Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/007aa6ae-ee04-4168-a465-d2d3db70f19f.roa
File: 007aa6ae-ee04-4168-a465-d2d3db70f19f.roa (raw, json)
Hash identifier: 0tLsLW0fOkHGni1bChFtkNZeFCvaxChE45UEfw6zpXk=
Subject key identifier: 74:7E:8B:E2:51:90:B1:61:45:BE:DF:56:7D:B6:45:65:F4:33:CF:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B9EF2811CE9F5AEFDD42109978625327DDB2159
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/007aa6ae-ee04-4168-a465-d2d3db70f19f.roa
Signing time: Tue 21 Oct 2025 13:10:06 +0000
ROA not before: Tue 21 Oct 2025 13:10:06 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:9e:f2:81:1c:e9:f5:ae:fd:d4:21:09:97:86:25:32:7d:db:21:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:10:06 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=4155d2f506cd85011a67177b307d1a9509e3c53313fa6e2dd31b51a41445299e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:22:b8:f9:9c:46:cf:74:74:ae:97:28:74:7f:
05:39:ef:ac:e9:db:ff:04:71:3d:4f:6f:87:fd:79:
35:50:6a:74:63:3b:a2:6c:d3:72:21:ec:21:c4:b6:
af:d6:29:ec:fc:e5:9d:69:a3:2a:81:62:cd:df:fe:
c5:7d:ef:2a:a8:d0:4d:c6:1d:de:ba:f9:ef:13:27:
8e:59:0f:b2:a5:a6:34:72:56:a2:dd:8c:52:d7:ca:
61:23:c4:1b:67:32:e8:d4:d7:92:44:20:82:c1:41:
31:2c:fa:3e:a8:98:b9:0b:de:10:8d:cc:30:f4:54:
31:62:ba:af:3e:78:ee:55:58:23:b4:81:f1:b2:71:
21:9a:3c:61:70:4a:e0:8c:c5:f8:29:7d:e8:4f:08:
46:6d:29:9d:05:63:49:ec:b4:1d:c8:c3:f8:f4:91:
33:03:a1:6a:f3:08:a2:63:5b:bf:10:2c:21:52:e9:
88:b1:dd:31:67:78:bd:fc:61:19:e9:01:70:70:d4:
f9:2d:ac:c5:b9:36:21:89:d5:d9:53:93:91:2f:66:
1a:a2:8b:03:7e:ca:71:92:7d:f8:f6:7c:0c:97:ff:
82:1f:b5:24:df:4d:a0:92:69:e7:91:d3:75:47:a2:
ec:1c:7f:b2:67:64:87:8d:6c:7a:ea:ed:57:e5:8a:
fb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7E:8B:E2:51:90:B1:61:45:BE:DF:56:7D:B6:45:65:F4:33:CF:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/007aa6ae-ee04-4168-a465-d2d3db70f19f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1040::/48
Signature Algorithm: sha256WithRSAEncryption
12:b6:10:f6:22:e3:20:cf:a2:0a:03:98:a7:c7:2a:2f:e2:9d:
68:51:9f:69:d1:58:bc:fb:d7:da:2b:da:73:76:cf:f8:6a:c0:
5c:52:d8:14:d0:d4:f1:62:8b:e6:5f:2d:90:1f:f1:96:ed:04:
93:da:2f:ca:c1:9a:96:0f:78:27:f8:b5:37:2a:7a:71:1f:29:
c1:35:ee:d0:fd:cf:c9:05:aa:0c:69:77:61:95:9f:e8:99:e3:
23:19:b5:b2:1f:69:f5:a4:a5:24:67:d8:81:1c:48:55:bf:bc:
0b:61:20:d3:b0:94:37:e3:61:0c:dd:40:31:fa:d4:52:51:bf:
94:70:23:3d:52:fa:34:18:02:d2:84:40:63:66:3c:07:97:b1:
36:ec:ed:1e:a8:90:0c:a6:c8:c5:82:b0:a9:66:50:6d:00:13:
e1:de:20:d5:d5:46:5d:5a:2d:2c:9e:2a:36:73:85:40:d6:36:
51:f5:71:02:ef:8a:92:27:97:e9:5c:20:3c:be:75:2b:40:5c:
0f:28:a3:c2:96:61:7d:dc:7e:c0:4f:80:22:b9:33:f3:d5:35:
ee:94:7f:b1:df:44:31:3b:46:5e:61:59:33:d8:38:69:b8:9a:
f8:da:cf:88:9a:95:fe:f8:a6:a5:f0:b4:2b:cd:59:3f:3a:5d:
19:33:7f:2a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe57ygRzp9a791CEJl4YlMn3bIVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzEwMDZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxNTVkMmY1MDZjZDg1MDExYTY3MTc3YjMwN2QxYTk1MDllM2M1MzMxM2Zh
NmUyZGQzMWI1MWE0MTQ0NTI5OWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsiuPmcRs90dK6XKHR/BTnvrOnb/wRxPU9vh/15NVBqdGM7omzTciHsIcS2
r9Yp7PzlnWmjKoFizd/+xX3vKqjQTcYd3rr57xMnjlkPsqWmNHJWot2MUtfKYSPE
G2cy6NTXkkQggsFBMSz6PqiYuQveEI3MMPRUMWK6rz547lVYI7SB8bJxIZo8YXBK
4IzF+Cl96E8IRm0pnQVjSey0HcjD+PSRMwOhavMIomNbvxAsIVLpiLHdMWd4vfxh
GekBcHDU+S2sxbk2IYnV2VOTkS9mGqKLA37KcZJ9+PZ8DJf/gh+1JN9NoJJp55HT
dUei7Bx/smdkh41seurtV+WK+ysCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR0fovi
UZCxYUW+31Z9tkVl9DPP3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDA3YWE2YWUtZWUwNC00MTY4LWE0NjUtZDJkM2RiNzBmMTlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAErYQ9iLjIM+iCgOYp8cqL+KdaFGfadFYvPvX
2ivac3bP+GrAXFLYFNDU8WKL5l8tkB/xlu0Ek9ovysGalg94J/i1Nyp6cR8pwTXu
0P3PyQWqDGl3YZWf6JnjIxm1sh9p9aSlJGfYgRxIVb+8C2Eg07CUN+NhDN1AMfrU
UlG/lHAjPVL6NBgC0oRAY2Y8B5exNuztHqiQDKbIxYKwqWZQbQAT4d4g1dVGXVot
LJ4qNnOFQNY2UfVxAu+KkieX6VwgPL51K0BcDyijwpZhfdx+wE+AIrkz89U17pR/
sd9EMTtGXmFZM9g4abia+NrPiJqV/vimpfC0K81ZPzpdGTN/Kg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:19 2025 by rpki-client