Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e348b574-c707-42a9-9b58-f3215857ae07.roa
File: e348b574-c707-42a9-9b58-f3215857ae07.roa (raw, json)
Hash identifier: wSFgMfBy9IcAjkIv2JYyuYRqRGt1XA9Spyfcpm7ijkg=
Subject key identifier: C8:96:7F:0F:58:77:7C:1F:D2:19:B1:A8:B0:53:F7:20:24:52:79:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7AF9D193DF8B775F6ACAB82A16B283DED66DDC9F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e348b574-c707-42a9-9b58-f3215857ae07.roa
Signing time: Fri 26 Sep 2025 18:39:07 +0000
ROA not before: Fri 26 Sep 2025 18:39:07 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:f9:d1:93:df:8b:77:5f:6a:ca:b8:2a:16:b2:83:de:d6:6d:dc:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:39:07 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=fa00a61ce9040e4c725ad303b6e46420d3e8fd15b800f956902ed8093f3d6570, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ad:4d:6c:0c:87:47:2c:c9:5e:a2:58:ec:8a:
4f:26:10:04:62:a4:88:f9:6c:8c:4c:40:2b:89:80:
77:a1:8b:5d:2f:d9:f3:94:34:95:54:93:98:e2:b9:
2b:1d:f7:39:da:9f:d6:e5:55:01:65:a0:16:a6:d5:
1b:8b:3b:0b:1c:b1:a4:9a:94:04:e8:88:18:b5:ed:
d2:a3:ff:7e:8e:1c:6d:31:15:09:6d:ef:9a:e2:e4:
34:b3:11:c9:83:8e:33:39:34:61:b2:21:22:9d:64:
e5:88:b6:d9:04:83:ed:04:99:dd:b0:f9:67:0f:60:
c1:ea:dc:07:99:f0:5c:f7:51:5c:f2:f0:eb:de:60:
11:2e:96:0b:06:16:84:39:9d:93:c1:5c:9a:bd:1c:
9e:9d:2d:e6:c3:d6:f6:dc:35:ba:f5:3d:02:73:be:
ad:bf:dc:51:d6:09:56:45:ba:bc:46:7f:89:47:e7:
3c:97:b0:ce:88:1e:67:15:f1:6f:4d:bd:d9:af:26:
6d:d2:e9:2a:c8:22:98:09:4b:d6:d5:5d:d7:44:58:
a7:a6:ab:78:52:d7:50:99:9a:2e:51:1d:10:79:45:
d3:0a:8c:fc:16:4a:05:62:84:ae:3e:21:09:77:18:
3b:af:16:fd:9f:a3:f3:2b:30:7b:15:91:85:e6:c7:
7c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:96:7F:0F:58:77:7C:1F:D2:19:B1:A8:B0:53:F7:20:24:52:79:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e348b574-c707-42a9-9b58-f3215857ae07.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a080::/48
Signature Algorithm: sha256WithRSAEncryption
44:d6:96:ad:a9:28:63:17:9f:d6:72:63:a0:12:0a:19:61:2d:
67:6b:35:92:c1:e6:75:01:34:e0:f2:4e:70:91:ca:69:70:87:
f8:49:71:b0:6c:98:ba:6a:3e:f6:6b:36:81:08:cb:7f:c0:0d:
a6:20:cd:ef:0f:27:3f:e7:e9:e5:c3:5a:c7:be:ab:34:5f:82:
27:1f:f0:b3:f5:31:29:19:3d:19:99:53:04:52:a7:2d:43:c8:
b3:c6:66:3d:85:69:44:85:dd:3e:fc:32:36:e6:cf:9d:14:4d:
48:c5:9a:65:aa:70:94:90:6e:f6:63:e3:4e:62:ac:54:83:56:
6f:6e:d7:2c:11:46:27:6d:a2:be:a1:0d:48:0e:7d:81:4a:85:
1d:b1:d7:ec:c7:95:87:2a:c8:d4:68:c7:a2:68:db:2d:51:91:
ae:f5:db:4b:25:fb:ea:cd:07:9d:6f:68:02:8a:4d:26:85:8b:
99:a2:6e:fc:96:ec:9d:7f:72:6c:0f:c7:14:d6:9e:e9:59:6e:
29:2f:20:6a:59:39:29:1f:24:80:42:8b:33:22:a7:c1:3f:2f:
c6:11:42:de:70:bb:1f:02:6d:c0:a0:c4:c6:8f:2a:5f:c8:61:
50:71:54:13:a2:44:18:35:4b:67:69:b1:31:09:cd:58:16:3b:
70:22:6b:ee
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUevnRk9+Ld19qyrgqFrKD3tZt3J8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODM5MDdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhMDBhNjFjZTkwNDBlNGM3MjVhZDMwM2I2ZTQ2NDIwZDNlOGZkMTViODAw
Zjk1NjkwMmVkODA5M2YzZDY1NzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALytTWwMh0csyV6iWOyKTyYQBGKkiPlsjExAK4mAd6GLXS/Z85Q0lVSTmOK5
Kx33Odqf1uVVAWWgFqbVG4s7CxyxpJqUBOiIGLXt0qP/fo4cbTEVCW3vmuLkNLMR
yYOOMzk0YbIhIp1k5Yi22QSD7QSZ3bD5Zw9gwercB5nwXPdRXPLw695gES6WCwYW
hDmdk8Fcmr0cnp0t5sPW9tw1uvU9AnO+rb/cUdYJVkW6vEZ/iUfnPJewzogeZxXx
b0292a8mbdLpKsgimAlL1tVd10RYp6areFLXUJmaLlEdEHlF0wqM/BZKBWKErj4h
CXcYO68W/Z+j8yswexWRhebHfKcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTIln8P
WHd8H9IZsaiwU/cgJFJ5NzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTM0OGI1NzQtYzcwNy00MmE5LTliNTgtZjMyMTU4NTdhZTA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
gDANBgkqhkiG9w0BAQsFAAOCAQEARNaWrakoYxef1nJjoBIKGWEtZ2s1ksHmdQE0
4PJOcJHKaXCH+ElxsGyYumo+9ms2gQjLf8ANpiDN7w8nP+fp5cNax76rNF+CJx/w
s/UxKRk9GZlTBFKnLUPIs8ZmPYVpRIXdPvwyNubPnRRNSMWaZapwlJBu9mPjTmKs
VINWb27XLBFGJ22ivqENSA59gUqFHbHX7MeVhyrI1GjHomjbLVGRrvXbSyX76s0H
nW9oAopNJoWLmaJu/JbsnX9ybA/HFNae6VluKS8galk5KR8kgEKLMyKnwT8vxhFC
3nC7HwJtwKDExo8qX8hhUHFUE6JEGDVLZ2mxMQnNWBY7cCJr7g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:10 2025 by rpki-client