Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
File: 7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa (raw, json)
Hash identifier: T1Ko1Bsk2ZY1oOMJZ1u+3oINDxSmFsFPjSxPNoJwsEA=
Subject key identifier: B1:97:59:B4:87:E0:3C:70:D3:F1:CF:DF:6A:C0:D6:B2:EE:C7:1D:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54DE23859B90E34CDE7FDCF69518302ED772F246
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
Signing time: Tue 21 Oct 2025 13:20:32 +0000
ROA not before: Tue 21 Oct 2025 13:20:32 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d027::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:de:23:85:9b:90:e3:4c:de:7f:dc:f6:95:18:30:2e:d7:72:f2:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:32 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=753d40897722ee2140d8d97e1a0b1c59bcc1170ab0e9ad35387e06143620f5b8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:ae:1a:6e:7f:1b:b5:19:37:c8:79:52:30:5a:
a0:32:b0:28:1f:32:c8:58:ea:fc:c8:1e:88:60:c5:
4d:77:e5:ab:cc:ce:e2:44:0d:59:22:13:f7:5a:99:
02:02:9c:f1:b0:89:9d:25:c9:62:82:34:7f:e0:4c:
fe:b4:81:16:e2:fe:69:64:4a:54:a8:6e:54:f2:71:
02:57:42:4b:64:05:50:f9:1c:4d:bf:69:e3:a7:f1:
ac:42:cd:93:38:e9:65:5b:4a:8a:f4:dd:45:b1:b0:
20:04:d3:99:8c:bd:cf:d3:c2:02:29:5b:d6:61:31:
54:24:69:e4:01:23:1c:a1:dc:95:00:1b:04:30:d1:
56:e6:e5:0d:7e:82:65:32:2f:23:e1:64:af:68:18:
ad:69:7a:84:e3:ac:b0:83:bb:51:32:18:a8:05:3c:
80:f5:66:16:a3:d6:4e:89:2b:fb:b7:9d:e5:33:f7:
41:5c:c9:a5:e2:e6:60:9a:0e:3a:29:74:3e:5b:3b:
4c:dd:3c:0a:6b:23:cf:b9:25:b7:13:a6:3c:72:31:
4e:af:bc:1d:f3:96:be:b6:c5:dc:b7:bf:d0:e1:97:
81:27:8a:62:48:84:fe:10:f7:ed:e4:0a:ba:dc:49:
07:d7:75:57:2a:42:c9:1b:12:85:72:58:e2:68:d6:
b6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:97:59:B4:87:E0:3C:70:D3:F1:CF:DF:6A:C0:D6:B2:EE:C7:1D:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d027::/36
Signature Algorithm: sha256WithRSAEncryption
8b:42:9d:8a:be:26:75:a1:c7:bb:06:59:31:8e:f2:de:fd:4b:
4b:66:2f:9c:26:b2:d1:b7:bd:ff:07:bd:6c:a7:14:5c:e8:de:
02:b3:bf:d9:c7:09:f4:c5:7a:c8:64:67:52:ae:23:a9:85:f9:
33:ae:ff:13:4d:45:0c:ee:76:ce:bc:91:a6:bd:5b:de:d1:82:
2a:ec:db:d1:6f:10:5c:d3:a2:f8:e0:db:6c:60:f3:10:ce:6e:
33:aa:76:71:2b:a0:24:99:f2:88:03:c4:ba:76:f8:3b:2d:a6:
1a:e1:de:42:ca:e3:95:81:64:0a:e0:49:1e:87:93:e7:4e:c4:
70:eb:42:c9:fd:43:87:b9:c1:d6:de:ca:e4:14:f5:ae:f8:f3:
5a:b9:df:6a:f9:77:ea:cf:86:42:3a:b6:1c:3f:05:a2:b0:70:
ec:3d:cb:42:9d:66:d6:90:25:47:fe:67:4a:4f:ce:df:81:0e:
68:98:30:6e:18:f1:aa:38:e1:3e:be:70:e0:48:85:ae:d2:4f:
3c:13:4e:bc:9a:9f:c6:49:c3:a7:a9:aa:63:db:d5:8b:87:80:
d3:a5:b2:96:a8:3b:c6:dd:9f:07:bf:3c:4e:fb:7c:6d:73:00:
f7:09:06:8f:5d:d6:8b:46:21:ec:88:cd:49:90:18:56:6a:45:
03:2e:37:cc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVN4jhZuQ40zef9z2lRgwLtdy8kYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwMzJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1M2Q0MDg5NzcyMmVlMjE0MGQ4ZDk3ZTFhMGIxYzU5YmNjMTE3MGFiMGU5
YWQzNTM4N2UwNjE0MzYyMGY1YjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPmuGm5/G7UZN8h5UjBaoDKwKB8yyFjq/MgeiGDFTXflq8zO4kQNWSIT91qZ
AgKc8bCJnSXJYoI0f+BM/rSBFuL+aWRKVKhuVPJxAldCS2QFUPkcTb9p46fxrELN
kzjpZVtKivTdRbGwIATTmYy9z9PCAilb1mExVCRp5AEjHKHclQAbBDDRVublDX6C
ZTIvI+Fkr2gYrWl6hOOssIO7UTIYqAU8gPVmFqPWTokr+7ed5TP3QVzJpeLmYJoO
Oil0Pls7TN08Cmsjz7kltxOmPHIxTq+8HfOWvrbF3Le/0OGXgSeKYkiE/hD37eQK
utxJB9d1VypCyRsShXJY4mjWtoECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSxl1m0
h+A8cNPxz99qwNay7scd2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2JjYmY5ZjMtN2E2My00MmEyLTliNTgtNGMwYzEwZmMzNGRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CcA
MA0GCSqGSIb3DQEBCwUAA4IBAQCLQp2KviZ1oce7BlkxjvLe/UtLZi+cJrLRt73/
B71spxRc6N4Cs7/Zxwn0xXrIZGdSriOphfkzrv8TTUUM7nbOvJGmvVve0YIq7NvR
bxBc06L44NtsYPMQzm4zqnZxK6AkmfKIA8S6dvg7LaYa4d5CyuOVgWQK4Ekeh5Pn
TsRw60LJ/UOHucHW3srkFPWu+PNaud9q+Xfqz4ZCOrYcPwWisHDsPctCnWbWkCVH
/mdKT87fgQ5omDBuGPGqOOE+vnDgSIWu0k88E068mp/GScOnqapj29WLh4DTpbKW
qDvG3Z8HvzxO+3xtcwD3CQaPXdaLRiHsiM1JkBhWakUDLjfM
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:27 2025 by rpki-client