Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
File: dec4a7df-5727-45ab-92fb-7078e26fd54d.roa (raw, json)
Hash identifier: KBhTHN9uHRY0SRS8FRCkIWNKiPMxeTT5Jv8F9A2fhfs=
Subject key identifier: 74:02:7C:CE:18:6B:88:00:B1:35:62:93:73:E2:5B:9E:C3:C1:92:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 348A20AD234B364BD9F498DEFA77B2D9043989E0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
Signing time: Mon 13 Oct 2025 17:55:51 +0000
ROA not before: Mon 13 Oct 2025 17:55:51 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:8a:20:ad:23:4b:36:4b:d9:f4:98:de:fa:77:b2:d9:04:39:89:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:55:51 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=af6d191562636efab24e202e0f2ccc6c86393493bed0ec49e73923a3a36237fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:84:21:f2:7d:41:a0:25:0f:a1:7c:fb:83:be:
08:4e:ba:0c:fa:25:08:87:57:a8:04:99:ac:24:09:
c5:fb:d5:2c:b5:79:15:99:7e:f4:77:ed:84:b2:9c:
a1:cf:33:39:ec:70:c3:86:8c:da:f7:36:41:1c:e9:
0a:38:25:3a:82:7d:c8:34:89:51:dc:89:52:3d:62:
58:ac:5c:80:68:13:b4:51:04:13:ed:ac:5e:19:34:
5f:82:ea:59:7b:a1:17:6a:25:ff:e2:cf:70:a7:46:
c0:0b:3b:89:f6:af:b6:fc:69:ac:ec:45:d9:a8:9b:
38:a6:4b:3c:46:6d:47:4d:9a:ed:28:ef:d7:d8:10:
b2:7f:4a:d2:a6:28:1e:4f:0a:5e:df:3c:f0:f1:8a:
8d:02:12:07:59:57:67:12:20:60:a5:8e:15:46:ad:
f3:8a:67:ed:af:06:b9:5c:8f:7a:42:06:fd:d5:be:
04:9d:26:a7:18:51:9b:56:29:39:07:b1:34:c0:1d:
c5:25:bc:d2:82:92:04:5e:20:92:17:5b:f7:6e:66:
2e:f9:94:40:fd:ea:af:f2:87:d2:70:c7:5c:1d:21:
a7:e4:6c:f0:c2:e3:19:b7:e2:7b:39:03:90:e6:13:
e3:80:9c:be:e0:9a:29:11:30:78:f9:a0:85:a7:31:
c7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:02:7C:CE:18:6B:88:00:B1:35:62:93:73:E2:5B:9E:C3:C1:92:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076::/32
Signature Algorithm: sha256WithRSAEncryption
53:38:43:11:40:85:76:58:6e:89:5f:58:2e:8c:9e:d7:4f:0d:
42:2d:71:6c:f0:0f:b1:0e:08:fc:55:61:a5:43:bb:d2:b6:6c:
90:88:d3:77:97:19:ff:63:d6:38:3d:a7:a8:cd:9b:af:18:12:
19:ae:ab:ff:7a:08:d2:f2:cf:66:01:28:ec:91:23:26:64:85:
72:89:39:8c:11:02:98:10:ee:43:4f:12:08:a1:63:de:f1:7d:
5d:24:5d:6d:09:35:e6:92:bb:d8:e1:16:24:3b:54:a1:fd:5b:
c9:2d:b8:88:5a:28:e5:98:fa:e1:f5:3a:e1:21:c0:3a:da:2e:
3e:5f:39:0a:02:11:05:0b:44:9d:ef:15:3b:13:52:21:e6:cb:
f4:d3:fe:63:62:c7:00:9c:c4:ee:8b:5c:ea:37:d5:bc:46:df:
b1:98:ca:b6:c7:e3:dd:13:e3:54:fe:d4:6f:99:89:53:69:22:
12:36:6e:00:10:8f:2c:03:3d:aa:92:27:71:d1:70:9e:c9:fe:
52:68:32:27:36:e0:bc:63:2b:b1:2b:2f:d8:35:9d:2e:f0:1c:
23:9a:38:4f:ff:f6:95:e0:33:da:5c:80:a8:4c:78:65:1f:c6:
77:0e:92:68:81:5b:59:be:6f:4c:4a:e4:f2:28:b7:d1:98:3a:
6d:28:6d:8b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUNIogrSNLNkvZ9Jje+ney2QQ5ieAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU1NTFaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmNmQxOTE1NjI2MzZlZmFiMjRlMjAyZTBmMmNjYzZjODYzOTM0OTNiZWQw
ZWM0OWU3MzkyM2EzYTM2MjM3ZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWEIfJ9QaAlD6F8+4O+CE66DPolCIdXqASZrCQJxfvVLLV5FZl+9HfthLKc
oc8zOexww4aM2vc2QRzpCjglOoJ9yDSJUdyJUj1iWKxcgGgTtFEEE+2sXhk0X4Lq
WXuhF2ol/+LPcKdGwAs7ifavtvxprOxF2aibOKZLPEZtR02a7Sjv19gQsn9K0qYo
Hk8KXt888PGKjQISB1lXZxIgYKWOFUat84pn7a8GuVyPekIG/dW+BJ0mpxhRm1Yp
OQexNMAdxSW80oKSBF4gkhdb925mLvmUQP3qr/KH0nDHXB0hp+Rs8MLjGbfiezkD
kOYT44CcvuCaKREwePmghacxx+sCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBR0AnzO
GGuIALE1YpNz4luew8GS1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVjNGE3ZGYtNTcyNy00NWFiLTkyZmItNzA3OGUyNmZkNTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HYw
DQYJKoZIhvcNAQELBQADggEBAFM4QxFAhXZYbolfWC6MntdPDUItcWzwD7EOCPxV
YaVDu9K2bJCI03eXGf9j1jg9p6jNm68YEhmuq/96CNLyz2YBKOyRIyZkhXKJOYwR
ApgQ7kNPEgihY97xfV0kXW0JNeaSu9jhFiQ7VKH9W8ktuIhaKOWY+uH1OuEhwDra
Lj5fOQoCEQULRJ3vFTsTUiHmy/TT/mNixwCcxO6LXOo31bxG37GYyrbH490T41T+
1G+ZiVNpIhI2bgAQjywDPaqSJ3HRcJ7J/lJoMic24LxjK7ErL9g1nS7wHCOaOE//
9pXgM9pcgKhMeGUfxncOkmiBW1m+b0xK5PIot9GYOm0obYs=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:14 2025 by rpki-client