Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
File: 5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa (raw, json)
Hash identifier: iJ83C5jwq+6GFpBzTVeVN4JNDj28Hi9YRtgX9Aq90/8=
Subject key identifier: 6C:0E:1E:3D:F5:39:1A:0E:88:C3:53:CD:B3:3E:83:6F:2D:B6:8D:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BAF5C407B2CBDECA969A2AB74BAB636111DA4C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
Signing time: Mon 29 Sep 2025 15:24:36 +0000
ROA not before: Mon 29 Sep 2025 15:24:36 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Oct 2025 05:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:af:5c:40:7b:2c:bd:ec:a9:69:a2:ab:74:ba:b6:36:11:1d:a4:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 29 15:24:36 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=0cc78b4a048975c70154868c42632ed8a859c8d2a106a3ffbc9bd16b8f892a62, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:99:dd:4d:eb:66:8a:8f:12:fc:55:3c:65:fc:
2c:50:a6:6b:56:85:2f:be:3a:4f:7d:03:30:cc:4f:
20:4d:b6:62:e3:41:67:a6:0f:db:36:31:4b:f1:77:
10:0d:0a:c7:89:9c:8d:89:be:a7:79:84:05:5a:4b:
85:f6:97:1e:60:2c:78:85:a0:d6:79:f9:60:ef:11:
05:ae:e8:e0:64:1f:1d:9e:a9:59:d8:3e:3c:dc:a0:
4e:5c:ab:73:a6:35:78:b3:9d:9b:6e:a5:07:56:89:
ee:70:68:b0:d9:55:7c:a0:10:bb:88:9f:54:c3:5f:
e4:c1:7f:55:cc:33:62:89:7e:d8:c2:1c:38:74:6f:
43:f7:3d:16:f2:ba:a3:56:87:1e:42:1a:5a:e1:73:
ac:97:e1:d6:3d:9b:e7:0a:81:4d:d8:2c:ad:f5:e9:
4b:15:59:6b:0c:f7:9e:15:fe:95:c4:ee:7a:e6:1f:
38:ea:17:20:1e:77:29:79:e7:e6:47:4a:e7:50:3f:
9e:ed:d9:f4:e3:de:a2:6a:0b:39:49:94:bf:00:5e:
92:b7:c7:43:03:0c:3d:28:ac:00:2e:9b:f0:f1:26:
24:db:49:1f:7f:9f:e5:3d:e2:89:07:58:7c:a3:d3:
e6:7a:de:19:a5:50:81:4c:56:e5:02:54:67:9d:01:
37:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:0E:1E:3D:F5:39:1A:0E:88:C3:53:CD:B3:3E:83:6F:2D:B6:8D:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:60:73:1d:43:03:2c:6a:66:b3:98:be:ec:a1:f3:09:03:17:
81:02:a1:8c:21:1b:6f:fc:a5:ca:1b:88:12:8d:b1:03:26:d6:
34:c2:78:96:3e:04:40:cd:a8:c0:4a:6e:e9:75:1c:08:68:ea:
a8:9c:8c:45:3d:f8:2c:b8:cd:98:54:33:af:c5:8c:8f:f0:ce:
b1:ba:93:8b:4c:97:43:18:9a:d2:b6:53:01:09:4a:3a:72:98:
a0:ac:16:6a:db:03:07:d4:57:61:d0:97:f9:ed:1c:c3:60:d3:
87:5c:46:90:e2:b5:e0:ed:0b:92:c0:3a:00:ba:54:54:3c:f4:
fa:35:0d:34:18:eb:57:aa:e5:7a:f7:78:57:a5:e9:dd:44:82:
42:59:cf:70:22:6a:2b:20:ec:45:6a:fd:93:18:44:fb:80:ee:
ee:52:97:51:b1:20:00:a7:9f:2d:54:02:ff:a0:bf:a0:8e:71:
13:07:e3:22:24:df:6d:14:2e:d5:56:a0:b9:b3:35:1a:e8:b9:
b2:24:26:65:80:cf:9b:bd:d2:2b:d9:ae:ca:bc:99:08:d2:2f:
ef:63:f9:3b:58:06:9c:0e:0f:0b:a6:ef:b8:4f:fd:74:92:ad:
dd:96:20:ec:82:90:69:d8:50:68:96:44:7d:8e:06:e9:b8:10:
16:21:85:93
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe69cQHssveypaaKrdLq2NhEdpMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjkxNTI0MzZaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjYzc4YjRhMDQ4OTc1YzcwMTU0ODY4YzQyNjMyZWQ4YTg1OWM4ZDJhMTA2
YTNmZmJjOWJkMTZiOGY4OTJhNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCZ3U3rZoqPEvxVPGX8LFCma1aFL746T30DMMxPIE22YuNBZ6YP2zYxS/F3
EA0Kx4mcjYm+p3mEBVpLhfaXHmAseIWg1nn5YO8RBa7o4GQfHZ6pWdg+PNygTlyr
c6Y1eLOdm26lB1aJ7nBosNlVfKAQu4ifVMNf5MF/VcwzYol+2MIcOHRvQ/c9FvK6
o1aHHkIaWuFzrJfh1j2b5wqBTdgsrfXpSxVZawz3nhX+lcTueuYfOOoXIB53KXnn
5kdK51A/nu3Z9OPeomoLOUmUvwBekrfHQwMMPSisAC6b8PEmJNtJH3+f5T3iiQdY
fKPT5nreGaVQgUxW5QJUZ50BN0ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRsDh49
9TkaDojDU82zPoNvLbaNWTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWYzMDU0YjgtNTRlZS00YjhiLWFmYzgtNTMxZjI0ZDU5ZmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSA
MA0GCSqGSIb3DQEBCwUAA4IBAQCiYHMdQwMsamazmL7sofMJAxeBAqGMIRtv/KXK
G4gSjbEDJtY0wniWPgRAzajASm7pdRwIaOqonIxFPfgsuM2YVDOvxYyP8M6xupOL
TJdDGJrStlMBCUo6cpigrBZq2wMH1Fdh0Jf57RzDYNOHXEaQ4rXg7QuSwDoAulRU
PPT6NQ00GOtXquV693hXpendRIJCWc9wImorIOxFav2TGET7gO7uUpdRsSAAp58t
VAL/oL+gjnETB+MiJN9tFC7VVqC5szUa6LmyJCZlgM+bvdIr2a7KvJkI0i/vY/k7
WAacDg8Lpu+4T/10kq3dliDsgpBp2FBolkR9jgbpuBAWIYWT
-----END CERTIFICATE-----
Generated at Sat Oct 18 13:17:34 2025 by rpki-client