Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
File: b0fb422a-c1ce-4269-b503-2c8145fc798a.roa (raw, json)
Hash identifier: B7Ttif0uM+lSBCk4CUvKMq0tuiQk5fhhKq3KeniaK+g=
Subject key identifier: 7F:70:E1:25:D0:1D:FB:56:6B:B5:AF:6D:39:54:3A:25:82:C7:43:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F7F80E1B9BB82E54FFE2BD1C67FD8F9E2315ED9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
Signing time: Tue 21 Oct 2025 14:21:03 +0000
ROA not before: Tue 21 Oct 2025 14:21:03 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:7f:80:e1:b9:bb:82:e5:4f:fe:2b:d1:c6:7f:d8:f9:e2:31:5e:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:21:03 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=2c2396b27ccdde62f6831c61041bf3d77941f6c218427ea17f1edf27bf0a2809, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:35:99:cb:d3:62:af:65:11:87:80:62:ae:f8:
d0:ab:df:12:c1:7b:aa:f8:53:8c:d8:35:8e:94:72:
58:66:2d:41:e0:ea:7d:97:d1:6d:3c:24:60:20:aa:
01:90:ca:43:9a:57:74:38:1a:ac:64:88:c3:59:b5:
af:5d:81:1f:8c:b1:b4:21:ae:79:62:ab:3c:1d:b0:
f9:34:79:94:8a:fb:91:92:ba:e0:c8:6b:80:6a:67:
17:0a:8a:30:4f:3c:d8:63:bf:1c:54:e0:32:2b:e2:
38:e7:43:e4:93:d8:14:25:3e:37:a4:83:1a:47:65:
83:78:37:67:35:b7:f8:7a:53:f8:34:ee:e5:71:2c:
41:38:dd:36:89:03:11:95:0c:13:55:34:36:39:ec:
0b:e0:b8:ed:02:25:b7:a9:18:88:2d:6d:f4:7d:cc:
0f:18:2d:57:2e:4a:d4:21:24:bc:81:b4:0c:08:a6:
db:aa:9a:99:38:2a:97:89:98:50:e7:fb:ab:fa:20:
f3:22:b0:9d:f9:f1:94:5a:9a:7b:85:78:14:49:b9:
ba:c2:c5:86:91:07:b7:da:11:b7:fe:20:94:19:73:
35:65:8c:42:b0:ea:10:b9:b9:55:b8:3f:37:40:b6:
7d:3b:9b:f3:a1:48:d5:93:18:d5:05:7f:af:b0:2d:
46:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:70:E1:25:D0:1D:FB:56:6B:B5:AF:6D:39:54:3A:25:82:C7:43:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a020::/48
Signature Algorithm: sha256WithRSAEncryption
64:b8:79:da:f9:f5:86:c4:8b:14:77:37:6b:d6:5e:29:d4:2e:
4c:e0:8a:a4:20:81:15:cc:1b:91:8e:81:8f:f2:a8:29:7d:a5:
96:cf:61:e0:03:57:ab:75:b7:cf:3d:08:83:30:a5:95:60:12:
b8:00:8b:d5:44:3f:f8:26:2e:ce:49:01:a3:75:a7:df:c7:7e:
84:f5:c4:6c:99:1f:aa:36:f9:54:41:ef:6b:2b:75:78:46:ca:
88:f2:4b:33:33:eb:f7:62:64:6e:f0:ce:01:55:5d:71:b4:34:
58:87:a4:68:62:25:23:7c:af:5e:e2:56:6b:81:6c:e0:71:bc:
81:4c:02:6d:4f:9a:ac:1d:02:fe:c5:ab:84:2a:80:af:46:b8:
7c:74:7f:d3:9d:f1:de:9b:41:d9:34:ee:34:9f:67:db:0a:6a:
d2:cb:5a:98:bc:81:a1:73:a8:b9:d2:01:13:3a:17:17:f8:0f:
19:d2:14:38:1e:23:5b:e6:9c:96:32:11:39:2e:df:f2:ed:00:
6a:06:49:78:cc:a8:44:47:e1:16:b1:4b:1f:a2:44:fc:34:e7:
e0:5c:39:91:34:04:1c:27:66:eb:62:e1:ab:cf:b4:6a:b9:ec:
66:56:b0:03:27:3b:99:3a:5d:e8:45:ef:29:40:43:d3:ee:a4:
be:e4:8f:c5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUD3+A4bm7guVP/ivRxn/Y+eIxXtkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIxMDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjMjM5NmIyN2NjZGRlNjJmNjgzMWM2MTA0MWJmM2Q3Nzk0MWY2YzIxODQy
N2VhMTdmMWVkZjI3YmYwYTI4MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANY1mcvTYq9lEYeAYq740KvfEsF7qvhTjNg1jpRyWGYtQeDqfZfRbTwkYCCq
AZDKQ5pXdDgarGSIw1m1r12BH4yxtCGueWKrPB2w+TR5lIr7kZK64MhrgGpnFwqK
ME882GO/HFTgMiviOOdD5JPYFCU+N6SDGkdlg3g3ZzW3+HpT+DTu5XEsQTjdNokD
EZUME1U0NjnsC+C47QIlt6kYiC1t9H3MDxgtVy5K1CEkvIG0DAim26qamTgql4mY
UOf7q/og8yKwnfnxlFqae4V4FEm5usLFhpEHt9oRt/4glBlzNWWMQrDqELm5Vbg/
N0C2fTub86FI1ZMY1QV/r7AtRrECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR/cOEl
0B37Vmu1r205VDolgsdDsDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBmYjQyMmEtYzFjZS00MjY5LWI1MDMtMmM4MTQ1ZmM3OThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
IDANBgkqhkiG9w0BAQsFAAOCAQEAZLh52vn1hsSLFHc3a9ZeKdQuTOCKpCCBFcwb
kY6Bj/KoKX2lls9h4ANXq3W3zz0IgzCllWASuACL1UQ/+CYuzkkBo3Wn38d+hPXE
bJkfqjb5VEHvayt1eEbKiPJLMzPr92JkbvDOAVVdcbQ0WIekaGIlI3yvXuJWa4Fs
4HG8gUwCbU+arB0C/sWrhCqAr0a4fHR/053x3ptB2TTuNJ9n2wpq0stamLyBoXOo
udIBEzoXF/gPGdIUOB4jW+acljIROS7f8u0AagZJeMyoREfhFrFLH6JE/DTn4Fw5
kTQEHCdm62Lhq8+0arnsZlawAyc7mTpd6EXvKUBD0+6kvuSPxQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:18 2025 by rpki-client