Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
File: f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa (raw, json)
Hash identifier: FXpNPtiGT4qao8voOL1I6kqzNro/KlOElvbtHwAofQg=
Subject key identifier: 7A:FD:1C:09:2B:0A:10:8F:AE:43:9D:8A:57:5A:73:15:BC:02:91:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A82D877595669F3C20AD7303BAE61D91DC3844F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
Signing time: Fri 26 Sep 2025 18:20:15 +0000
ROA not before: Fri 26 Sep 2025 18:20:15 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:82:d8:77:59:56:69:f3:c2:0a:d7:30:3b:ae:61:d9:1d:c3:84:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:20:15 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=c793e791cdc401e63eaea6c410fc853059bd4a553b87f07620b0077350abcfcf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ba:b4:0b:16:57:74:af:28:98:5d:3b:dc:0d:
4c:ff:f3:1e:86:45:cd:56:a9:93:d0:53:37:7d:05:
64:4d:fd:17:3d:23:08:00:af:81:33:1c:4a:0c:e9:
6b:a5:fe:03:bd:a3:8a:50:c9:2c:f1:95:a0:24:55:
c4:98:d2:0f:4a:8c:46:e0:9c:e1:ce:13:04:2a:ad:
6a:a4:43:17:34:c7:82:20:6b:9a:9b:25:1c:cc:ed:
ec:b1:cc:77:c6:b2:c5:45:53:e5:1a:2c:bb:98:0e:
6f:74:b0:01:b7:0a:2e:24:3a:14:62:90:6a:ef:3b:
d4:16:f2:64:6e:b6:b0:dc:9e:1e:06:98:07:06:77:
37:e7:55:d0:68:87:f6:4f:1f:c0:49:b6:1c:e8:0b:
4d:b4:a4:80:8f:97:50:07:f1:70:cf:e7:5e:b7:72:
bf:41:24:01:42:4d:a3:92:74:2f:f3:1d:27:46:a5:
1d:2a:32:2f:72:22:7b:e0:78:ca:a7:de:7b:f7:5a:
a9:2f:77:7c:87:e4:34:96:d5:42:bd:cb:0d:17:63:
10:5a:39:09:5e:55:c4:1a:22:4a:35:aa:ec:7e:75:
b6:69:30:c3:bd:91:5d:55:50:2f:3c:7c:c0:f1:de:
28:25:db:cb:01:f1:99:f7:42:82:7e:59:5f:b5:62:
a3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:FD:1C:09:2B:0A:10:8F:AE:43:9D:8A:57:5A:73:15:BC:02:91:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6040::/48
Signature Algorithm: sha256WithRSAEncryption
69:45:71:e4:25:c5:fd:1e:f9:c0:da:e2:0d:33:a4:e2:e5:40:
20:df:d7:95:c1:27:1d:ae:9f:94:89:c5:f6:71:f7:cb:f0:55:
b6:0a:0f:a6:55:43:f5:68:ae:9c:1b:fe:5e:77:ba:77:e1:ee:
e3:3c:b9:db:2d:6b:0a:65:90:65:ac:2b:89:91:f8:24:3e:c2:
a4:9b:dc:36:1d:f3:cd:5b:f4:87:c1:8f:1c:23:e2:dc:f4:4c:
a7:0b:06:6c:3a:df:69:44:05:b0:4e:bc:7a:c2:3a:ec:a7:e6:
6e:1e:2c:9f:3a:70:e4:49:99:ea:e9:95:9f:c3:24:f8:d2:1a:
27:0c:51:55:e6:52:c0:66:63:6c:1c:99:46:66:b7:5f:23:55:
25:b2:50:ea:4b:10:11:9d:28:9e:ac:c2:21:49:f1:be:ef:ce:
16:be:95:a5:d9:ff:3e:b3:c8:b1:d3:17:d3:bd:ae:c4:03:d6:
a2:42:4e:f4:48:dd:96:8e:b2:c7:b2:c1:e6:e3:8f:1a:cc:8f:
35:b4:06:ec:3f:0d:74:d2:a9:03:bd:26:14:58:92:01:5d:4a:
55:b1:60:ad:ed:06:8b:51:74:31:de:af:40:a7:07:eb:e7:ea:
2c:f5:cd:a5:e6:13:0e:64:bd:14:c9:bd:ad:f5:8c:09:12:05:
be:84:db:33
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOoLYd1lWafPCCtcwO65h2R3DhE8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODIwMTVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3OTNlNzkxY2RjNDAxZTYzZWFlYTZjNDEwZmM4NTMwNTliZDRhNTUzYjg3
ZjA3NjIwYjAwNzczNTBhYmNmY2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJa6tAsWV3SvKJhdO9wNTP/zHoZFzVapk9BTN30FZE39Fz0jCACvgTMcSgzp
a6X+A72jilDJLPGVoCRVxJjSD0qMRuCc4c4TBCqtaqRDFzTHgiBrmpslHMzt7LHM
d8ayxUVT5Rosu5gOb3SwAbcKLiQ6FGKQau871BbyZG62sNyeHgaYBwZ3N+dV0GiH
9k8fwEm2HOgLTbSkgI+XUAfxcM/nXrdyv0EkAUJNo5J0L/MdJ0alHSoyL3Iie+B4
yqfee/daqS93fIfkNJbVQr3LDRdjEFo5CV5VxBoiSjWq7H51tmkww72RXVVQLzx8
wPHeKCXbywHxmfdCgn5ZX7Vio2cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR6/RwJ
KwoQj65DnYpXWnMVvAKRYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjVlNjQ5MzgtZmMyZC00OTcxLWIyZGEtYWFiYzlmZTU1NmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
QDANBgkqhkiG9w0BAQsFAAOCAQEAaUVx5CXF/R75wNriDTOk4uVAIN/XlcEnHa6f
lInF9nH3y/BVtgoPplVD9WiunBv+Xne6d+Hu4zy52y1rCmWQZawriZH4JD7CpJvc
Nh3zzVv0h8GPHCPi3PRMpwsGbDrfaUQFsE68esI67Kfmbh4snzpw5EmZ6umVn8Mk
+NIaJwxRVeZSwGZjbByZRma3XyNVJbJQ6ksQEZ0onqzCIUnxvu/OFr6Vpdn/PrPI
sdMX072uxAPWokJO9Ejdlo6yx7LB5uOPGsyPNbQG7D8NdNKpA70mFFiSAV1KVbFg
re0Gi1F0Md6vQKcH6+fqLPXNpeYTDmS9FMm9rfWMCRIFvoTbMw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:51:30 2025 by rpki-client