Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
File: 7ce413ad-560d-4eb8-915b-8c6e01d97910.roa (raw, json)
Hash identifier: Zj3EI+IMZuZUuXppGGS73eJlykUb4JXeGW/x9LCJOaI=
Subject key identifier: 10:0D:8E:E4:82:11:A3:66:F3:5B:73:4A:25:D3:CA:5A:98:20:2F:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45A1C5A9BCEF53B79A5ABBAC488C090253C1081D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
Signing time: Tue 21 Oct 2025 13:31:01 +0000
ROA not before: Tue 21 Oct 2025 13:31:01 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:a1:c5:a9:bc:ef:53:b7:9a:5a:bb:ac:48:8c:09:02:53:c1:08:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:31:01 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=ee1605731a0b4ffee64d0c1073a5c1f7f1dac56a3a800c916b5367a6a01c8632, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e6:34:d0:cd:63:f2:ee:82:17:b9:6c:42:ef:
84:16:02:d2:1d:ca:59:12:81:8c:e8:86:37:41:0b:
76:83:e6:b9:67:c9:f2:d7:c6:eb:d4:b4:79:d1:30:
4f:b8:79:2e:03:e7:b1:97:6a:af:8a:d5:93:e5:24:
69:59:db:5f:dc:55:58:d6:63:9f:8b:5a:6f:5a:18:
fb:15:6e:ed:c1:31:32:f2:80:39:47:14:94:7b:13:
7c:c3:7a:fc:27:f1:32:3d:ed:42:76:ca:8d:4e:40:
94:d1:03:1f:0a:79:ba:05:bc:66:3b:df:85:7a:74:
d6:5a:f8:b6:cb:90:16:11:1d:42:7c:7a:0b:10:8f:
21:f7:67:0a:9d:0a:f6:0d:3f:9e:bf:07:83:59:b8:
77:8a:61:0b:37:b4:7d:50:b6:89:ff:d7:36:0f:02:
dd:e7:ea:ee:3a:d9:55:20:6b:1b:a1:87:96:79:00:
c6:ec:f4:6d:6a:9a:27:e8:e5:3e:8e:6a:ba:c8:0c:
f4:0a:08:35:31:0e:79:ba:9b:2d:de:67:f6:c0:2a:
e8:77:5a:d8:e2:49:19:85:33:ca:89:e9:50:6a:fa:
c8:24:dd:ba:44:63:70:49:5c:35:72:3a:84:25:0e:
dd:37:c0:00:f3:16:26:7d:60:cc:ae:21:75:e6:53:
bd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:0D:8E:E4:82:11:A3:66:F3:5B:73:4A:25:D3:CA:5A:98:20:2F:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:5000::/40
Signature Algorithm: sha256WithRSAEncryption
2e:0a:12:20:03:bc:ed:d2:3f:c8:5c:f1:10:5b:88:5d:75:09:
c4:01:fb:22:0e:db:a4:f0:be:52:5f:62:da:15:87:9b:19:fc:
2a:a1:90:14:92:51:6e:4d:a7:6d:c4:de:b9:db:38:2e:f9:19:
d2:cd:57:da:45:84:3f:2f:de:87:1b:f6:f0:61:0c:33:4f:70:
11:89:d6:60:23:99:3c:31:45:50:9f:60:1a:27:7d:e0:6f:63:
1b:91:b3:06:23:88:c4:91:8d:b5:e2:13:b7:12:a3:4a:5d:a3:
d1:96:e5:a2:47:38:5f:5e:c0:ef:59:51:18:60:1d:43:82:1d:
85:8f:56:a8:5f:fe:0c:13:27:52:a6:44:04:3b:0f:04:14:9e:
ff:6d:d7:8b:04:c5:7c:3b:5e:28:15:6d:eb:d6:19:d2:2c:35:
85:02:9e:87:99:9f:27:c0:09:a8:3b:41:c6:c0:d7:b0:24:70:
a6:ea:aa:81:a0:2e:c7:a0:2e:fc:57:d2:88:1b:e6:73:86:ec:
38:98:d0:b8:9a:40:f7:7b:5f:fd:f4:a4:a3:b8:77:02:35:e2:
5f:22:36:47:7e:0f:42:01:6d:94:94:fa:f0:b3:e9:54:d9:c2:
8b:0e:83:70:33:d5:0e:ea:f8:7b:86:0d:2e:04:4b:2d:ac:ce:
ad:28:6b:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURaHFqbzvU7eaWrusSIwJAlPBCB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMxMDFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlMTYwNTczMWEwYjRmZmVlNjRkMGMxMDczYTVjMWY3ZjFkYWM1NmEzYTgw
MGM5MTZiNTM2N2E2YTAxYzg2MzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAODmNNDNY/Lughe5bELvhBYC0h3KWRKBjOiGN0ELdoPmuWfJ8tfG69S0edEw
T7h5LgPnsZdqr4rVk+UkaVnbX9xVWNZjn4tab1oY+xVu7cExMvKAOUcUlHsTfMN6
/CfxMj3tQnbKjU5AlNEDHwp5ugW8ZjvfhXp01lr4tsuQFhEdQnx6CxCPIfdnCp0K
9g0/nr8Hg1m4d4phCze0fVC2if/XNg8C3efq7jrZVSBrG6GHlnkAxuz0bWqaJ+jl
Po5qusgM9AoINTEOebqbLd5n9sAq6Hda2OJJGYUzyonpUGr6yCTdukRjcElcNXI6
hCUO3TfAAPMWJn1gzK4hdeZTvTMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQDY7k
ghGjZvNbc0ol08pamCAvxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NlNDEzYWQtNTYwZC00ZWI4LTkxNWItOGM2ZTAxZDk3OTEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAuChIgA7zt0j/IXPEQW4hddQnEAfsiDtuk8L5S
X2LaFYebGfwqoZAUklFuTadtxN652zgu+RnSzVfaRYQ/L96HG/bwYQwzT3ARidZg
I5k8MUVQn2AaJ33gb2MbkbMGI4jEkY214hO3EqNKXaPRluWiRzhfXsDvWVEYYB1D
gh2Fj1aoX/4MEydSpkQEOw8EFJ7/bdeLBMV8O14oFW3r1hnSLDWFAp6HmZ8nwAmo
O0HGwNewJHCm6qqBoC7HoC78V9KIG+Zzhuw4mNC4mkD3e1/99KSjuHcCNeJfIjZH
fg9CAW2UlPrws+lU2cKLDoNwM9UO6vh7hg0uBEstrM6tKGus
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:30 2025 by rpki-client