Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
File: 76a60505-d74d-4741-a42e-97a09bb6b2a1.roa (raw, json)
Hash identifier: dx+HE7Id0GtRUaKHpWJvfe0ff4ExWOZrUHACb0FJYqw=
Subject key identifier: 6B:D0:D3:33:6E:95:98:64:89:2C:95:B2:69:2F:F3:AF:E7:3F:BF:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7330BC9DDEA2AA569B924C096FEF30F0EAB7E4C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
Signing time: Tue 21 Oct 2025 14:10:39 +0000
ROA not before: Tue 21 Oct 2025 14:10:39 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:30:bc:9d:de:a2:aa:56:9b:92:4c:09:6f:ef:30:f0:ea:b7:e4:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:10:39 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=eb3dfafac88426d53d2e06df8de9310b253da991c3d4dfab1e66e44229bfb28e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d5:53:25:e7:16:23:0e:02:cd:33:76:d4:6f:
37:33:2d:fe:e0:84:c1:b1:0e:8a:0a:e0:bd:2c:1a:
e5:9b:18:de:8f:92:3b:93:3b:ce:a5:dd:51:2c:5f:
f4:2a:a3:18:29:e5:52:b6:04:67:28:ed:90:02:83:
5e:1b:3d:6b:28:d1:c5:f7:88:86:bf:5c:9e:29:e6:
9e:68:e0:47:3f:c5:59:e9:1e:c3:0e:5d:7f:a2:db:
ae:32:02:bb:dc:59:4f:97:88:62:88:e8:39:78:35:
23:ad:3b:6a:47:04:3d:7a:fb:4c:fa:ad:44:d2:d1:
9b:63:0e:0c:28:ff:a1:e5:89:82:d9:3d:32:01:29:
31:40:de:90:c5:fe:12:3f:65:9f:c7:a6:a0:a6:fc:
12:37:8b:50:75:35:a5:8d:d4:a2:9b:21:7b:c1:b7:
9f:7c:e1:52:3b:63:4f:1b:65:77:6c:fe:25:93:44:
58:d2:35:cf:cd:9a:af:bb:89:32:35:ce:71:d7:c0:
77:0e:0f:93:05:d4:6a:8f:f3:ca:4c:5d:b9:d7:85:
2e:99:c3:e5:1f:c7:6c:04:5c:e1:23:95:eb:0a:0e:
42:c8:f7:40:ed:b4:c9:4e:b9:7a:53:82:69:f2:f1:
14:41:46:97:43:97:a3:50:28:97:4f:b7:b1:f2:58:
89:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D0:D3:33:6E:95:98:64:89:2C:95:B2:69:2F:F3:AF:E7:3F:BF:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8080::/48
Signature Algorithm: sha256WithRSAEncryption
03:51:1f:c0:1a:b3:78:55:c3:fd:25:1e:23:4d:90:d3:b5:f2:
b9:1e:31:c8:2e:58:79:d0:ae:75:b7:16:3a:5b:27:69:f6:72:
60:8b:9d:6d:02:d1:8d:5d:84:47:04:cb:d7:ce:06:2c:e4:47:
8d:50:0b:a1:f4:a5:22:33:48:91:34:b5:a6:23:d1:66:fb:31:
75:af:68:3d:a5:0a:2a:9a:a3:59:39:0f:ea:ba:7a:a7:3d:dd:
04:89:8e:51:df:2f:c4:9d:6c:48:c6:7a:91:d7:43:8a:ab:57:
8d:fb:15:b1:f9:be:ab:ca:06:78:7a:e9:9c:01:38:f0:88:6c:
aa:cd:00:48:71:75:8a:f8:e3:81:2c:bd:e3:36:e5:c2:cb:54:
81:37:7c:9f:1a:fd:56:02:20:3e:29:ce:66:4e:76:2a:58:9e:
7d:6c:53:ee:eb:c8:9e:7f:72:53:7a:aa:07:11:a7:3b:be:1e:
19:8f:fd:3c:9b:86:3d:a1:5e:cf:8a:8b:ad:87:5a:99:44:62:
d3:44:13:74:e8:4f:3f:58:ea:f0:7b:a2:f8:07:d8:2a:bb:c3:
62:82:48:92:9e:b5:bf:51:c7:54:bb:e1:11:2a:a0:1a:20:31:
51:70:83:7c:ac:53:ff:57:52:4d:3f:87:31:41:70:33:28:42:
f6:e3:01:6c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUczC8nd6iqlabkkwJb+8w8Oq35MgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDEwMzlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGViM2RmYWZhYzg4NDI2ZDUzZDJlMDZkZjhkZTkzMTBiMjUzZGE5OTFjM2Q0
ZGZhYjFlNjZlNDQyMjliZmIyOGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIzVUyXnFiMOAs0zdtRvNzMt/uCEwbEOigrgvSwa5ZsY3o+SO5M7zqXdUSxf
9CqjGCnlUrYEZyjtkAKDXhs9ayjRxfeIhr9cninmnmjgRz/FWekeww5df6LbrjIC
u9xZT5eIYojoOXg1I607akcEPXr7TPqtRNLRm2MODCj/oeWJgtk9MgEpMUDekMX+
Ej9ln8emoKb8EjeLUHU1pY3Uopshe8G3n3zhUjtjTxtld2z+JZNEWNI1z82ar7uJ
MjXOcdfAdw4PkwXUao/zykxdudeFLpnD5R/HbARc4SOV6woOQsj3QO20yU65elOC
afLxFEFGl0OXo1Aol0+3sfJYiZcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRr0NMz
bpWYZIkslbJpL/Ov5z+/zjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzZhNjA1MDUtZDc0ZC00NzQxLWE0MmUtOTdhMDliYjZiMmExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
gDANBgkqhkiG9w0BAQsFAAOCAQEAA1EfwBqzeFXD/SUeI02Q07XyuR4xyC5YedCu
dbcWOlsnafZyYIudbQLRjV2ERwTL184GLORHjVALofSlIjNIkTS1piPRZvsxda9o
PaUKKpqjWTkP6rp6pz3dBImOUd8vxJ1sSMZ6kddDiqtXjfsVsfm+q8oGeHrpnAE4
8Ihsqs0ASHF1ivjjgSy94zblwstUgTd8nxr9VgIgPinOZk52KliefWxT7uvInn9y
U3qqBxGnO74eGY/9PJuGPaFez4qLrYdamURi00QTdOhPP1jq8Hui+AfYKrvDYoJI
kp61v1HHVLvhESqgGiAxUXCDfKxT/1dSTT+HMUFwMyhC9uMBbA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:11 2025 by rpki-client