Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
File: c7743543-1a04-47c2-8128-1b90de9136a9.roa (raw, json)
Hash identifier: cGlrOnezQLNRx6Mp5tLyZ6eNTaccdxwMUhZWq74Ec30=
Subject key identifier: 81:52:50:1A:E8:B7:80:79:9F:46:1C:41:8E:10:44:4E:85:26:B3:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12D187C6D1319DB24EFA8DFAAAC410A293FF3521
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
Signing time: Tue 21 Oct 2025 13:50:07 +0000
ROA not before: Tue 21 Oct 2025 13:50:07 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:d1:87:c6:d1:31:9d:b2:4e:fa:8d:fa:aa:c4:10:a2:93:ff:35:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:07 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=9941cc07e3c531b33adc9f6aa9c95134e541975d5877be18a4d19bc506c1c2ba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:73:3b:66:07:64:e9:7f:6c:8a:ff:87:90:74:
af:aa:18:2f:2c:1a:6f:0e:81:91:18:2c:80:a0:02:
74:17:09:c1:1d:44:a3:91:36:5b:f6:23:81:ea:b4:
ca:16:82:f2:86:5b:e0:65:0b:3d:4f:2c:e6:28:0b:
e0:62:ab:9d:25:d3:88:19:37:75:02:0f:c3:ee:16:
8f:3a:38:e0:8e:e8:46:94:47:53:37:72:57:f5:c9:
96:cb:99:bb:5b:0f:a2:51:9c:62:ca:d6:6f:a9:26:
03:e6:ca:b9:8e:98:74:2a:c1:3a:2f:89:45:f2:2c:
de:ef:01:a9:90:f0:1b:b9:83:f1:e6:75:72:b1:35:
84:e7:ab:85:d8:2c:0a:04:32:31:c5:5c:a1:90:ae:
e8:cb:75:bd:45:0d:0f:fd:68:d8:7c:8b:a5:dc:4d:
ce:f3:1a:2f:56:38:18:43:1b:77:6f:9b:2a:e5:94:
79:38:e0:ee:98:38:c5:1e:0d:83:b7:1b:a1:2c:2e:
06:a7:46:87:e2:71:79:0c:ba:d8:2c:2f:91:96:7b:
e2:09:2e:66:8a:66:78:98:dc:5b:b4:a3:c1:f0:79:
1b:39:be:b5:48:c7:05:41:4a:fc:cd:34:f5:8a:19:
06:28:a3:85:ef:55:11:1f:1d:94:be:e0:17:fd:65:
43:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:52:50:1A:E8:B7:80:79:9F:46:1C:41:8E:10:44:4E:85:26:B3:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8090::/48
Signature Algorithm: sha256WithRSAEncryption
70:e2:41:74:a0:bd:16:31:bc:22:5b:e9:40:82:5b:34:0e:37:
34:3d:62:af:b7:5f:4f:46:23:39:54:d7:81:66:d8:c6:17:3f:
94:a1:15:e2:54:ff:3f:09:3c:c4:bf:e6:07:9f:a4:92:2c:e3:
0d:7f:e5:bf:e4:b1:a0:7f:c1:9f:a5:44:08:4e:c1:3a:6e:e5:
c5:11:b9:ff:c6:9e:2b:f9:99:f9:74:9a:04:b6:1b:dc:56:a3:
6c:25:36:a1:af:88:b8:dd:4c:be:5e:b4:f3:38:cd:02:78:78:
f9:be:7b:b8:14:ec:15:37:f9:f2:99:fe:11:be:6a:d8:bd:21:
24:d6:8c:77:cb:80:db:99:52:b1:e3:86:9b:fe:34:31:cf:30:
9f:5d:cd:08:01:a5:4c:6c:87:53:bb:3d:52:8f:2c:1f:03:18:
03:45:cc:2b:62:e1:c7:6a:9e:9e:39:e6:22:5a:bb:25:4d:4c:
02:f8:5a:63:fd:68:84:0c:41:79:82:4d:3c:c9:5f:8f:a3:16:
31:56:4d:71:e3:a5:d0:10:53:37:2b:ec:93:31:93:bb:68:04:
ba:1f:bb:db:3c:0e:8e:ff:23:af:fb:59:75:4a:a6:e5:47:1e:
a5:54:b3:3d:44:ba:b1:1d:a0:8e:e6:67:1d:a8:45:00:93:34:
45:e2:ca:14
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEtGHxtExnbJO+o36qsQQopP/NSEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwMDdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NDFjYzA3ZTNjNTMxYjMzYWRjOWY2YWE5Yzk1MTM0ZTU0MTk3NWQ1ODc3
YmUxOGE0ZDE5YmM1MDZjMWMyYmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBzO2YHZOl/bIr/h5B0r6oYLywabw6BkRgsgKACdBcJwR1Eo5E2W/Yjgeq0
yhaC8oZb4GULPU8s5igL4GKrnSXTiBk3dQIPw+4Wjzo44I7oRpRHUzdyV/XJlsuZ
u1sPolGcYsrWb6kmA+bKuY6YdCrBOi+JRfIs3u8BqZDwG7mD8eZ1crE1hOerhdgs
CgQyMcVcoZCu6Mt1vUUND/1o2HyLpdxNzvMaL1Y4GEMbd2+bKuWUeTjg7pg4xR4N
g7cboSwuBqdGh+JxeQy62CwvkZZ74gkuZopmeJjcW7SjwfB5Gzm+tUjHBUFK/M00
9YoZBiijhe9VER8dlL7gF/1lQysCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSBUlAa
6LeAeZ9GHEGOEEROhSazxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc3NDM1NDMtMWEwNC00N2MyLTgxMjgtMWI5MGRlOTEzNmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
kDANBgkqhkiG9w0BAQsFAAOCAQEAcOJBdKC9FjG8IlvpQIJbNA43ND1ir7dfT0Yj
OVTXgWbYxhc/lKEV4lT/Pwk8xL/mB5+kkizjDX/lv+SxoH/Bn6VECE7BOm7lxRG5
/8aeK/mZ+XSaBLYb3FajbCU2oa+IuN1Mvl608zjNAnh4+b57uBTsFTf58pn+Eb5q
2L0hJNaMd8uA25lSseOGm/40Mc8wn13NCAGlTGyHU7s9Uo8sHwMYA0XMK2Lhx2qe
njnmIlq7JU1MAvhaY/1ohAxBeYJNPMlfj6MWMVZNceOl0BBTNyvskzGTu2gEuh+7
2zwOjv8jr/tZdUqm5UcepVSzPUS6sR2gjuZnHahFAJM0ReLKFA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:35 2025 by rpki-client