Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
File: 7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa (raw, json)
Hash identifier: WLJP4y2Oz3p7MKFp/p5i0xd7l61GSpOjNVCQ00zylFU=
Subject key identifier: F7:3A:E5:91:70:8B:51:7C:91:DB:EE:08:EC:62:F3:AF:A4:27:90:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04519AAE9B984FAF346DF5526071A73A0ACBF9B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
Signing time: Tue 21 Oct 2025 13:30:19 +0000
ROA not before: Tue 21 Oct 2025 13:30:19 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:51:9a:ae:9b:98:4f:af:34:6d:f5:52:60:71:a7:3a:0a:cb:f9:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:30:19 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=1474056652b2836667ca38705ee37c93ad2811281df71039ce7f29b636501424, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:46:a4:5f:27:cd:72:70:6d:a3:a8:c2:ec:5d:
89:89:52:de:e2:5e:c4:7f:ac:9f:57:89:af:71:87:
ae:a4:bd:e7:38:a6:fc:4b:a3:ef:23:a4:60:b6:7f:
4f:1c:5a:b0:c6:d1:df:e4:49:22:14:20:9d:c9:7d:
a1:b0:4c:27:8c:41:ba:9d:80:21:96:e6:53:26:cb:
4f:4c:cb:bf:ec:55:00:04:87:b8:59:8c:06:cd:ac:
dc:f9:30:43:1d:a2:c2:72:1b:28:4b:0c:8f:49:2c:
ec:2f:49:a8:b8:1a:34:d7:07:85:3d:cd:c8:87:f8:
55:b7:d2:3c:a0:0f:c3:ba:3e:a9:14:10:bf:0f:e1:
51:61:6c:9d:b5:80:4c:6b:37:9b:d7:d5:e4:85:a7:
62:f4:3d:a5:92:94:f9:71:16:cd:94:36:ce:e7:c9:
42:9b:82:da:1c:26:a7:63:d6:12:0b:b5:4a:2b:55:
49:27:77:db:cf:ea:82:ec:48:de:52:52:8f:b3:c1:
49:21:1a:07:85:99:b9:5e:27:86:57:a8:e1:e8:a2:
b3:0b:68:43:18:ce:74:e6:05:d4:f0:46:37:e6:d1:
f2:3e:eb:06:18:38:51:6a:2e:36:07:0c:86:d2:5a:
4c:9c:28:19:54:26:a5:e8:c3:27:c3:80:b4:28:9e:
da:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:3A:E5:91:70:8B:51:7C:91:DB:EE:08:EC:62:F3:AF:A4:27:90:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:9000::/40
Signature Algorithm: sha256WithRSAEncryption
4d:8d:65:39:58:12:e4:56:ba:1f:6f:3b:1e:72:0d:bc:6b:5b:
73:f7:d7:89:e0:a4:94:11:ec:7a:f4:4a:57:c2:0f:e3:53:e8:
63:ea:bc:76:d9:6d:c0:d2:82:d7:18:d8:63:71:96:c9:a2:75:
ec:a4:8e:ec:b0:02:76:3e:68:82:71:6b:b1:a1:ff:16:5e:da:
9a:5a:84:76:8b:c8:09:f1:cc:04:cd:60:8a:dc:58:ab:c5:08:
c3:b7:fb:ef:af:39:67:d4:b5:a9:e4:4f:ca:0b:f5:2a:fe:b1:
46:8d:ce:f5:e5:10:30:ec:e4:c0:1f:ba:31:65:0b:e2:41:9f:
68:c8:75:a8:65:6f:de:09:6f:a2:75:05:43:45:55:3e:43:0d:
a7:d5:fe:e6:e8:87:70:78:18:08:8a:8c:46:65:65:2f:d5:d5:
cc:cd:5e:74:02:75:bf:a5:7c:fb:da:a8:f3:20:9d:96:18:81:
4a:a2:e4:26:1d:ac:06:0b:95:4b:50:a2:ae:09:e8:2c:22:66:
ca:19:46:80:8a:58:92:e7:3c:4c:02:2d:14:6a:a1:a0:ac:71:
7a:df:b1:bd:a1:41:7d:bd:f3:77:b8:ba:39:4d:b2:b2:a1:b8:
66:79:29:b8:a7:0e:86:0e:6c:78:32:b2:92:f1:86:66:62:8c:
01:4e:9b:29
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBFGarpuYT680bfVSYHGnOgrL+bkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMwMTlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0NzQwNTY2NTJiMjgzNjY2N2NhMzg3MDVlZTM3YzkzYWQyODExMjgxZGY3
MTAzOWNlN2YyOWI2MzY1MDE0MjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhGpF8nzXJwbaOowuxdiYlS3uJexH+sn1eJr3GHrqS95zim/Euj7yOkYLZ/
TxxasMbR3+RJIhQgncl9obBMJ4xBup2AIZbmUybLT0zLv+xVAASHuFmMBs2s3Pkw
Qx2iwnIbKEsMj0ks7C9JqLgaNNcHhT3NyIf4VbfSPKAPw7o+qRQQvw/hUWFsnbWA
TGs3m9fV5IWnYvQ9pZKU+XEWzZQ2zufJQpuC2hwmp2PWEgu1SitVSSd328/qguxI
3lJSj7PBSSEaB4WZuV4nhleo4eiiswtoQxjOdOYF1PBGN+bR8j7rBhg4UWouNgcM
htJaTJwoGVQmpejDJ8OAtCie2scCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT3OuWR
cItRfJHb7gjsYvOvpCeQtTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2Q5NmQzYWQtMGVlNy00NjMwLTlhNDktYTBkY2MyYjcxZGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBNjWU5WBLkVrofbzsecg28a1tz99eJ4KSUEex6
9EpXwg/jU+hj6rx22W3A0oLXGNhjcZbJonXspI7ssAJ2PmiCcWuxof8WXtqaWoR2
i8gJ8cwEzWCK3FirxQjDt/vvrzln1LWp5E/KC/Uq/rFGjc715RAw7OTAH7oxZQvi
QZ9oyHWoZW/eCW+idQVDRVU+Qw2n1f7m6IdweBgIioxGZWUv1dXMzV50AnW/pXz7
2qjzIJ2WGIFKouQmHawGC5VLUKKuCegsImbKGUaAiliS5zxMAi0UaqGgrHF637G9
oUF9vfN3uLo5TbKyobhmeSm4pw6GDmx4MrKS8YZmYowBTpsp
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:12 2025 by rpki-client