Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa
File: 51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa (raw, json)
Hash identifier: /Q5toOgO3nbExuyQfqnqjC725dSXMPwQR+d2V+UYJ4Y=
Subject key identifier: 5E:7D:26:36:18:A1:76:6C:57:15:4A:C5:88:E2:E7:67:45:EF:9A:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E6A36D4AF6107990C8EFD9956BBEFDA6CBF304F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa
Signing time: Tue 21 Oct 2025 14:20:48 +0000
ROA not before: Tue 21 Oct 2025 14:20:48 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:6a:36:d4:af:61:07:99:0c:8e:fd:99:56:bb:ef:da:6c:bf:30:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:20:48 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=76e288d3ef883687d9214461520ef8a41e99af61ec49e9ee77cf5638d14f406a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9c:e1:1b:21:e0:7e:97:52:4e:0e:8f:0a:c0:
7b:9b:f1:62:2d:02:3f:dd:cd:c4:41:42:e8:1e:04:
8e:3a:63:3d:08:2e:21:75:3c:93:aa:5c:13:f6:d8:
14:9f:03:14:b9:40:e8:eb:01:eb:19:77:3c:02:06:
3d:93:51:4d:e6:91:f2:83:61:d5:c4:f8:6d:9a:61:
03:0b:3a:7c:ae:32:bc:7f:73:e0:73:1a:7b:a2:51:
7b:55:26:d1:1d:29:ca:24:5b:c2:ae:72:94:68:92:
95:71:af:17:a1:37:7e:23:43:34:da:a0:05:fe:fe:
e3:bb:fd:fd:6e:40:31:40:d1:73:5b:80:4d:df:35:
fe:bf:a4:99:b1:a3:cd:54:ea:c7:a0:ae:50:6c:f5:
4e:24:63:56:d1:88:59:f5:a3:00:e3:3d:95:e8:bf:
cc:13:9f:da:97:b4:62:80:ae:85:2c:7b:fe:a2:aa:
ce:0c:a1:50:ca:f0:ec:27:23:a5:88:b8:54:60:dd:
a3:cd:9c:f9:84:d3:53:fb:bc:51:7a:19:5d:cd:8a:
ee:f7:df:c8:11:f0:5f:e0:1b:e3:9d:35:c1:03:be:
cc:8b:a7:ea:d3:99:30:27:cf:1d:9c:97:66:d2:4d:
37:d5:7b:b0:4b:bc:9f:26:8f:76:fd:fb:c2:0a:e3:
93:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:7D:26:36:18:A1:76:6C:57:15:4A:C5:88:E2:E7:67:45:EF:9A:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
5d:02:43:0d:b8:c4:8b:7e:72:5d:cc:50:2f:27:b0:26:e9:e2:
55:62:ee:f7:25:6c:e8:34:ca:b9:46:80:de:69:b5:af:30:b6:
2f:68:06:66:36:e1:51:27:e3:b3:7f:28:79:d5:e3:96:90:d4:
76:dd:32:4c:6f:3d:85:1d:82:ea:86:af:79:dd:83:ed:72:12:
3f:0a:dc:a2:aa:93:fd:4b:04:45:0e:19:df:85:e4:c6:df:45:
f3:23:ec:0b:92:e2:d4:94:7c:4f:10:0b:22:bc:97:9c:f8:06:
7a:df:91:25:b4:1a:73:a0:0a:fc:0e:78:27:9b:06:1c:d2:b6:
48:4d:82:67:21:0f:82:33:d7:40:8b:98:c8:89:8b:53:fa:ff:
52:de:90:54:c2:54:e2:84:18:55:ad:e0:c6:d6:2c:70:9a:35:
e9:6b:34:ac:fe:4b:d0:6d:cf:95:2d:a1:93:10:30:5f:ec:09:
b5:ee:f6:62:bb:b3:02:e1:2d:18:26:f9:38:9c:56:9a:28:74:
90:92:ae:2b:9f:be:be:2e:d5:a7:f5:d4:89:6d:42:97:b1:66:
17:45:0c:9d:de:b3:92:16:89:dc:d4:ad:ac:39:52:e9:64:cf:
22:13:d0:09:d9:ae:5b:ed:d3:92:f1:2c:82:31:0c:bb:f6:61:
d3:5c:ce:e1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfmo21K9hB5kMjv2ZVrvv2my/ME8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIwNDhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2ZTI4OGQzZWY4ODM2ODdkOTIxNDQ2MTUyMGVmOGE0MWU5OWFmNjFlYzQ5
ZTllZTc3Y2Y1NjM4ZDE0ZjQwNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWc4Rsh4H6XUk4OjwrAe5vxYi0CP93NxEFC6B4EjjpjPQguIXU8k6pcE/bY
FJ8DFLlA6OsB6xl3PAIGPZNRTeaR8oNh1cT4bZphAws6fK4yvH9z4HMae6JRe1Um
0R0pyiRbwq5ylGiSlXGvF6E3fiNDNNqgBf7+47v9/W5AMUDRc1uATd81/r+kmbGj
zVTqx6CuUGz1TiRjVtGIWfWjAOM9lei/zBOf2pe0YoCuhSx7/qKqzgyhUMrw7Ccj
pYi4VGDdo82c+YTTU/u8UXoZXc2K7vffyBHwX+Ab4501wQO+zIun6tOZMCfPHZyX
ZtJNN9V7sEu8nyaPdv37wgrjk0UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRefSY2
GKF2bFcVSsWI4udnRe+aUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTFhMWVhNzEtNzVhZi00YmM3LThjMDUtMWIyZTNhNTYyNzkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
0DANBgkqhkiG9w0BAQsFAAOCAQEAXQJDDbjEi35yXcxQLyewJuniVWLu9yVs6DTK
uUaA3mm1rzC2L2gGZjbhUSfjs38oedXjlpDUdt0yTG89hR2C6oaved2D7XISPwrc
oqqT/UsERQ4Z34Xkxt9F8yPsC5Li1JR8TxALIryXnPgGet+RJbQac6AK/A54J5sG
HNK2SE2CZyEPgjPXQIuYyImLU/r/Ut6QVMJU4oQYVa3gxtYscJo16Ws0rP5L0G3P
lS2hkxAwX+wJte72YruzAuEtGCb5OJxWmih0kJKuK5++vi7Vp/XUiW1Cl7FmF0UM
nd6zkhaJ3NStrDlS6WTPIhPQCdmuW+3TkvEsgjEMu/Zh01zO4Q==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:11 2025 by rpki-client