Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
File: e396d806-dffa-4609-8ae4-1e8fdbde728e.roa (raw, json)
Hash identifier: +fttJq9Hd7dToo2Id7RRoPep5DnEIJRfyOJ40AW7Xdk=
Subject key identifier: 67:7F:BB:BE:5F:59:1E:1F:B8:E9:A1:3A:8B:7C:B3:2B:C3:FA:3D:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E86EFA72E5F91FF875649ABC1D57FEED541F2E9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
Signing time: Fri 26 Sep 2025 18:41:48 +0000
ROA not before: Fri 26 Sep 2025 18:41:48 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:86:ef:a7:2e:5f:91:ff:87:56:49:ab:c1:d5:7f:ee:d5:41:f2:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:41:48 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=1327df427354a61ae3b172405b2bcb929b406eef97c67f217090606c832ba77e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:04:fe:a0:9f:35:77:7e:bd:3f:51:3f:cf:e9:
16:89:7a:a2:39:10:ad:69:16:b4:2a:25:46:0e:81:
d8:60:76:0c:ab:fd:34:0b:79:a2:05:b1:46:69:37:
d0:bd:a5:f9:53:ae:34:57:30:2c:2e:ce:f3:8a:5e:
27:f6:7d:57:1d:48:de:3e:76:c9:04:bc:34:20:f4:
26:18:d2:88:91:64:d5:90:18:b4:0d:8c:65:0c:6b:
9c:f1:7d:bc:f2:e8:5b:94:61:8a:f0:f4:90:7e:70:
c6:6e:ce:ca:e6:41:10:47:2f:6f:4e:1b:b2:1a:27:
af:6c:70:c7:25:88:05:fa:5e:92:4c:9d:7b:17:cd:
b8:8b:2d:d3:ae:dd:9b:3b:62:05:e8:b7:62:5b:c2:
a7:29:79:df:48:35:ba:c1:9a:6b:96:4f:fc:a4:f9:
56:18:ea:46:c3:f6:6b:df:4f:86:0e:8c:12:ac:54:
03:f2:48:16:97:51:e0:1c:50:6b:f0:19:68:99:78:
c6:48:4a:ba:50:c0:9f:1f:e1:9e:df:e2:5e:8c:39:
b4:8b:f6:69:e5:59:dd:6f:b1:84:9b:d7:98:0a:2c:
bc:b8:f8:74:99:63:6a:77:aa:e9:81:15:30:88:72:
3b:01:fe:b7:da:40:5e:a7:6c:1e:4b:b1:7b:a5:84:
af:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:7F:BB:BE:5F:59:1E:1F:B8:E9:A1:3A:8B:7C:B3:2B:C3:FA:3D:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
ae:bc:41:3e:04:87:a3:68:cd:55:ca:cf:3b:a7:a3:1b:7c:f8:
a8:d1:e3:41:c2:0e:70:4b:60:6c:ea:be:27:1c:08:82:b2:9b:
d9:77:6c:e8:4b:6b:32:72:c3:1a:4a:bf:d0:9d:fe:05:da:92:
f5:85:16:5f:83:ed:8a:13:f0:79:c8:58:f3:d1:6c:7e:06:41:
cb:6d:57:c8:22:c8:2a:b0:15:de:24:5d:5c:b5:a4:26:e1:09:
55:f7:80:13:42:c0:fd:ed:5b:ef:3c:3e:c7:97:b3:a8:36:9f:
3f:2f:d4:9e:3f:05:bb:c6:b1:78:be:49:7c:2b:02:df:19:08:
f6:6a:24:9c:5f:47:a4:bc:71:38:bf:6d:09:39:4e:d7:78:45:
fc:aa:a2:10:51:1d:20:3a:67:1e:95:5b:6a:bb:c9:47:3c:52:
46:61:ca:40:e5:92:e2:1f:69:8a:91:e4:eb:6a:9c:66:79:60:
06:70:fd:28:51:76:f2:43:f8:6f:f2:1c:12:f5:71:b5:3e:65:
dc:2e:4e:b8:13:0d:a0:2b:81:e0:db:c2:db:b3:a2:3d:6a:c4:
67:0c:51:58:bc:80:83:82:79:6b:1b:d6:fb:98:45:d7:8b:1e:
8a:cc:b4:35:39:f4:df:09:7e:f0:0b:c2:ec:49:9f:38:66:7d:
9b:9a:2a:0e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXobvpy5fkf+HVkmrwdV/7tVB8ukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQxNDhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzMjdkZjQyNzM1NGE2MWFlM2IxNzI0MDViMmJjYjkyOWI0MDZlZWY5N2M2
N2YyMTcwOTA2MDZjODMyYmE3N2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8E/qCfNXd+vT9RP8/pFol6ojkQrWkWtColRg6B2GB2DKv9NAt5ogWxRmk3
0L2l+VOuNFcwLC7O84peJ/Z9Vx1I3j52yQS8NCD0JhjSiJFk1ZAYtA2MZQxrnPF9
vPLoW5RhivD0kH5wxm7OyuZBEEcvb04bshonr2xwxyWIBfpekkydexfNuIst067d
mztiBei3YlvCpyl530g1usGaa5ZP/KT5VhjqRsP2a99Phg6MEqxUA/JIFpdR4BxQ
a/AZaJl4xkhKulDAnx/hnt/iXow5tIv2aeVZ3W+xhJvXmAosvLj4dJljaneq6YEV
MIhyOwH+t9pAXqdsHkuxe6WEr3sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRnf7u+
X1keH7jpoTqLfLMrw/o9szAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTM5NmQ4MDYtZGZmYS00NjA5LThhZTQtMWU4ZmRiZGU3MjhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
wDANBgkqhkiG9w0BAQsFAAOCAQEArrxBPgSHo2jNVcrPO6ejG3z4qNHjQcIOcEtg
bOq+JxwIgrKb2Xds6EtrMnLDGkq/0J3+BdqS9YUWX4PtihPwechY89FsfgZBy21X
yCLIKrAV3iRdXLWkJuEJVfeAE0LA/e1b7zw+x5ezqDafPy/Unj8Fu8axeL5JfCsC
3xkI9moknF9HpLxxOL9tCTlO13hF/KqiEFEdIDpnHpVbarvJRzxSRmHKQOWS4h9p
ipHk62qcZnlgBnD9KFF28kP4b/IcEvVxtT5l3C5OuBMNoCuB4NvC27OiPWrEZwxR
WLyAg4J5axvW+5hF14seisy0NTn03wl+8AvC7EmfOGZ9m5oqDg==
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:15:59 2025 by rpki-client