Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dba2c5ec-b39c-4ba8-b607-71348e3be0c8.roa
File: dba2c5ec-b39c-4ba8-b607-71348e3be0c8.roa (raw, json)
Hash identifier: OZ1tPWtY7dCrf3PwtWN10hMjPWT9JJCffMRJ3SzVznY=
Subject key identifier: 70:2F:07:74:34:62:9B:7E:1A:BF:29:84:DC:18:80:48:7D:72:5F:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BD3E7A4258EC699C252CA62AEBA2A38834D3BC2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dba2c5ec-b39c-4ba8-b607-71348e3be0c8.roa
Signing time: Fri 24 Oct 2025 00:20:07 +0000
ROA not before: Fri 24 Oct 2025 00:20:07 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:6080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:d3:e7:a4:25:8e:c6:99:c2:52:ca:62:ae:ba:2a:38:83:4d:3b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:07 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=8e485f6ff0227ae68c656e1d2bad9cc778f8a7998b2c6ce49146febbc1c90ff3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:11:d3:02:4c:10:90:53:46:29:d9:19:f8:87:
ff:ee:0b:56:2b:20:b0:67:b0:df:f9:05:fc:92:73:
35:b3:a1:05:e8:cc:ef:67:63:f8:1c:6f:dc:98:b7:
4b:7f:56:4f:de:9a:b2:80:1f:62:c2:94:70:20:a6:
95:e3:ea:af:bf:0b:a6:1d:05:77:58:e7:ef:0b:79:
fd:a5:c5:ef:31:9d:f1:6d:9e:64:33:72:89:dd:24:
56:aa:34:f3:9a:2a:6a:59:1e:85:90:ee:a5:9a:3f:
cc:f1:19:85:25:21:8f:d1:02:c0:7d:ce:9e:cf:ce:
79:88:7f:74:22:8a:0b:7d:0e:1c:7e:78:1c:c5:94:
ef:7d:85:b3:97:0a:7d:51:8a:01:11:ab:10:a9:9b:
7f:3d:71:ad:e8:cc:13:b3:d2:38:24:67:a9:dd:1c:
6d:04:5e:b9:13:13:d1:74:aa:b4:d2:a0:84:55:c4:
36:98:dc:2d:b7:47:b9:bf:ab:c9:05:47:48:02:7b:
e6:dc:44:b2:4b:48:ee:a1:80:08:10:fc:85:44:e4:
88:82:15:cb:6f:5d:cc:ec:ae:48:5c:35:e6:51:7d:
ec:ad:f7:ba:f4:d0:59:d8:37:a0:62:07:50:2b:45:
9e:37:d2:e7:5a:83:a3:b2:7e:e0:1f:69:e3:a5:db:
8f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:2F:07:74:34:62:9B:7E:1A:BF:29:84:DC:18:80:48:7D:72:5F:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dba2c5ec-b39c-4ba8-b607-71348e3be0c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6080::/46
Signature Algorithm: sha256WithRSAEncryption
7a:b3:37:c5:3e:e2:89:c3:f3:1a:fa:ef:f2:4c:94:a7:ee:8b:
ce:82:2c:bc:c3:6e:55:57:40:17:a6:38:bc:38:8b:35:0c:4a:
96:1b:0a:1a:2a:e6:1e:70:cb:21:26:5c:18:f4:08:b3:01:99:
20:f3:e2:f3:08:82:65:4d:d6:6b:c6:26:ac:ca:a4:13:cf:5c:
da:ba:85:bd:cb:78:b5:0d:fe:3d:c7:b4:f9:39:91:9f:e7:15:
b6:24:a1:d4:b5:92:6d:53:77:9d:58:0e:fe:6b:79:0c:f4:e1:
2b:66:39:4e:ad:6c:c1:c0:26:a9:da:2b:72:8e:7a:b9:6b:7f:
53:7f:b0:68:ef:b8:af:06:a8:bc:36:cc:49:17:51:41:c2:4a:
06:d1:5f:31:4c:55:3e:b4:0d:0b:c6:e5:d2:91:cb:3f:4e:be:
ab:03:3a:a8:d6:c9:0c:ab:c1:79:47:6e:71:03:d9:85:85:fe:
f5:e9:24:14:0a:f0:2b:80:95:2e:e4:dc:03:01:04:2c:73:db:
73:f2:1c:8b:01:b1:f9:9f:68:df:17:97:bd:60:fb:ae:57:e5:
d9:6a:fa:f7:b3:c0:40:99:70:26:47:b0:9a:95:62:91:8c:ed:
f5:54:12:fb:3e:e5:7b:02:36:36:9b:cf:51:1d:0e:e8:de:96:
27:fc:16:7e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe9PnpCWOxpnCUspirroqOINNO8IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMDdaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlNDg1ZjZmZjAyMjdhZTY4YzY1NmUxZDJiYWQ5Y2M3NzhmOGE3OTk4YjJj
NmNlNDkxNDZmZWJiYzFjOTBmZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgR0wJMEJBTRinZGfiH/+4LVisgsGew3/kF/JJzNbOhBejM72dj+Bxv3Ji3
S39WT96asoAfYsKUcCCmlePqr78Lph0Fd1jn7wt5/aXF7zGd8W2eZDNyid0kVqo0
85oqalkehZDupZo/zPEZhSUhj9ECwH3Ons/OeYh/dCKKC30OHH54HMWU732Fs5cK
fVGKARGrEKmbfz1xrejME7PSOCRnqd0cbQReuRMT0XSqtNKghFXENpjcLbdHub+r
yQVHSAJ75txEsktI7qGACBD8hUTkiIIVy29dzOyuSFw15lF97K33uvTQWdg3oGIH
UCtFnjfS51qDo7J+4B9p46Xbj3sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRwLwd0
NGKbfhq/KYTcGIBIfXJfIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJhMmM1ZWMtYjM5Yy00YmE4LWI2MDctNzEzNDhlM2JlMGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
gDANBgkqhkiG9w0BAQsFAAOCAQEAerM3xT7iicPzGvrv8kyUp+6LzoIsvMNuVVdA
F6Y4vDiLNQxKlhsKGirmHnDLISZcGPQIswGZIPPi8wiCZU3Wa8YmrMqkE89c2rqF
vct4tQ3+Pce0+TmRn+cVtiSh1LWSbVN3nVgO/mt5DPThK2Y5Tq1swcAmqdorco56
uWt/U3+waO+4rwaovDbMSRdRQcJKBtFfMUxVPrQNC8bl0pHLP06+qwM6qNbJDKvB
eUducQPZhYX+9ekkFArwK4CVLuTcAwEELHPbc/IciwGx+Z9o3xeXvWD7rlfl2Wr6
97PAQJlwJkewmpVikYzt9VQS+z7lewI2NpvPUR0O6N6WJ/wWfg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:14 2025 by rpki-client