Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76af8472-01ad-4042-b385-078d559d94d0.roa
File: 76af8472-01ad-4042-b385-078d559d94d0.roa (raw, json)
Hash identifier: c//RhXRNV4KhHgrHXcsk78LJ5PPjUZYa4NLm071anK8=
Subject key identifier: 5D:D0:16:2D:A3:E3:07:7D:29:A6:98:EC:ED:B2:55:A4:C0:29:70:11
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 632CE8DCC55745B51E28C9E77F64E8B53934EAC6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76af8472-01ad-4042-b385-078d559d94d0.roa
Signing time: Fri 24 Oct 2025 00:20:06 +0000
ROA not before: Fri 24 Oct 2025 00:20:06 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:2c:e8:dc:c5:57:45:b5:1e:28:c9:e7:7f:64:e8:b5:39:34:ea:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:06 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=02fe1148aa7178f2257f39e0f1032154fbdc59d8059bc70c4663c0f05a1a9c1d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:44:f8:cd:09:ad:e7:a8:15:2a:b9:cf:13:03:
e2:85:7b:16:27:81:26:09:e1:20:fd:12:8d:ff:9d:
35:7b:b1:a3:4b:17:9c:73:28:95:0a:2e:04:30:f0:
45:0c:a6:b4:bf:df:01:aa:2b:b4:3e:99:7e:1c:33:
d7:0b:32:f3:77:89:ce:d3:1d:ea:27:40:1a:f5:74:
0d:0f:a7:9c:6b:07:7c:fc:a7:26:45:98:f8:ba:83:
67:ba:f0:25:5f:8f:6b:aa:2c:56:18:d9:7e:0e:02:
f3:d4:89:5d:76:f6:64:13:4d:0a:f4:2d:87:e0:8c:
9f:88:73:38:0b:dd:e6:de:4b:15:46:7c:c9:6d:1d:
6a:9e:e0:33:00:d0:9c:15:a1:bb:5e:63:c5:2b:dd:
59:d2:4e:67:4b:2e:92:13:c5:fc:c4:c4:9d:88:bc:
72:2b:48:d5:93:c2:4a:6b:e5:0c:b6:c7:8f:b1:0c:
29:47:43:9e:fd:23:be:b6:e7:b9:86:a6:bb:73:0a:
33:f0:43:78:39:e1:2c:a5:f4:e0:ce:1a:42:5f:8c:
b9:43:e8:bd:e7:bd:9b:3e:c1:8a:5e:4f:22:b9:ef:
bf:0e:ac:5f:2c:ca:64:11:ef:4f:3c:8f:05:f1:e0:
77:7d:dc:cb:ec:0c:d5:fb:73:39:68:c6:a6:6a:f2:
9e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D0:16:2D:A3:E3:07:7D:29:A6:98:EC:ED:B2:55:A4:C0:29:70:11
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76af8472-01ad-4042-b385-078d559d94d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6040::/46
Signature Algorithm: sha256WithRSAEncryption
14:55:c6:78:04:c4:0c:6f:86:bd:c5:f4:c9:40:a5:e5:c3:8c:
99:48:e9:a4:fd:57:f6:e4:e5:c2:07:05:b9:25:5f:43:16:3c:
61:7b:db:4c:89:06:28:16:5f:55:b3:44:ef:5c:cd:af:95:30:
11:d8:a1:07:e8:b7:89:fa:ca:cb:d6:4d:78:fb:30:b4:36:1b:
6f:26:42:8f:f0:80:10:68:af:b9:c4:b3:3f:6a:50:84:0d:57:
e9:19:d1:ac:7a:67:3b:74:2f:37:0a:df:fb:ec:a4:6d:ef:68:
0d:10:64:c1:45:65:13:a4:20:01:f4:9a:37:0b:5c:93:69:fc:
ac:dd:b3:a3:aa:e0:32:2e:cb:ad:57:08:b1:29:29:7b:b2:b9:
57:5a:78:63:1c:17:72:35:f9:2b:46:3e:f7:42:c2:05:df:26:
84:c4:1c:b3:68:1c:33:c3:54:ff:35:06:c6:46:a5:0d:3a:a6:
c0:49:61:0d:82:81:5d:af:4d:de:da:d8:16:69:2c:1b:d9:07:
2d:f9:2a:e7:c6:29:e4:fc:c3:4e:10:7a:74:02:3e:de:b6:10:
83:fd:ba:19:08:b6:cc:f4:d5:33:cc:a5:b7:92:6f:3e:f3:2e:
f3:d5:fc:17:5d:d6:6c:85:7f:f1:ba:7c:8e:63:75:7a:9c:8c:
cc:8e:d3:d4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYyzo3MVXRbUeKMnnf2TotTk06sYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMDZaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyZmUxMTQ4YWE3MTc4ZjIyNTdmMzllMGYxMDMyMTU0ZmJkYzU5ZDgwNTli
YzcwYzQ2NjNjMGYwNWExYTljMWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFE+M0JreeoFSq5zxMD4oV7FieBJgnhIP0Sjf+dNXuxo0sXnHMolQouBDDw
RQymtL/fAaortD6Zfhwz1wsy83eJztMd6idAGvV0DQ+nnGsHfPynJkWY+LqDZ7rw
JV+Pa6osVhjZfg4C89SJXXb2ZBNNCvQth+CMn4hzOAvd5t5LFUZ8yW0dap7gMwDQ
nBWhu15jxSvdWdJOZ0sukhPF/MTEnYi8citI1ZPCSmvlDLbHj7EMKUdDnv0jvrbn
uYamu3MKM/BDeDnhLKX04M4aQl+MuUPovee9mz7Bil5PIrnvvw6sXyzKZBHvTzyP
BfHgd33cy+wM1ftzOWjGpmrynuECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRd0BYt
o+MHfSmmmOztslWkwClwETAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzZhZjg0NzItMDFhZC00MDQyLWIzODUtMDc4ZDU1OWQ5NGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
QDANBgkqhkiG9w0BAQsFAAOCAQEAFFXGeATEDG+GvcX0yUCl5cOMmUjppP1X9uTl
wgcFuSVfQxY8YXvbTIkGKBZfVbNE71zNr5UwEdihB+i3ifrKy9ZNePswtDYbbyZC
j/CAEGivucSzP2pQhA1X6RnRrHpnO3QvNwrf++ykbe9oDRBkwUVlE6QgAfSaNwtc
k2n8rN2zo6rgMi7LrVcIsSkpe7K5V1p4YxwXcjX5K0Y+90LCBd8mhMQcs2gcM8NU
/zUGxkalDTqmwElhDYKBXa9N3trYFmksG9kHLfkq58Yp5PzDThB6dAI+3rYQg/26
GQi2zPTVM8ylt5JvPvMu89X8F13WbIV/8bp8jmN1epyMzI7T1A==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:15 2025 by rpki-client