3c:29:be:ca:e7:52:01:a0:33:f4:67:
78:cb:09:a9:7e:5f:f8:77:e8:a1:8f:6b:d1:1b:62:a0:8f:93:
70:bc:eb:c8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUC3juxmMzuWPHgeYni6qwH+uoV+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODM5NTlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzMmQyNmRjNTM4YmM3YjUzMTE4NDcyM2Q3MTkwZGZmZDAzMjUyMWYyMmFl
ZTk4MDY0OTA4MTIyZDAxZGM5NzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKar1LuGiwhsj34+zYJaDHkzR79Dr9JEkknMiXL3q7XWUwy7g1MmcZzO3eZ4
aAnPGUX2RBUhN3W6t4WIaJ40U5WdTar9DcxOtso9tvGbX4WzwbIge0k+s8X6BsWx
7A/y+rNQ8ivvJ6oaeFbnAsxf4uKrtrTdjscNWtMO64T1t7F5/tLS5QJTM002g+fB
l825PpWeOD5o8yB+x9Wm3ODSX98Z/ZafqcMuprZnOY6m2LLxV6letmVdq62XIwc/
qSY3jZLO/YwO7AiqMZqaToaMVNJ6y0pLKyYl3E0WgK6fQjqCIcYBDQx+4M8YQzoM
cJlpaJc1g3iA78vlj+Ix7kArLB8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRKHqTK
18EYK/2htpEH4s7mbjZouzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGQ3NjQ5YTgtY2FlNC00ZDY3LTkwZjEtZjAxMTQ0Mjg1YTJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
QDANBgkqhkiG9w0BAQsFAAOCAQEAj1YzcLI75W64y7gzXBfQPwj77sXXshC+0Oom
G4T05qm7vLnUaGnXIwkDxthFRWSnaxK+qLMsyYBsB8YYtDHa8wDBoaHeM0443yES
MYu3OLl7wx8MKab5wyzSj805Mmu64s22gqWZC6jQXIYv1VYPVaDnWLdEVbFuFgFE
/Qsb2VamSrNhQiWAnYsla1/b+bNCD7B9wJTcJkS634wn+AZDRI9K/Wcteve7qj0Z
m2/C34G2aAJJAAvMY5nsoZeeu5t4FjOT6Ko5zuYa7+J8Dd4E27qOjPMKlWOMkUqq
zU0cjDwpvsrnUgGgM/RneMsJqX5f+HfooY9r0RtioI+TcLzryA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:57 2025 by rpki-client