Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
File: 96632b04-b91d-4e29-8e82-14fddf17bed9.roa (raw, json)
Hash identifier: MWCXPadzk8u2DCLL8txoslTAT+jbO76s76m5RIFAdVw=
Subject key identifier: 63:BB:F4:9C:13:F3:D0:D6:87:65:E3:C0:0B:9A:A7:61:14:71:C1:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C7DB53845CCF48C218160AEDADB0A7FAA12AFD9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
Signing time: Tue 21 Oct 2025 14:30:18 +0000
ROA not before: Tue 21 Oct 2025 14:30:18 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:7d:b5:38:45:cc:f4:8c:21:81:60:ae:da:db:0a:7f:aa:12:af:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:30:18 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=feb4de54759b4043394ea5d39689bc0497201a2f5cbd68e1549ae8adc8be0597, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7f:3c:78:c1:ff:4f:d3:bb:46:1b:28:d6:ec:
ef:ba:62:77:5c:c9:7c:38:5a:7f:50:c2:20:76:be:
fa:b5:ad:8f:e8:e5:7a:b3:87:b6:df:51:69:1a:dc:
0f:90:04:0c:86:d3:59:12:29:5a:0b:2c:ed:04:05:
f1:42:22:64:86:92:65:40:b4:ac:5f:0d:3d:59:e3:
d3:22:44:9a:4b:4d:b0:86:ce:79:aa:73:9c:c6:c7:
a4:26:54:8a:f5:91:02:e5:28:02:c7:58:d9:f3:d4:
30:ff:d5:d9:96:20:f0:66:a9:ca:e5:0a:25:8f:34:
87:c4:8f:81:4b:15:c8:d9:bb:9d:d2:db:cb:57:e6:
7b:97:92:ce:a9:50:00:c2:81:bd:c9:6a:6b:6b:b4:
7a:9d:09:15:72:11:cc:6b:34:73:63:43:1d:1a:75:
92:ef:72:b6:40:46:7e:b2:71:d0:cb:ff:22:3c:f2:
e5:bb:65:01:d1:0e:ef:1b:39:31:6a:e7:41:fd:2e:
4b:69:09:88:2c:2e:99:b2:de:a1:74:60:10:d7:5a:
bf:c9:83:9c:a5:89:00:d8:d6:77:88:bb:33:e5:68:
87:dd:10:0a:f5:2d:74:7e:b0:1d:e6:61:f2:43:f0:
bc:b2:8e:ed:be:c6:6d:40:d8:5f:d8:75:c6:46:06:
4e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:BB:F4:9C:13:F3:D0:D6:87:65:E3:C0:0B:9A:A7:61:14:71:C1:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8060::/48
Signature Algorithm: sha256WithRSAEncryption
0f:00:ea:52:5e:eb:b9:c3:25:69:8b:70:27:5c:23:e7:98:4c:
7b:13:61:09:2c:b1:65:40:f4:4d:73:4b:a5:7d:f2:c5:24:67:
d4:33:0e:64:86:7e:73:57:2e:ee:2d:c3:8d:33:cc:38:a9:61:
ed:f9:fc:bf:b0:39:59:31:20:b4:c8:f5:5f:ea:bf:f4:26:8d:
fd:ee:09:ed:c9:9c:a3:e9:9c:d3:87:2d:56:79:7e:1d:ba:59:
13:5e:8c:81:b5:37:18:f6:a9:ee:bf:9d:c0:53:d3:b7:4e:0c:
ac:a8:0e:41:51:d0:d9:33:f2:a6:6f:2f:83:00:f3:2f:5c:19:
42:06:8b:c9:a7:8c:89:e9:33:81:cd:72:c1:88:5b:3d:22:20:
49:08:0c:3d:26:99:f5:a0:21:02:57:51:e8:16:8f:91:65:25:
e6:fc:60:fb:99:55:8c:21:d1:a3:a5:c6:0f:9b:af:0e:f5:18:
59:c7:ce:1c:0c:0a:c0:18:d0:e2:a6:b1:ff:d2:b5:50:d3:c1:
f1:8b:df:82:14:ca:3c:78:60:b9:71:f5:80:23:b7:89:cd:f0:
28:7f:8c:60:ab:23:ab:29:5a:f2:dc:10:4b:2d:03:bf:3d:d4:
0b:4b:49:51:27:a0:9e:aa:53:38:3b:a3:6c:64:65:b2:97:ac:
9f:f4:fc:41
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfH21OEXM9IwhgWCu2tsKf6oSr9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMwMThaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlYjRkZTU0NzU5YjQwNDMzOTRlYTVkMzk2ODliYzA0OTcyMDFhMmY1Y2Jk
NjhlMTU0OWFlOGFkYzhiZTA1OTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALh/PHjB/0/Tu0YbKNbs77pid1zJfDhaf1DCIHa++rWtj+jlerOHtt9RaRrc
D5AEDIbTWRIpWgss7QQF8UIiZIaSZUC0rF8NPVnj0yJEmktNsIbOeapznMbHpCZU
ivWRAuUoAsdY2fPUMP/V2ZYg8GapyuUKJY80h8SPgUsVyNm7ndLby1fme5eSzqlQ
AMKBvclqa2u0ep0JFXIRzGs0c2NDHRp1ku9ytkBGfrJx0Mv/Ijzy5btlAdEO7xs5
MWrnQf0uS2kJiCwumbLeoXRgENdav8mDnKWJANjWd4i7M+Voh90QCvUtdH6wHeZh
8kPwvLKO7b7GbUDYX9h1xkYGTvECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRju/Sc
E/PQ1odl48ALmqdhFHHBRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY2MzJiMDQtYjkxZC00ZTI5LThlODItMTRmZGRmMTdiZWQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
YDANBgkqhkiG9w0BAQsFAAOCAQEADwDqUl7rucMlaYtwJ1wj55hMexNhCSyxZUD0
TXNLpX3yxSRn1DMOZIZ+c1cu7i3DjTPMOKlh7fn8v7A5WTEgtMj1X+q/9CaN/e4J
7cmco+mc04ctVnl+HbpZE16MgbU3GPap7r+dwFPTt04MrKgOQVHQ2TPypm8vgwDz
L1wZQgaLyaeMiekzgc1ywYhbPSIgSQgMPSaZ9aAhAldR6BaPkWUl5vxg+5lVjCHR
o6XGD5uvDvUYWcfOHAwKwBjQ4qax/9K1UNPB8YvfghTKPHhguXH1gCO3ic3wKH+M
YKsjqyla8twQSy0Dvz3UC0tJUSegnqpTODujbGRlspesn/T8QQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:59 2025 by rpki-client