Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
File: 7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa (raw, json)
Hash identifier: /nHJ9qpP88ja5fgOJT7DEHSGZXKRKveqb5wJ27lUjfU=
Subject key identifier: 07:0C:6E:4C:2D:BB:1B:A3:1B:A7:3F:DF:FB:13:11:28:90:4F:B2:45
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C69D1F60C32C7AA606F4ABF264EEAA936BF81F3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
Signing time: Tue 21 Oct 2025 13:31:03 +0000
ROA not before: Tue 21 Oct 2025 13:31:03 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:69:d1:f6:0c:32:c7:aa:60:6f:4a:bf:26:4e:ea:a9:36:bf:81:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:31:03 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=4b85f9d8614194acfdec9a765fa75259373c839dc547f019a64a9aeb9fcde7d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:58:86:5c:5d:c7:6e:3a:90:c1:32:97:ea:50:
a0:da:48:ff:37:55:f2:f2:79:82:76:9f:7a:3e:fd:
8a:6e:7a:fa:9e:a6:57:5f:e4:1a:da:e4:56:16:99:
71:8d:67:15:2e:a7:1e:7d:7e:a6:ea:23:9d:d5:c8:
ef:37:d8:b5:8e:e2:f2:f8:cc:cd:4a:63:24:a5:1f:
41:76:75:a8:ad:dd:4a:f9:9b:3c:37:a8:8a:3e:56:
e4:f0:8b:dc:8f:e6:34:31:01:51:88:f2:df:05:d0:
35:87:9e:d9:a1:37:ca:f0:05:e1:ec:0d:d9:80:ff:
a5:3c:66:33:60:75:d2:e9:ef:e9:60:92:dc:b0:80:
d7:33:5c:53:9c:b5:87:99:fa:9a:d0:91:83:d8:6d:
cc:0f:66:75:53:49:ca:61:6c:19:23:16:07:17:8c:
58:ef:69:90:0f:fd:f5:be:10:9c:05:d5:5d:a3:49:
5f:74:e2:1f:f2:22:48:f1:96:ad:74:32:2f:d8:c0:
fa:48:14:56:d0:ac:0b:c2:ae:47:71:13:16:a8:e2:
c3:8e:c5:87:ea:59:f4:df:24:36:dc:cc:2d:82:d0:
09:cd:85:07:17:de:36:ef:cb:b2:6c:15:ea:e0:d6:
69:9a:cd:2a:f6:4f:65:a0:72:5c:29:08:d1:d9:53:
b0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:0C:6E:4C:2D:BB:1B:A3:1B:A7:3F:DF:FB:13:11:28:90:4F:B2:45
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038::/32
Signature Algorithm: sha256WithRSAEncryption
45:14:9a:b2:d2:cb:ec:fb:4f:bf:d4:87:1f:5b:2b:46:39:26:
d2:75:b4:a8:e5:22:df:c5:cc:f7:11:b7:38:44:5e:b1:64:cc:
ca:0d:75:00:da:02:d8:1d:10:06:88:e2:0d:87:3e:95:4f:12:
d9:21:56:16:92:5d:4e:7f:12:be:c8:c7:25:fe:39:9e:21:2e:
7c:d1:eb:e6:a7:4b:6a:6e:3e:b5:4c:35:16:9a:de:19:7c:49:
71:02:89:8e:dc:b9:47:b0:a2:f9:10:88:0d:23:88:6b:4a:57:
5a:58:c8:4b:ca:fa:c0:a1:ec:b8:70:68:f8:9c:06:8d:27:8d:
ee:f9:63:02:52:fd:36:a2:74:74:bc:7a:2f:75:d7:5d:93:6d:
83:13:39:26:bc:01:f0:8c:fb:47:2c:36:f3:19:10:30:49:e6:
7b:26:18:5d:d4:35:bc:68:99:df:55:10:96:12:b8:21:9c:04:
76:c3:0d:bd:ff:eb:2b:71:aa:14:24:5d:38:0b:7b:fc:01:45:
4c:8d:ac:fa:9c:0e:06:04:98:27:87:de:4a:c3:c9:38:57:96:
60:01:25:6e:ae:25:58:4b:af:33:34:6f:a0:14:d3:4d:1c:d4:
b1:a7:6a:dd:5b:a0:d6:1a:d9:74:2c:d4:49:20:2b:f2:c3:be:
51:b2:aa:71
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUfGnR9gwyx6pgb0q/Jk7qqTa/gfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMxMDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiODVmOWQ4NjE0MTk0YWNmZGVjOWE3NjVmYTc1MjU5MzczYzgzOWRjNTQ3
ZjAxOWE2NGE5YWViOWZjZGU3ZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRYhlxdx246kMEyl+pQoNpI/zdV8vJ5gnafej79im56+p6mV1/kGtrkVhaZ
cY1nFS6nHn1+puojndXI7zfYtY7i8vjMzUpjJKUfQXZ1qK3dSvmbPDeoij5W5PCL
3I/mNDEBUYjy3wXQNYee2aE3yvAF4ewN2YD/pTxmM2B10unv6WCS3LCA1zNcU5y1
h5n6mtCRg9htzA9mdVNJymFsGSMWBxeMWO9pkA/99b4QnAXVXaNJX3TiH/IiSPGW
rXQyL9jA+kgUVtCsC8KuR3ETFqjiw47Fh+pZ9N8kNtzMLYLQCc2FBxfeNu/LsmwV
6uDWaZrNKvZPZaByXCkI0dlTsIcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQHDG5M
LbsboxunP9/7ExEokE+yRTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RjZjAxNGYtYWY4OC00YWI5LTk5NzYtNzQ2ZWQ4ZGVjMWE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Dgw
DQYJKoZIhvcNAQELBQADggEBAEUUmrLSy+z7T7/Uhx9bK0Y5JtJ1tKjlIt/FzPcR
tzhEXrFkzMoNdQDaAtgdEAaI4g2HPpVPEtkhVhaSXU5/Er7IxyX+OZ4hLnzR6+an
S2puPrVMNRaa3hl8SXECiY7cuUewovkQiA0jiGtKV1pYyEvK+sCh7LhwaPicBo0n
je75YwJS/TaidHS8ei91112TbYMTOSa8AfCM+0csNvMZEDBJ5nsmGF3UNbxomd9V
EJYSuCGcBHbDDb3/6ytxqhQkXTgLe/wBRUyNrPqcDgYEmCeH3krDyThXlmABJW6u
JVhLrzM0b6AU000c1LGnat1boNYa2XQs1EkgK/LDvlGyqnE=
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:25 2025 by rpki-client