Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
File: 9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa (raw, json)
Hash identifier: rMSiojkJm6X0ctCSux13e2DBdXoOfTdvcvh+lYz+tJM=
Subject key identifier: A7:13:6E:70:34:87:64:57:08:01:32:40:54:0A:2F:68:DD:5E:2A:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 217D7E649D0915857ECDF6320D4F6AAB1EA63254
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
Signing time: Tue 21 Oct 2025 13:30:39 +0000
ROA not before: Tue 21 Oct 2025 13:30:39 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:7d:7e:64:9d:09:15:85:7e:cd:f6:32:0d:4f:6a:ab:1e:a6:32:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:30:39 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=90b4e215ffb5364a4ce03d51c034b20c5b7a03528a60b8b8219626646638cef0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1e:f7:1b:8b:83:86:75:6d:83:3e:bc:d3:15:
6f:a5:42:bd:5f:1d:8f:91:35:cd:62:86:9d:b5:98:
1c:0a:12:af:4e:99:9b:a7:91:7c:28:3a:97:9b:00:
f3:a5:b9:09:fd:10:78:b3:c6:78:e6:23:74:16:e3:
ee:25:b3:ae:39:ea:01:c8:86:ec:58:1a:fd:6d:c8:
7c:53:d3:6b:46:15:ed:b1:b7:d8:65:ed:39:91:e9:
b8:93:e4:36:80:8b:e4:5c:8c:cd:d4:20:ea:b3:48:
fe:5a:2f:04:f4:e9:8f:a8:8e:14:b4:d6:90:fc:20:
02:43:b7:d5:85:1b:22:8b:fb:67:b8:7f:de:b6:18:
65:fe:8c:8c:18:7d:c7:0e:d2:fc:b6:a8:e3:51:ae:
18:f6:65:9e:6f:01:d9:b7:65:84:9c:0c:96:54:2d:
4f:8c:52:54:a9:bd:fa:be:58:c1:02:50:17:72:32:
59:65:26:ca:c9:f6:8a:bb:c2:08:08:d3:c8:e3:36:
90:d1:f0:21:bc:55:40:41:00:99:ef:38:33:58:11:
83:c7:7e:61:9e:09:32:cb:e6:fe:92:6b:fe:58:7c:
f8:ba:23:50:88:80:bf:0f:c5:19:ce:be:a8:82:88:
a4:16:e7:3a:4e:8f:fb:42:a3:07:a1:40:4e:5a:c4:
6b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:13:6E:70:34:87:64:57:08:01:32:40:54:0A:2F:68:DD:5E:2A:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a000::/40
Signature Algorithm: sha256WithRSAEncryption
56:41:29:74:41:5b:38:f8:e1:14:23:ec:ac:ce:b6:88:ec:36:
26:63:9e:17:c4:9b:b9:0a:12:aa:27:7e:eb:eb:e3:a4:86:1f:
d3:aa:8f:bf:64:c6:a5:ef:7b:58:1e:62:65:fa:b1:1f:7c:ae:
6b:19:30:df:65:45:b9:ad:55:9e:8e:05:68:68:3c:c4:f3:ff:
0e:7e:b4:df:64:60:99:f5:23:0e:7b:ba:49:68:5b:6e:68:be:
b3:98:8c:76:6f:11:dc:a0:49:24:1e:12:3d:d1:f8:91:d6:f0:
7f:dc:fc:f1:ca:7f:29:a7:e2:37:be:fc:b2:f6:20:08:3a:b2:
74:31:88:11:ce:75:f5:27:d8:36:0f:47:ea:2b:90:24:09:26:
35:87:3a:5e:06:9a:c7:aa:e8:c9:e8:b4:ac:1f:9f:58:7f:1f:
e3:0b:1d:66:23:3c:50:8f:7e:34:37:1b:30:ef:d1:d9:a9:93:
bd:1d:33:a9:fb:91:ad:21:3a:ab:d7:2e:b8:75:bd:7b:9c:f0:
30:c0:42:84:3b:59:cd:9c:c7:01:d9:cb:ff:8d:0d:07:4b:b9:
ff:86:3d:47:9e:26:0e:cb:e9:d0:a0:d9:90:d8:41:5c:8e:4a:
b4:63:d2:31:7c:d1:1c:db:4e:55:1f:c6:82:75:24:fc:d3:f7:
11:ca:f0:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIX1+ZJ0JFYV+zfYyDU9qqx6mMlQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMwMzlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwYjRlMjE1ZmZiNTM2NGE0Y2UwM2Q1MWMwMzRiMjBjNWI3YTAzNTI4YTYw
YjhiODIxOTYyNjY0NjYzOGNlZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOce9xuLg4Z1bYM+vNMVb6VCvV8dj5E1zWKGnbWYHAoSr06Zm6eRfCg6l5sA
86W5Cf0QeLPGeOYjdBbj7iWzrjnqAciG7Fga/W3IfFPTa0YV7bG32GXtOZHpuJPk
NoCL5FyMzdQg6rNI/lovBPTpj6iOFLTWkPwgAkO31YUbIov7Z7h/3rYYZf6MjBh9
xw7S/Lao41GuGPZlnm8B2bdlhJwMllQtT4xSVKm9+r5YwQJQF3IyWWUmysn2irvC
CAjTyOM2kNHwIbxVQEEAme84M1gRg8d+YZ4JMsvm/pJr/lh8+LojUIiAvw/FGc6+
qIKIpBbnOk6P+0KjB6FATlrEa7cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSnE25w
NIdkVwgBMkBUCi9o3V4qZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZkOTg3ZmEtMzBlOC00MGJjLTg5YzItZDg5NzA1ZDVmYjgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACg
MA0GCSqGSIb3DQEBCwUAA4IBAQBWQSl0QVs4+OEUI+yszraI7DYmY54XxJu5ChKq
J37r6+Okhh/Tqo+/ZMal73tYHmJl+rEffK5rGTDfZUW5rVWejgVoaDzE8/8OfrTf
ZGCZ9SMOe7pJaFtuaL6zmIx2bxHcoEkkHhI90fiR1vB/3Pzxyn8pp+I3vvyy9iAI
OrJ0MYgRznX1J9g2D0fqK5AkCSY1hzpeBprHqujJ6LSsH59Yfx/jCx1mIzxQj340
Nxsw79HZqZO9HTOp+5GtITqr1y64db17nPAwwEKEO1nNnMcB2cv/jQ0HS7n/hj1H
niYOy+nQoNmQ2EFcjkq0Y9IxfNEc205VH8aCdST80/cRyvB6
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:29 2025 by rpki-client