Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
File: d7ff0a46-4c68-43b8-be33-3f3098623685.roa (raw, json)
Hash identifier: zPLl9zRlpZoUhnz3DEsKronLAzBUU334XjF6Aub6Aqo=
Subject key identifier: 7E:A9:E1:B2:BF:31:F6:84:62:0C:3C:11:93:C0:1D:0D:0A:77:10:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12A9CC2DD2B254172552EC1898D3EFD9ABB3EDC7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
Signing time: Tue 21 Oct 2025 13:31:01 +0000
ROA not before: Tue 21 Oct 2025 13:31:01 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:a9:cc:2d:d2:b2:54:17:25:52:ec:18:98:d3:ef:d9:ab:b3:ed:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:31:01 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=e1be65abe35b41163f6ff08ce689a8644c9dde7dfdd970e52a81d7f6ad4f292f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8e:3a:7f:07:9b:25:8a:de:44:ca:0c:6c:c1:
d6:de:99:11:6f:de:91:27:5d:b9:13:cd:a9:d9:5d:
c5:11:87:e1:45:2d:fd:d5:f6:16:8c:8f:a5:9d:d2:
79:0a:38:aa:c8:85:68:c4:ab:01:9e:44:0c:e8:76:
78:b4:a1:52:38:e9:31:f0:96:f7:f5:a8:46:df:eb:
22:a2:cd:c0:40:ad:3b:25:d6:13:1e:39:d6:c2:e3:
5e:4d:a2:95:77:92:c2:fa:7d:eb:88:90:31:05:a8:
b2:46:39:7f:ee:48:bc:4f:dd:0f:8c:e8:b2:c4:44:
f8:ba:58:70:59:d2:43:14:94:ad:96:9e:86:46:46:
8f:ba:79:b6:0a:4e:52:08:ad:89:d4:c7:51:0f:0c:
92:b3:84:59:21:e8:42:1d:2e:13:b5:4c:19:40:63:
11:0c:19:3f:33:32:33:3f:2a:a1:e4:83:12:f9:71:
58:a8:3c:30:44:85:5b:4d:90:0e:ec:ae:8c:a0:06:
5a:aa:30:1d:fe:2c:c5:51:b8:da:9d:3f:96:12:74:
a1:f1:57:28:cb:7e:f4:ab:fb:52:d1:5f:7f:e1:2e:
ab:e2:6d:ef:45:80:ba:4b:fc:28:0f:6f:26:77:9e:
68:67:af:26:cd:be:ee:19:b0:5c:5b:08:b5:11:db:
f3:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A9:E1:B2:BF:31:F6:84:62:0C:3C:11:93:C0:1D:0D:0A:77:10:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
74:5c:ec:92:63:72:22:f3:04:f8:da:9d:84:76:e0:ac:c4:1a:
c6:48:e8:53:ca:eb:59:32:9d:f3:d1:75:a2:7c:78:36:38:2b:
9c:b7:bd:2f:d5:cf:52:f2:37:0a:46:3f:39:08:6e:dc:e8:fb:
ce:cb:9c:49:1a:f5:cc:8d:ba:d5:b7:f6:fe:9d:4c:75:d5:bf:
48:1f:89:85:e2:8a:a7:f8:ac:bb:3b:69:de:d2:ec:dc:e9:f8:
9f:1c:2c:3a:af:7b:9e:cb:94:5e:98:fb:a3:31:f6:e2:02:c1:
c6:e7:c5:1f:48:d3:f5:05:d7:2d:93:ec:43:e7:04:ad:56:b6:
3b:0a:6d:61:da:ad:06:44:f0:92:88:29:19:6f:5f:c5:2f:65:
38:06:d9:91:97:e1:9a:37:30:b6:c3:af:4e:e7:7d:c4:11:3f:
ac:11:e0:ad:b1:2a:b3:b6:a6:fa:1f:9b:b0:8f:90:9d:74:7d:
68:30:65:b7:2b:d2:ec:68:46:41:14:42:b6:45:64:31:42:69:
3f:55:ef:1f:35:27:f5:51:97:be:5e:36:c3:65:20:65:99:11:
50:c2:4c:7d:38:79:a7:03:35:71:36:59:a6:29:3e:4a:81:58:
c2:95:d3:e4:0a:88:4a:e1:c4:12:83:05:76:6b:98:05:f6:1e:
90:f2:fb:05
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEqnMLdKyVBclUuwYmNPv2auz7ccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMxMDFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxYmU2NWFiZTM1YjQxMTYzZjZmZjA4Y2U2ODlhODY0NGM5ZGRlN2RmZGQ5
NzBlNTJhODFkN2Y2YWQ0ZjI5MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOOOn8HmyWK3kTKDGzB1t6ZEW/ekSdduRPNqdldxRGH4UUt/dX2FoyPpZ3S
eQo4qsiFaMSrAZ5EDOh2eLShUjjpMfCW9/WoRt/rIqLNwECtOyXWEx451sLjXk2i
lXeSwvp964iQMQWoskY5f+5IvE/dD4zossRE+LpYcFnSQxSUrZaehkZGj7p5tgpO
UgitidTHUQ8MkrOEWSHoQh0uE7VMGUBjEQwZPzMyMz8qoeSDEvlxWKg8MESFW02Q
DuyujKAGWqowHf4sxVG42p0/lhJ0ofFXKMt+9Kv7UtFff+Euq+Jt70WAukv8KA9v
JneeaGevJs2+7hmwXFsItRHb890CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR+qeGy
vzH2hGIMPBGTwB0NCncQTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdmZjBhNDYtNGM2OC00M2I4LWJlMzMtM2YzMDk4NjIzNjg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
0DANBgkqhkiG9w0BAQsFAAOCAQEAdFzskmNyIvME+NqdhHbgrMQaxkjoU8rrWTKd
89F1onx4NjgrnLe9L9XPUvI3CkY/OQhu3Oj7zsucSRr1zI261bf2/p1MddW/SB+J
heKKp/isuztp3tLs3On4nxwsOq97nsuUXpj7ozH24gLBxufFH0jT9QXXLZPsQ+cE
rVa2OwptYdqtBkTwkogpGW9fxS9lOAbZkZfhmjcwtsOvTud9xBE/rBHgrbEqs7am
+h+bsI+QnXR9aDBltyvS7GhGQRRCtkVkMUJpP1XvHzUn9VGXvl42w2UgZZkRUMJM
fTh5pwM1cTZZpik+SoFYwpXT5AqISuHEEoMFdmuYBfYekPL7BQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:20 2025 by rpki-client