Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
File: 5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa (raw, json)
Hash identifier: St6D9dRF3YMKJmH83MdykJvCsoW/52ixNPU4J9RoVq0=
Subject key identifier: BE:A1:D1:81:D4:CF:6F:72:10:01:CC:53:40:F0:8A:AF:D7:C5:18:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 632AA91074FDD34AEAA8155BF46B1061470384D7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
Signing time: Fri 24 Oct 2025 00:20:34 +0000
ROA not before: Fri 24 Oct 2025 00:20:34 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Nov 2025 15:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:2a:a9:10:74:fd:d3:4a:ea:a8:15:5b:f4:6b:10:61:47:03:84:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:34 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=76dcf65d19bb84d5e9a65def04edf92dcd3109f83a6539b8fa4088b92856acd6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6b:5d:2f:ea:e4:dd:a7:17:da:22:10:de:f4:
ab:a7:31:12:f5:08:31:29:49:17:15:ed:d0:e2:63:
02:3e:98:27:1e:18:93:ad:1a:a3:26:e1:cd:e3:44:
25:d3:05:00:6f:5f:a8:c6:54:6a:24:d1:bc:1c:d4:
be:64:64:b8:3c:5e:1e:b5:f0:49:68:92:8f:97:51:
8f:8e:a9:00:5b:bf:f8:8d:62:22:ab:2c:b7:c5:75:
5b:8e:3f:f9:e0:51:30:72:d2:5b:30:f2:ec:a4:ff:
84:f9:ab:29:3c:28:49:21:37:0e:77:e4:8c:4c:ee:
36:fd:d9:60:9a:26:dd:55:5d:77:42:f2:76:fa:5f:
52:6f:50:5e:29:38:de:0f:a1:0a:e7:bc:f0:7e:c0:
9b:e7:24:25:d5:56:9d:ff:47:c1:2e:b9:4a:a6:4b:
a7:68:97:08:bb:ec:62:76:5c:92:02:fc:f7:7c:85:
58:fa:75:67:57:f9:7a:20:53:ff:ca:6c:a5:c4:70:
55:df:14:d7:3d:89:cc:bc:7d:e2:13:2f:ea:a8:f0:
d2:92:b2:61:51:fd:47:d2:98:e7:34:86:a3:51:84:
d0:aa:d7:a1:d5:82:ef:2b:c6:b9:58:7e:31:a0:f7:
b2:6d:18:99:f2:ec:44:a5:5a:97:20:f4:5b:7a:55:
7e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:A1:D1:81:D4:CF:6F:72:10:01:CC:53:40:F0:8A:AF:D7:C5:18:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:8000::/40
Signature Algorithm: sha256WithRSAEncryption
45:5d:bd:cf:c3:12:fe:af:7a:e7:99:27:01:33:c8:ed:db:df:
11:7e:c9:ed:2d:ba:d8:89:65:eb:85:8c:23:94:62:70:3d:11:
4c:bd:8b:ec:c9:c3:85:10:0f:f8:80:5d:a4:2f:03:d9:1a:0f:
7e:d0:7e:a8:9a:a8:a7:49:70:89:df:b5:0a:ac:3c:b2:25:6e:
6b:9a:68:55:c7:0c:e6:d5:b9:a0:f1:b4:1b:6c:01:90:8b:87:
fb:af:f4:d5:4c:fc:74:9d:3a:4c:1e:96:b4:75:95:36:df:01:
3b:55:52:c9:5e:ea:c4:5a:41:b0:b3:83:a0:ce:bd:b1:a2:db:
c2:90:80:13:1f:36:93:4c:70:17:83:3e:de:1e:db:89:21:09:
fa:39:43:cc:0e:73:6d:af:89:35:a1:9f:f7:d6:91:ee:37:f1:
e5:d5:cb:97:f0:d0:f9:f7:cd:e6:c6:2c:df:f2:7c:af:3e:e0:
d5:eb:c7:89:29:79:03:1d:ac:ab:fd:4b:f9:6b:58:ba:f6:a3:
24:93:1b:69:76:e2:03:05:fa:47:e7:58:54:10:b5:54:1f:32:
be:0b:79:4e:51:d1:c7:49:f4:d5:47:c4:de:f6:78:0b:ab:31:
52:88:53:78:71:97:9d:83:e9:b4:5a:7d:05:5b:f3:9c:a7:9c:
76:89:24:7f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYyqpEHT900rqqBVb9GsQYUcDhNcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMzRaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2ZGNmNjVkMTliYjg0ZDVlOWE2NWRlZjA0ZWRmOTJkY2QzMTA5ZjgzYTY1
MzliOGZhNDA4OGI5Mjg1NmFjZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxrXS/q5N2nF9oiEN70q6cxEvUIMSlJFxXt0OJjAj6YJx4Yk60aoybhzeNE
JdMFAG9fqMZUaiTRvBzUvmRkuDxeHrXwSWiSj5dRj46pAFu/+I1iIqsst8V1W44/
+eBRMHLSWzDy7KT/hPmrKTwoSSE3DnfkjEzuNv3ZYJom3VVdd0LydvpfUm9QXik4
3g+hCue88H7Am+ckJdVWnf9HwS65SqZLp2iXCLvsYnZckgL893yFWPp1Z1f5eiBT
/8pspcRwVd8U1z2JzLx94hMv6qjw0pKyYVH9R9KY5zSGo1GE0KrXodWC7yvGuVh+
MaD3sm0YmfLsRKValyD0W3pVfnMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS+odGB
1M9vchABzFNA8Iqv18UYbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWYzMDU0YjgtNTRlZS00YjhiLWFmYzgtNTMxZjI0ZDU5ZmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSA
MA0GCSqGSIb3DQEBCwUAA4IBAQBFXb3PwxL+r3rnmScBM8jt298RfsntLbrYiWXr
hYwjlGJwPRFMvYvsycOFEA/4gF2kLwPZGg9+0H6omqinSXCJ37UKrDyyJW5rmmhV
xwzm1bmg8bQbbAGQi4f7r/TVTPx0nTpMHpa0dZU23wE7VVLJXurEWkGws4Ogzr2x
otvCkIATHzaTTHAXgz7eHtuJIQn6OUPMDnNtr4k1oZ/31pHuN/Hl1cuX8ND5983m
xizf8nyvPuDV68eJKXkDHayr/Uv5a1i69qMkkxtpduIDBfpH51hUELVUHzK+C3lO
UdHHSfTVR8Te9ngLqzFSiFN4cZedg+m0Wn0FW/Ocp5x2iSR/
-----END CERTIFICATE-----
Generated at Mon Nov 3 00:09:16 2025 by rpki-client