Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
File: 6ddb8169-a0ba-4989-b488-a344085c56c9.roa (raw, json)
Hash identifier: WqLVcih73kARJgwc3RoqXtu0JYhgKEvqg/nW62sXSCc=
Subject key identifier: 47:6D:0C:CB:93:DF:B5:69:FC:79:14:33:FC:38:B1:7A:E9:1A:94:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EF9353EE1754799FBA4AF1873DBF3D3437B4A4B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
Signing time: Tue 21 Oct 2025 13:50:06 +0000
ROA not before: Tue 21 Oct 2025 13:50:06 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 15:12:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:f9:35:3e:e1:75:47:99:fb:a4:af:18:73:db:f3:d3:43:7b:4a:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:06 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=9f945c480a4ee338db78ed594d53e8b7f76c48665d521bdfbd0a2027db7fcee4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ce:b6:67:e3:20:49:5a:72:72:48:ef:ee:41:
60:92:19:f3:63:36:03:60:03:6d:5a:2f:0b:9a:ea:
02:9d:05:4a:19:7f:42:23:37:50:50:cf:96:db:b0:
3d:6a:93:40:16:d5:bb:27:9a:ec:53:c1:bc:53:8f:
d3:99:68:fb:83:14:22:7c:fe:47:a2:41:ce:26:5f:
07:e0:15:ad:99:92:da:bf:d5:47:b6:ea:20:93:37:
bf:29:82:a0:dd:10:8b:03:12:92:eb:81:77:00:5c:
88:61:85:d7:06:7b:82:15:3c:fe:a2:a5:3d:6e:02:
59:83:bd:f7:e4:80:ce:df:e1:6b:01:ba:32:79:2e:
8a:4b:c7:ad:be:f7:3d:a6:a2:3d:35:5d:54:4f:5f:
6a:1f:d0:83:be:4a:e5:7f:2a:cb:df:1b:13:c4:89:
92:7c:67:98:e0:b7:cc:66:f5:b4:a1:ed:6a:70:8c:
39:ff:0f:04:d1:fb:2d:a4:df:71:bb:69:cd:50:de:
ea:42:41:f6:77:55:59:a7:db:68:06:8a:e0:e0:a6:
3f:94:26:7b:86:00:8f:e8:68:a9:8d:7b:9e:e7:c1:
7c:b2:34:f5:99:8b:83:e7:b9:9f:ff:d4:71:21:77:
51:59:43:15:cf:f7:42:9d:13:97:63:b8:ae:8d:eb:
39:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:6D:0C:CB:93:DF:B5:69:FC:79:14:33:FC:38:B1:7A:E9:1A:94:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:c000::/40
Signature Algorithm: sha256WithRSAEncryption
82:03:d3:75:06:7b:64:dc:3e:93:de:28:82:75:06:01:f7:7e:
7e:4c:f9:e4:b5:3a:a9:ca:97:1d:57:dc:ab:8d:14:b3:4f:d3:
f6:d9:84:92:4b:c2:17:7e:22:c9:2c:43:f8:14:59:bd:2d:3b:
11:4d:c2:c9:1d:43:42:1f:30:b3:36:54:de:0a:03:87:33:44:
f8:da:e7:89:da:d2:29:5a:75:5e:52:04:58:86:7d:c0:16:75:
61:da:2c:f0:52:1c:e8:f1:c3:40:3a:22:7a:6e:52:95:fa:53:
b2:9c:48:99:78:64:ed:7b:89:0b:9f:4f:aa:5a:26:73:e6:c3:
71:29:0a:a8:39:43:9b:45:0b:1c:e6:16:77:25:44:7c:83:ed:
cd:2c:51:d2:a7:be:f8:ff:88:8c:d1:7e:88:de:29:e6:5c:7c:
f3:e2:d4:3d:b0:6c:dd:c7:aa:b5:48:d6:3a:a9:18:78:a8:a0:
78:8f:0a:1b:b7:2a:33:58:ff:b5:2f:e7:ce:b3:c2:4c:0b:8d:
6d:6a:50:a5:eb:5f:50:bb:0d:51:d1:4a:8b:ef:52:0b:ff:5e:
0f:e4:2f:55:68:19:82:66:98:ba:be:34:da:b7:2e:02:b0:c5:
0a:95:00:48:83:e7:44:c8:18:f6:dd:59:ba:b4:37:c6:1b:82:
16:f4:3d:96
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfvk1PuF1R5n7pK8Yc9vz00N7SkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwMDZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmOTQ1YzQ4MGE0ZWUzMzhkYjc4ZWQ1OTRkNTNlOGI3Zjc2YzQ4NjY1ZDUy
MWJkZmJkMGEyMDI3ZGI3ZmNlZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/OtmfjIElacnJI7+5BYJIZ82M2A2ADbVovC5rqAp0FShl/QiM3UFDPltuw
PWqTQBbVuyea7FPBvFOP05lo+4MUInz+R6JBziZfB+AVrZmS2r/VR7bqIJM3vymC
oN0QiwMSkuuBdwBciGGF1wZ7ghU8/qKlPW4CWYO99+SAzt/hawG6MnkuikvHrb73
PaaiPTVdVE9fah/Qg75K5X8qy98bE8SJknxnmOC3zGb1tKHtanCMOf8PBNH7LaTf
cbtpzVDe6kJB9ndVWafbaAaK4OCmP5Qme4YAj+hoqY17nufBfLI09ZmLg+e5n//U
cSF3UVlDFc/3Qp0Tl2O4ro3rOWkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHbQzL
k9+1afx5FDP8OLF66RqUAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmRkYjgxNjktYTBiYS00OTg5LWI0ODgtYTM0NDA4NWM1NmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HHA
MA0GCSqGSIb3DQEBCwUAA4IBAQCCA9N1Bntk3D6T3iiCdQYB935+TPnktTqpypcd
V9yrjRSzT9P22YSSS8IXfiLJLEP4FFm9LTsRTcLJHUNCHzCzNlTeCgOHM0T42ueJ
2tIpWnVeUgRYhn3AFnVh2izwUhzo8cNAOiJ6blKV+lOynEiZeGTte4kLn0+qWiZz
5sNxKQqoOUObRQsc5hZ3JUR8g+3NLFHSp774/4iM0X6I3inmXHzz4tQ9sGzdx6q1
SNY6qRh4qKB4jwobtyozWP+1L+fOs8JMC41talCl619Quw1R0UqL71IL/14P5C9V
aBmCZpi6vjTaty4CsMUKlQBIg+dEyBj23Vm6tDfGG4IW9D2W
-----END CERTIFICATE-----
Generated at Mon Nov 3 23:41:51 2025 by rpki-client