Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
File: 7af2d4a0-df22-4933-b605-1ecbbd66f982.roa (raw, json)
Hash identifier: xLqMjWVnlNjWQyrQwLvavNCMICVCZeGfq0/4Shvvaz0=
Subject key identifier: 3C:C9:B1:96:F5:DA:6A:35:B9:F2:F2:ED:6B:77:02:88:EB:5D:06:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 513D88AB97364A7126A5512E61019CFDA9D154D9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
Signing time: Tue 21 Oct 2025 13:41:16 +0000
ROA not before: Tue 21 Oct 2025 13:41:16 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:3d:88:ab:97:36:4a:71:26:a5:51:2e:61:01:9c:fd:a9:d1:54:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:41:16 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=46729afe462bf80d5c82ffc071f3b1316c6b2617ecdd1eeafc3bedebed46671c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:31:73:9c:19:70:a0:a8:05:33:f2:75:bd:f3:
03:58:af:c0:cb:61:58:4c:8c:66:68:ce:e9:3d:5c:
9c:77:5e:c7:47:54:fc:82:ed:2e:cd:71:ea:d3:d2:
85:4c:1a:1c:4c:a8:e3:28:3d:02:20:d5:e0:f4:80:
21:29:3b:66:6f:75:c9:80:98:8f:b5:9d:49:fe:64:
ab:7c:26:ed:d5:b9:09:b8:51:b4:11:7d:c5:f4:a4:
e6:e6:06:68:f0:c7:44:56:e2:e2:84:19:2f:54:8b:
b6:85:88:52:9d:0d:31:e7:75:2a:58:be:98:97:39:
9c:54:77:2e:1b:da:73:2f:8f:28:b8:15:3d:31:81:
ac:1f:4e:ae:4b:e9:b0:5a:ac:d9:c4:28:92:31:4e:
7d:f8:90:a7:2c:2b:6d:bb:b1:49:3a:a4:a4:eb:c5:
85:91:9c:a6:f9:0e:ab:84:9b:18:60:df:59:50:7a:
f6:ba:cc:56:5d:08:b7:2f:5b:e0:a4:0c:b1:07:80:
2d:f5:f2:d4:99:2f:13:60:8e:1d:0b:64:a9:67:80:
9d:36:b8:6c:91:3c:79:34:ab:d2:bb:fa:ab:93:38:
ce:c0:ef:41:50:4e:4a:d5:ec:ea:26:aa:5d:04:4b:
80:eb:a5:0b:94:12:a1:59:92:5c:1d:6b:50:a1:91:
24:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C9:B1:96:F5:DA:6A:35:B9:F2:F2:ED:6B:77:02:88:EB:5D:06:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:c00::/38
Signature Algorithm: sha256WithRSAEncryption
07:d2:d2:21:88:5b:af:2d:dc:d5:ef:ea:3a:73:83:a5:46:6f:
46:53:52:be:b4:0e:1a:f0:56:ec:3f:84:d8:33:ac:47:92:29:
ed:22:42:f0:1c:9f:32:6c:b7:e4:36:7b:9b:05:5f:ac:62:33:
c4:95:8d:69:4b:a0:83:b2:ba:dc:16:32:a2:39:31:df:d6:90:
f6:7d:64:d2:80:47:ba:e0:49:50:0d:02:7a:d3:3a:1e:94:e2:
3f:cf:94:66:bd:e2:df:cc:c4:0e:e8:3f:e6:9a:37:15:59:ef:
7c:d5:5c:f3:47:c8:02:6a:08:46:4c:dc:cf:f9:ed:79:e4:22:
8e:a8:ea:39:8f:db:41:e8:53:0a:5e:2f:8c:17:58:0a:4c:fb:
a3:f2:7a:54:3b:a4:ba:39:43:dc:c9:b1:5e:c2:87:b3:52:7f:
2a:5d:a0:89:2f:6d:12:df:f1:96:63:99:dd:61:88:e3:2c:f8:
ab:83:7c:f6:bf:18:62:bf:54:1b:ca:d9:64:3f:83:f3:07:d6:
54:ed:1e:77:fd:b4:91:20:ff:83:f6:89:e1:39:62:65:ed:69:
8f:c7:98:8c:fa:c3:b2:a0:ee:08:27:76:93:8c:c4:af:9a:ce:
f4:f9:8f:f8:a5:da:4a:28:e8:dd:71:10:80:91:1f:74:0c:88:
90:4d:37:d5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUT2Iq5c2SnEmpVEuYQGc/anRVNkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzQxMTZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2NzI5YWZlNDYyYmY4MGQ1YzgyZmZjMDcxZjNiMTMxNmM2YjI2MTdlY2Rk
MWVlYWZjM2JlZGViZWQ0NjY3MWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALExc5wZcKCoBTPydb3zA1ivwMthWEyMZmjO6T1cnHdex0dU/ILtLs1x6tPS
hUwaHEyo4yg9AiDV4PSAISk7Zm91yYCYj7WdSf5kq3wm7dW5CbhRtBF9xfSk5uYG
aPDHRFbi4oQZL1SLtoWIUp0NMed1Kli+mJc5nFR3Lhvacy+PKLgVPTGBrB9Orkvp
sFqs2cQokjFOffiQpywrbbuxSTqkpOvFhZGcpvkOq4SbGGDfWVB69rrMVl0Ity9b
4KQMsQeALfXy1JkvE2COHQtkqWeAnTa4bJE8eTSr0rv6q5M4zsDvQVBOStXs6iaq
XQRLgOulC5QSoVmSXB1rUKGRJHsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8ybGW
9dpqNbny8u1rdwKI610GITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2FmMmQ0YTAtZGYyMi00OTMzLWI2MDUtMWVjYmJkNjZmOTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUM
MA0GCSqGSIb3DQEBCwUAA4IBAQAH0tIhiFuvLdzV7+o6c4OlRm9GU1K+tA4a8Fbs
P4TYM6xHkintIkLwHJ8ybLfkNnubBV+sYjPElY1pS6CDsrrcFjKiOTHf1pD2fWTS
gEe64ElQDQJ60zoelOI/z5RmveLfzMQO6D/mmjcVWe981VzzR8gCaghGTNzP+e15
5CKOqOo5j9tB6FMKXi+MF1gKTPuj8npUO6S6OUPcybFewoezUn8qXaCJL20S3/GW
Y5ndYYjjLPirg3z2vxhiv1QbytlkP4PzB9ZU7R53/bSRIP+D9onhOWJl7WmPx5iM
+sOyoO4IJ3aTjMSvms70+Y/4pdpKKOjdcRCAkR90DIiQTTfV
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:11 2025 by rpki-client