Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
File: a72cbea9-100c-4974-8211-87debb0f6fbd.roa (raw, json)
Hash identifier: iaHyPI3VOFwMiyNLQWM/wLF2nNwhBL7Rnps0qqpJO5A=
Subject key identifier: 5E:5E:DD:35:04:04:C4:72:47:BB:01:F9:7B:BB:7A:14:DF:79:29:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FB008FB5962AF0B869701F9DC5820CDF4BC357C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
Signing time: Tue 21 Oct 2025 13:10:10 +0000
ROA not before: Tue 21 Oct 2025 13:10:10 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:b0:08:fb:59:62:af:0b:86:97:01:f9:dc:58:20:cd:f4:bc:35:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:10:10 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=dc0e68dbffa2f1efdc136cf63f23cfa6cd8f2cdc88a1fdede1fc427cb5300b63, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ae:b8:2d:b2:2e:2c:8e:98:a9:e3:8a:90:12:
03:01:61:ad:27:51:56:95:77:98:2b:83:51:89:48:
0d:1a:3b:06:3e:19:89:71:e4:a8:ab:56:7f:41:a9:
de:a6:9f:1b:83:9d:da:38:e0:ed:fa:32:bf:2e:2e:
cd:d2:9e:6f:6d:b2:16:a7:54:6a:4f:0d:cf:1f:d2:
dc:03:ec:cd:88:92:f5:75:42:82:4a:cb:7e:98:a3:
47:b2:8e:32:52:f3:a6:a7:25:73:95:41:29:7e:1e:
c6:5a:8c:ec:ae:29:c1:a3:02:39:02:4c:a8:ff:e2:
f5:0b:b7:cd:c5:22:f9:c3:9f:cb:bc:16:f6:0c:40:
4a:dd:1c:06:b8:67:f1:a0:72:48:1b:8c:5c:6b:5a:
1b:ed:58:e5:a9:60:32:cf:92:56:ce:36:d0:12:ec:
b7:56:df:f3:06:77:b4:1e:d6:8a:db:62:bb:99:4c:
a6:e4:33:b2:c0:b9:21:3f:19:bd:e3:d8:de:c0:ed:
79:d3:77:19:0a:ad:d5:ec:f8:73:0e:29:4d:dc:fe:
3d:56:bb:6e:d7:40:bc:36:68:07:da:50:45:a9:62:
61:db:78:cf:91:6c:5c:13:7d:f5:dc:50:bd:b3:0b:
bc:2c:55:ee:ac:ca:e7:02:13:dc:5e:c1:f9:d0:dd:
0e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:5E:DD:35:04:04:C4:72:47:BB:01:F9:7B:BB:7A:14:DF:79:29:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:8000::/40
Signature Algorithm: sha256WithRSAEncryption
14:31:7b:55:ab:6b:32:5c:14:4a:63:a2:51:a9:8d:27:d9:ef:
2b:c3:32:ca:19:7e:aa:dc:7c:ec:68:ab:6b:46:2f:e5:ff:16:
5d:27:6f:5d:2e:45:89:71:ea:17:a2:62:91:9d:b1:99:22:d6:
3d:26:e2:c6:98:b0:60:0c:77:c8:ea:0a:7a:cf:12:0f:ed:66:
6d:27:c7:13:04:a0:30:f9:4d:b1:99:e1:55:42:45:4e:64:a3:
c7:8e:15:06:0d:f9:d9:da:fe:ac:2b:28:2f:78:f6:39:e7:ed:
e5:af:e7:c8:5f:3b:30:5c:2d:ca:9d:41:f9:10:e3:ec:d7:71:
bd:0c:5f:0b:89:b0:65:d5:ba:44:0b:08:3f:a0:5c:b0:8c:8a:
f3:a3:f4:06:f0:9c:39:77:8e:5e:07:0f:1e:ff:45:60:07:15:
a6:c2:4b:d8:35:4b:52:ad:12:f7:d0:9a:91:1c:2d:f8:3c:11:
da:fc:a4:64:53:0b:09:b3:a8:76:16:4a:71:97:a1:9b:bc:47:
a9:a5:87:2f:12:19:9f:ab:2a:ad:27:76:e6:4a:2b:12:d5:94:
e8:13:38:36:c4:11:76:48:ab:fc:7a:a9:e9:43:6c:3f:38:d5:
d0:99:1d:72:78:28:dc:74:10:49:a6:80:c2:1a:a5:57:f2:ee:
37:55:31:3a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD7AI+1lirwuGlwH53FggzfS8NXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzEwMTBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjMGU2OGRiZmZhMmYxZWZkYzEzNmNmNjNmMjNjZmE2Y2Q4ZjJjZGM4OGEx
ZmRlZGUxZmM0MjdjYjUzMDBiNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+uuC2yLiyOmKnjipASAwFhrSdRVpV3mCuDUYlIDRo7Bj4ZiXHkqKtWf0Gp
3qafG4Od2jjg7foyvy4uzdKeb22yFqdUak8Nzx/S3APszYiS9XVCgkrLfpijR7KO
MlLzpqclc5VBKX4exlqM7K4pwaMCOQJMqP/i9Qu3zcUi+cOfy7wW9gxASt0cBrhn
8aBySBuMXGtaG+1Y5algMs+SVs420BLst1bf8wZ3tB7Wittiu5lMpuQzssC5IT8Z
vePY3sDtedN3GQqt1ez4cw4pTdz+PVa7btdAvDZoB9pQRaliYdt4z5FsXBN99dxQ
vbMLvCxV7qzK5wIT3F7B+dDdDokCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBReXt01
BATEcke7Afl7u3oU33kpUTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTcyY2JlYTktMTAwYy00OTc0LTgyMTEtODdkZWJiMGY2ZmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmA
MA0GCSqGSIb3DQEBCwUAA4IBAQAUMXtVq2syXBRKY6JRqY0n2e8rwzLKGX6q3Hzs
aKtrRi/l/xZdJ29dLkWJceoXomKRnbGZItY9JuLGmLBgDHfI6gp6zxIP7WZtJ8cT
BKAw+U2xmeFVQkVOZKPHjhUGDfnZ2v6sKygvePY55+3lr+fIXzswXC3KnUH5EOPs
13G9DF8LibBl1bpECwg/oFywjIrzo/QG8Jw5d45eBw8e/0VgBxWmwkvYNUtSrRL3
0JqRHC34PBHa/KRkUwsJs6h2Fkpxl6GbvEeppYcvEhmfqyqtJ3bmSisS1ZToEzg2
xBF2SKv8eqnpQ2w/ONXQmR1yeCjcdBBJpoDCGqVX8u43VTE6
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:12:01 2025 by rpki-client