Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
File: 19a2984e-942a-4280-ac0b-904c9860af2f.roa (raw, json)
Hash identifier: sQVc7SCt7DOS6zhX2gUI83TGlqDLQzPQ9bSHaRlbhqo=
Subject key identifier: A5:24:9D:CF:2E:C0:04:E6:6D:F7:3C:20:52:6E:7E:2A:F9:5E:13:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B47D24983B6401035A3EC2652355264F274EC86
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
Signing time: Tue 21 Oct 2025 13:50:59 +0000
ROA not before: Tue 21 Oct 2025 13:50:59 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:47:d2:49:83:b6:40:10:35:a3:ec:26:52:35:52:64:f2:74:ec:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:59 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=9f7164cd6b3741138865aa2a8f5c58a9a4a6ac49f71e1370d3ad7bd5e07410a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3b:ff:07:b1:96:94:aa:cd:28:76:96:90:78:
43:83:98:89:8f:1f:16:b4:e4:85:c9:7c:7e:d6:c7:
33:02:05:37:64:50:d2:1b:3b:6f:a2:cb:ee:54:a1:
86:53:2d:1f:b4:01:bd:ea:78:fb:14:b9:ba:33:40:
ed:a7:80:40:e6:ff:6e:2c:7e:cd:03:ee:eb:b0:4e:
ed:2a:49:27:ef:9f:c4:82:30:9b:a3:79:fd:2e:ad:
21:16:8e:96:81:c0:1e:f6:29:fc:e3:f6:be:a5:1e:
a0:56:5b:c6:57:36:03:d2:be:08:21:69:fb:08:89:
4d:16:e3:74:02:df:24:c0:04:a2:a9:3a:89:ca:20:
aa:90:1d:35:8c:b8:62:48:8c:61:fe:cc:ee:ef:f0:
96:47:c1:a0:f4:da:17:54:c7:a0:9f:12:70:15:e3:
91:cc:f8:76:09:95:72:92:41:85:89:12:67:83:04:
6c:d4:11:b1:30:0d:4b:90:a5:96:dd:6c:ba:e2:25:
a9:1d:ed:8e:35:fe:8c:58:d0:7a:c8:92:08:a6:c2:
82:05:f0:a2:90:f5:7e:34:c1:eb:e5:7b:15:55:10:
f6:92:90:90:db:89:93:ac:6e:83:d9:18:4e:77:d6:
ce:6a:ef:68:cc:fb:97:64:d4:2b:b8:2e:65:d2:57:
fa:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:24:9D:CF:2E:C0:04:E6:6D:F7:3C:20:52:6E:7E:2A:F9:5E:13:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8020::/48
Signature Algorithm: sha256WithRSAEncryption
47:34:ba:5b:a6:31:5b:f6:f7:4d:98:1a:1a:a9:fe:62:f2:ca:
7a:79:38:dd:47:80:46:dc:e9:31:4a:2c:46:80:55:1e:36:ea:
d9:51:ac:64:95:7b:1d:56:e4:91:8d:73:8b:bd:14:17:52:19:
a6:9e:17:e4:fd:c2:37:ec:e4:b8:d7:74:dc:22:6b:8b:5b:8a:
c3:f5:07:63:03:1f:57:22:e7:a2:a8:65:f4:a6:1a:e6:10:08:
0f:68:e4:93:7c:e5:20:f3:ce:6d:9b:24:00:4a:08:a2:61:bb:
63:a3:65:9e:6b:35:9d:6f:a7:95:ef:27:f3:c3:37:7d:3f:01:
d3:36:2e:67:3e:62:d4:22:10:ee:5d:8d:0f:da:f7:e2:95:6c:
de:dd:4f:91:86:0b:9f:da:67:0e:71:eb:41:32:a7:2f:98:0a:
e4:a5:5d:e1:92:8e:c4:9f:c1:37:db:d0:5b:cd:a8:11:10:6e:
23:69:a5:ab:a8:ca:7d:f8:4b:ab:96:d4:af:5e:ea:56:7e:bb:
49:4e:12:d4:70:9f:ea:af:0e:ad:c3:09:59:e6:62:3c:1b:6a:
cf:a7:21:7a:16:9b:88:cc:cd:e2:ce:66:33:42:98:39:f8:21:
57:7f:e0:90:68:84:80:8a:07:6f:ef:c2:8b:3d:44:15:8f:78:
7d:02:f7:35
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUa0fSSYO2QBA1o+wmUjVSZPJ07IYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwNTlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmNzE2NGNkNmIzNzQxMTM4ODY1YWEyYThmNWM1OGE5YTRhNmFjNDlmNzFl
MTM3MGQzYWQ3YmQ1ZTA3NDEwYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMs7/wexlpSqzSh2lpB4Q4OYiY8fFrTkhcl8ftbHMwIFN2RQ0hs7b6LL7lSh
hlMtH7QBvep4+xS5ujNA7aeAQOb/bix+zQPu67BO7SpJJ++fxIIwm6N5/S6tIRaO
loHAHvYp/OP2vqUeoFZbxlc2A9K+CCFp+wiJTRbjdALfJMAEoqk6icogqpAdNYy4
YkiMYf7M7u/wlkfBoPTaF1THoJ8ScBXjkcz4dgmVcpJBhYkSZ4MEbNQRsTANS5Cl
lt1suuIlqR3tjjX+jFjQesiSCKbCggXwopD1fjTB6+V7FVUQ9pKQkNuJk6xug9kY
TnfWzmrvaMz7l2TUK7guZdJX+lsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSlJJ3P
LsAE5m33PCBSbn4q+V4TrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTlhMjk4NGUtOTQyYS00MjgwLWFjMGItOTA0Yzk4NjBhZjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
IDANBgkqhkiG9w0BAQsFAAOCAQEARzS6W6YxW/b3TZgaGqn+YvLKenk43UeARtzp
MUosRoBVHjbq2VGsZJV7HVbkkY1zi70UF1IZpp4X5P3CN+zkuNd03CJri1uKw/UH
YwMfVyLnoqhl9KYa5hAID2jkk3zlIPPObZskAEoIomG7Y6Nlnms1nW+nle8n88M3
fT8B0zYuZz5i1CIQ7l2ND9r34pVs3t1PkYYLn9pnDnHrQTKnL5gK5KVd4ZKOxJ/B
N9vQW82oERBuI2mlq6jKffhLq5bUr17qVn67SU4S1HCf6q8OrcMJWeZiPBtqz6ch
ehabiMzN4s5mM0KYOfghV3/gkGiEgIoHb+/Ciz1EFY94fQL3NQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:26 2025 by rpki-client