Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7037317e-bcf9-40f3-b066-0973d33451f2.roa
File: 7037317e-bcf9-40f3-b066-0973d33451f2.roa (raw, json)
Hash identifier: yMI53UF1IAtPABq/mKiH2cT6tbysAhkw4A6NYOPQ+Ds=
Subject key identifier: 79:28:CC:72:B8:E1:FE:67:BF:F0:EF:00:8E:A9:61:43:10:E4:05:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02C3E43A14A3A66D21A01D5D596028B12661D7E4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7037317e-bcf9-40f3-b066-0973d33451f2.roa
Signing time: Fri 26 Sep 2025 19:41:27 +0000
ROA not before: Fri 26 Sep 2025 19:41:27 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Oct 2025 09:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:c3:e4:3a:14:a3:a6:6d:21:a0:1d:5d:59:60:28:b1:26:61:d7:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:41:27 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=78d5661db3da50ec0389265dbec5c3d78a5b026e7d54dbc97724801e08b62225, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f6:ed:62:6c:f6:0c:06:5e:5d:c9:af:af:30:
1f:ab:41:38:c9:5f:02:dd:f9:e7:a4:92:55:b8:5c:
e9:c1:15:06:44:c3:54:85:df:33:9b:a0:58:2d:97:
86:51:62:9d:de:f0:4e:bd:4e:56:5f:90:c4:9d:3d:
f4:4f:5f:13:95:6a:8f:ea:80:cb:83:87:8e:00:4f:
0c:54:48:e2:85:13:2e:72:54:b5:21:f5:b3:39:f1:
ee:3f:33:b4:e0:99:26:93:0f:e7:2e:87:71:fd:5a:
64:4d:33:95:cc:3d:05:25:8f:1b:91:cc:0d:27:5f:
11:fe:9e:d4:73:dc:ab:b0:2f:06:a9:76:be:d3:8c:
b9:b4:c4:a3:a4:7d:3c:66:90:05:cd:ef:19:90:2d:
da:d1:1d:f5:20:9f:8a:84:d8:1f:7e:19:a5:6f:3e:
8b:f6:33:de:cd:c3:05:c9:64:2b:7b:90:29:41:3d:
41:9a:61:49:07:de:e4:54:2c:70:50:1f:89:1e:de:
f9:80:e5:3a:70:42:eb:6d:ba:59:1a:7c:f6:af:16:
9e:09:16:28:5a:d9:db:2e:c5:fd:d4:db:df:7c:b5:
b1:9a:5a:00:be:29:a2:2e:03:a3:55:1f:91:e7:ca:
e0:f0:49:20:19:a1:c4:8c:0d:0c:19:b0:e1:0f:93:
f9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:28:CC:72:B8:E1:FE:67:BF:F0:EF:00:8E:A9:61:43:10:E4:05:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7037317e-bcf9-40f3-b066-0973d33451f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:9000::/40
Signature Algorithm: sha256WithRSAEncryption
9b:c1:85:c1:c4:7d:48:b9:01:fb:ff:f7:d1:cd:f5:f7:40:72:
92:b0:d1:fd:1c:fa:6b:08:e6:a3:3f:da:80:b0:a6:7c:c0:cb:
34:a7:ce:e8:88:5e:75:7f:b2:d7:f9:f8:80:05:53:0a:66:53:
50:9c:a1:69:70:b7:30:9f:a1:15:6f:ff:7f:d3:a2:c0:29:fc:
fa:da:20:65:ad:cf:c5:fd:9e:57:11:85:7c:73:f9:82:59:96:
2a:23:be:b7:ac:04:8a:39:b0:92:04:4e:d6:a5:b9:63:14:69:
8a:90:91:fb:46:4f:54:f6:9b:80:03:3d:a6:6b:b6:5c:a7:ae:
f8:a0:54:ea:46:3a:82:7d:73:4d:14:c6:45:fc:5d:c8:5e:c0:
70:bb:ca:bc:4d:17:c1:5c:1b:90:2f:6e:dd:66:e9:46:be:ff:
fe:b7:0a:8c:75:f1:22:ef:0b:7a:d0:b9:90:a6:eb:8e:54:c7:
b1:ce:4b:96:98:96:06:b6:c1:c0:00:d7:05:24:52:f5:fe:ea:
da:64:27:b4:f2:8e:6d:5a:39:cc:a3:f8:92:cd:49:ab:a5:c0:
ec:82:27:96:dc:c3:41:e2:29:60:53:a0:a9:5d:70:96:cb:3c:
f7:6a:6c:c0:be:60:f8:55:00:c8:07:b2:48:79:96:04:a4:35:
62:f0:7e:7e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAsPkOhSjpm0hoB1dWWAosSZh1+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQxMjdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4ZDU2NjFkYjNkYTUwZWMwMzg5MjY1ZGJlYzVjM2Q3OGE1YjAyNmU3ZDU0
ZGJjOTc3MjQ4MDFlMDhiNjIyMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK327WJs9gwGXl3Jr68wH6tBOMlfAt3556SSVbhc6cEVBkTDVIXfM5ugWC2X
hlFind7wTr1OVl+QxJ099E9fE5Vqj+qAy4OHjgBPDFRI4oUTLnJUtSH1sznx7j8z
tOCZJpMP5y6Hcf1aZE0zlcw9BSWPG5HMDSdfEf6e1HPcq7AvBql2vtOMubTEo6R9
PGaQBc3vGZAt2tEd9SCfioTYH34ZpW8+i/Yz3s3DBclkK3uQKUE9QZphSQfe5FQs
cFAfiR7e+YDlOnBC6226WRp89q8WngkWKFrZ2y7F/dTb33y1sZpaAL4poi4Do1Uf
kefK4PBJIBmhxIwNDBmw4Q+T+fcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR5KMxy
uOH+Z7/w7wCOqWFDEOQFRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzAzNzMxN2UtYmNmOS00MGYzLWIwNjYtMDk3M2QzMzQ1MWYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCbwYXBxH1IuQH7//fRzfX3QHKSsNH9HPprCOaj
P9qAsKZ8wMs0p87oiF51f7LX+fiABVMKZlNQnKFpcLcwn6EVb/9/06LAKfz62iBl
rc/F/Z5XEYV8c/mCWZYqI763rASKObCSBE7WpbljFGmKkJH7Rk9U9puAAz2ma7Zc
p674oFTqRjqCfXNNFMZF/F3IXsBwu8q8TRfBXBuQL27dZulGvv/+twqMdfEi7wt6
0LmQpuuOVMexzkuWmJYGtsHAANcFJFL1/uraZCe08o5tWjnMo/iSzUmrpcDsgieW
3MNB4ilgU6CpXXCWyzz3amzAvmD4VQDIB7JIeZYEpDVi8H5+
-----END CERTIFICATE-----
Generated at Fri Oct 17 12:30:36 2025 by rpki-client