Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
File: 7dbe70b9-8807-4382-b0db-753dfbe69012.roa (raw, json)
Hash identifier: v11L0Q0W5JU5DGCaU7qzUooQ+cIchC9POopuE+r51ts=
Subject key identifier: 7C:5D:F5:D4:B7:48:97:71:6A:0E:95:E6:2B:5D:CA:B5:3D:F3:E7:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 485A38FE8C6D202021E018AE8722BADF202CEC90
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
Signing time: Tue 21 Oct 2025 14:31:12 +0000
ROA not before: Tue 21 Oct 2025 14:31:12 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:5a:38:fe:8c:6d:20:20:21:e0:18:ae:87:22:ba:df:20:2c:ec:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:31:12 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=acc8b0dbb24349a9e1618248e4a854e58d790032be0be3e339e991e2dcac7e03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:85:5c:0a:a4:89:d0:99:e9:9e:1b:e7:ff:af:
47:03:89:3d:64:43:13:6f:fc:89:8a:b7:0c:f1:ef:
51:e5:57:0a:46:c8:22:60:0e:d5:a0:3e:c7:73:c2:
7a:7b:6e:f4:91:2b:09:b6:3d:dd:43:f5:5d:30:c5:
a1:75:30:9a:3b:c6:a2:e5:03:d7:7d:c6:63:98:8f:
d4:76:bc:e5:3d:e9:5f:7a:73:04:20:5e:da:8c:28:
2f:0d:26:75:13:f6:5c:d2:e0:fc:ca:fa:6c:57:bc:
df:6a:2e:59:c9:ee:e5:4d:d5:d8:50:09:ed:9c:30:
a7:36:7f:0e:73:61:c5:47:2b:7b:80:80:c0:06:b9:
68:de:c1:6f:fe:b4:e6:70:4d:7d:bb:44:54:13:b3:
ad:27:71:81:d3:50:d3:81:4d:3f:0f:1b:44:56:2c:
92:7d:40:ff:f0:e9:18:42:bf:37:2a:4f:c7:41:c4:
26:65:53:6d:15:71:3a:fc:44:cd:2f:38:db:98:c7:
42:72:9b:94:46:e6:6e:28:6a:d8:0d:ce:6e:e9:8e:
33:48:3e:c7:f5:71:2d:6c:13:4d:15:c9:7c:10:c8:
5d:55:fc:12:c9:ba:ab:ca:f2:e6:eb:14:a9:6a:59:
6b:34:60:c3:aa:33:f2:97:1e:c9:41:69:89:5a:e5:
85:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:5D:F5:D4:B7:48:97:71:6A:0E:95:E6:2B:5D:CA:B5:3D:F3:E7:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/37
Signature Algorithm: sha256WithRSAEncryption
0c:a0:70:d8:ae:38:42:eb:29:9f:6c:b7:9f:96:30:7c:aa:ca:
a1:9c:67:dc:56:0e:9d:14:ab:6d:7e:4b:f0:c4:e8:1c:e4:7f:
50:e9:5b:d6:76:9f:41:b7:b9:d3:68:88:8c:b0:11:03:67:79:
12:40:40:e2:6b:80:e6:e3:9b:77:66:c9:bb:c2:79:5a:53:33:
14:3a:19:0a:34:5c:aa:da:57:ed:30:8c:80:26:09:de:21:6a:
bb:1b:41:56:74:28:e7:89:1e:60:50:f0:50:c1:37:60:65:0d:
0e:97:13:45:92:53:24:23:ce:ba:2e:ce:9c:70:96:07:08:18:
29:bd:fd:f2:10:3f:77:82:10:8a:d2:5b:5f:90:e7:b7:19:54:
16:0f:1c:ff:4e:84:54:c1:b4:0a:bf:0b:a6:cb:01:45:b8:a2:
85:77:77:5b:69:ce:84:f5:4e:05:d2:a4:47:79:5f:a9:24:2e:
53:23:a9:73:5d:6e:24:ae:3c:c6:25:02:1a:71:53:fe:6f:13:
7c:5f:08:83:aa:4c:ef:c5:99:80:2e:3e:83:5f:5a:59:e4:2c:
53:71:99:66:7f:fd:95:c8:b8:5d:c0:3c:4b:e0:a6:23:8f:d3:
34:68:98:d2:48:62:8d:2a:3d:c1:bc:dc:45:08:85:bd:ef:4e:
9a:5a:ae:40
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSFo4/oxtICAh4BiuhyK63yAs7JAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMxMTJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjYzhiMGRiYjI0MzQ5YTllMTYxODI0OGU0YTg1NGU1OGQ3OTAwMzJiZTBi
ZTNlMzM5ZTk5MWUyZGNhYzdlMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO2FXAqkidCZ6Z4b5/+vRwOJPWRDE2/8iYq3DPHvUeVXCkbIImAO1aA+x3PC
entu9JErCbY93UP1XTDFoXUwmjvGouUD133GY5iP1Ha85T3pX3pzBCBe2owoLw0m
dRP2XNLg/Mr6bFe832ouWcnu5U3V2FAJ7ZwwpzZ/DnNhxUcre4CAwAa5aN7Bb/60
5nBNfbtEVBOzrSdxgdNQ04FNPw8bRFYskn1A//DpGEK/NypPx0HEJmVTbRVxOvxE
zS8425jHQnKblEbmbihq2A3ObumOM0g+x/VxLWwTTRXJfBDIXVX8Esm6q8ry5usU
qWpZazRgw6oz8pceyUFpiVrlhdcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR8XfXU
t0iXcWoOleYrXcq1PfPnDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RiZTcwYjktODgwNy00MzgyLWIwZGItNzUzZGZiZTY5MDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQAMoHDYrjhC6ymfbLefljB8qsqhnGfcVg6dFKtt
fkvwxOgc5H9Q6VvWdp9Bt7nTaIiMsBEDZ3kSQEDia4Dm45t3Zsm7wnlaUzMUOhkK
NFyq2lftMIyAJgneIWq7G0FWdCjniR5gUPBQwTdgZQ0OlxNFklMkI866Ls6ccJYH
CBgpvf3yED93ghCK0ltfkOe3GVQWDxz/ToRUwbQKvwumywFFuKKFd3dbac6E9U4F
0qRHeV+pJC5TI6lzXW4krjzGJQIacVP+bxN8XwiDqkzvxZmALj6DX1pZ5CxTcZlm
f/2VyLhdwDxL4KYjj9M0aJjSSGKNKj3BvNxFCIW9706aWq5A
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:12:00 2025 by rpki-client