Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
File: d6931f13-0c44-4edc-b1b7-89dc8e035321.roa (raw, json)
Hash identifier: vNbHbkOufWpTmooaivTi2CHP3QoatTi8lkDYZSjbykY=
Subject key identifier: CC:63:EB:A0:7C:C2:82:6F:FA:A3:47:06:55:44:0D:13:FB:60:2B:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54D97A98F135CA7E984BDF72C772B9C7F917476D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
Signing time: Tue 21 Oct 2025 13:30:17 +0000
ROA not before: Tue 21 Oct 2025 13:30:17 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:d9:7a:98:f1:35:ca:7e:98:4b:df:72:c7:72:b9:c7:f9:17:47:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:30:17 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=e9eb4ff041e11ee3511865b2a0bdedd40feba30731da89b5a908686f2648d2cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:67:51:79:e2:76:9d:be:29:a0:f7:0f:7b:ed:
aa:fa:e3:92:bd:15:da:15:f9:d0:af:03:8d:7e:ad:
79:3b:6e:4a:07:c2:ed:7d:2d:2a:52:5b:aa:8a:be:
39:67:26:aa:fd:9f:e5:1f:d3:45:cd:56:19:5c:5f:
8a:05:91:0a:4a:91:79:2f:ab:97:10:b0:3b:cb:4f:
be:6c:54:7f:8e:69:f9:40:50:51:5e:12:64:2f:68:
1b:22:d0:a4:5b:9c:18:b6:1d:ec:02:5d:f1:30:bf:
65:63:8f:6c:42:8c:5d:4a:f7:71:89:45:48:24:bd:
68:36:1b:58:24:4c:15:96:a3:a4:1b:61:a8:40:cd:
08:ed:1a:cb:6b:34:6b:87:f9:29:11:c2:88:b0:61:
c7:43:76:bc:02:0a:a4:08:57:19:81:be:cc:c4:73:
91:cd:18:d3:d7:83:24:75:23:99:ff:2d:ae:4f:4f:
3b:23:a7:56:e7:86:a6:eb:1c:3b:70:ab:4e:c7:fe:
e9:1b:7c:d9:fc:67:bb:3b:3c:96:de:24:c7:c7:d8:
0f:01:eb:58:15:0b:26:97:21:d5:b2:36:bc:86:26:
40:b3:01:df:fa:2b:85:2f:3e:0d:3c:1c:03:ab:6a:
b7:a3:92:36:94:04:90:0a:f6:ff:5a:a7:00:63:5d:
fd:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:63:EB:A0:7C:C2:82:6F:FA:A3:47:06:55:44:0D:13:FB:60:2B:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058::/32
Signature Algorithm: sha256WithRSAEncryption
5d:80:14:30:f5:0d:4a:b4:ed:2c:2a:46:7b:8b:bc:0a:6b:02:
f1:78:68:33:79:09:6b:e2:f8:37:9c:bb:14:43:ee:b2:3a:93:
ad:67:5f:1b:f9:e6:de:23:4c:2e:65:a3:25:02:f8:21:1d:7c:
b9:2d:ea:b6:35:1b:a6:d0:65:ed:41:79:29:25:5c:22:05:82:
d5:e2:66:24:04:47:04:9f:c7:6b:ec:76:54:82:bc:8d:1c:5c:
0d:93:70:04:84:23:19:10:cc:98:ac:a6:26:45:51:76:fc:ac:
18:15:98:f2:a0:28:5a:d2:c4:73:bb:08:f8:e1:d8:73:dc:ea:
3e:8d:22:73:36:63:6b:5a:54:c4:e1:9a:c3:60:6f:58:b0:12:
5b:e7:f6:49:d5:1a:c9:ff:17:b3:b3:99:50:31:92:71:90:5d:
19:b6:e3:52:d2:cc:36:50:16:4a:46:8b:05:c0:ec:1d:07:9e:
8a:e9:de:84:e2:c6:c2:ee:eb:c0:b7:11:61:46:5e:a5:b3:6f:
8f:6f:6a:bd:54:2d:2d:de:ea:b3:c8:ef:09:1e:00:54:80:39:
b3:0f:29:34:d6:62:db:89:f0:6e:31:c1:05:a7:45:bf:76:d8:
e4:00:83:2f:43:48:9f:e1:dc:c6:73:e5:6b:4e:7c:27:44:46:
f1:b2:70:51
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUVNl6mPE1yn6YS99yx3K5x/kXR20wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMwMTdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5ZWI0ZmYwNDFlMTFlZTM1MTE4NjViMmEwYmRlZGQ0MGZlYmEzMDczMWRh
ODliNWE5MDg2ODZmMjY0OGQyY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpnUXnidp2+KaD3D3vtqvrjkr0V2hX50K8DjX6teTtuSgfC7X0tKlJbqoq+
OWcmqv2f5R/TRc1WGVxfigWRCkqReS+rlxCwO8tPvmxUf45p+UBQUV4SZC9oGyLQ
pFucGLYd7AJd8TC/ZWOPbEKMXUr3cYlFSCS9aDYbWCRMFZajpBthqEDNCO0ay2s0
a4f5KRHCiLBhx0N2vAIKpAhXGYG+zMRzkc0Y09eDJHUjmf8trk9POyOnVueGpusc
O3CrTsf+6Rt82fxnuzs8lt4kx8fYDwHrWBULJpch1bI2vIYmQLMB3/orhS8+DTwc
A6tqt6OSNpQEkAr2/1qnAGNd/fcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTMY+ug
fMKCb/qjRwZVRA0T+2ArXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDY5MzFmMTMtMGM0NC00ZWRjLWIxYjctODlkYzhlMDM1MzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Fgw
DQYJKoZIhvcNAQELBQADggEBAF2AFDD1DUq07SwqRnuLvAprAvF4aDN5CWvi+Dec
uxRD7rI6k61nXxv55t4jTC5loyUC+CEdfLkt6rY1G6bQZe1BeSklXCIFgtXiZiQE
RwSfx2vsdlSCvI0cXA2TcASEIxkQzJispiZFUXb8rBgVmPKgKFrSxHO7CPjh2HPc
6j6NInM2Y2taVMThmsNgb1iwElvn9knVGsn/F7OzmVAxknGQXRm241LSzDZQFkpG
iwXA7B0Hnorp3oTixsLu68C3EWFGXqWzb49var1ULS3e6rPI7wkeAFSAObMPKTTW
YtuJ8G4xwQWnRb922OQAgy9DSJ/h3MZz5WtOfCdERvGycFE=
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:12:01 2025 by rpki-client