Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1d8b868-c959-421c-83d1-d5235f6ed47e.roa
File: f1d8b868-c959-421c-83d1-d5235f6ed47e.roa (raw, json)
Hash identifier: HXjsRzXqFkTtWSUw8GoEWhd+Y2ZVduuCOu7sW++uWQM=
Subject key identifier: E2:7E:F1:19:A6:2F:86:2D:3F:7D:05:AA:A0:CA:25:75:82:98:55:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 717D5F8F0E61FBA09A0DB92971C603DE750E723C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1d8b868-c959-421c-83d1-d5235f6ed47e.roa
Signing time: Fri 24 Oct 2025 00:20:34 +0000
ROA not before: Fri 24 Oct 2025 00:20:34 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06d:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:7d:5f:8f:0e:61:fb:a0:9a:0d:b9:29:71:c6:03:de:75:0e:72:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:34 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=b648ef8595be09c05e6a9436a80df329da94c87b0b84fa76a3ff8d9c61aeb9b6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:31:5b:4a:8d:10:0f:26:95:4a:a8:f3:21:b1:
f5:61:44:e5:f7:3d:98:41:14:5e:d3:08:34:d0:cf:
98:9e:53:da:10:52:3a:7c:92:d3:f4:1c:fb:25:74:
e3:ac:81:02:d3:42:c1:5e:93:4d:42:4b:60:9f:5a:
ae:55:a4:71:ea:99:dd:8b:35:82:3f:2c:ba:be:ed:
22:3b:a6:05:2e:a7:84:f7:f5:4c:b8:7e:ce:c7:b3:
a5:98:28:44:0c:c2:fe:7f:6e:63:e1:16:b6:84:0b:
a9:70:c3:42:12:07:ea:02:b6:01:50:fe:97:dd:76:
ea:9a:a2:22:d5:78:35:3f:00:6d:68:5b:8e:9c:0e:
2c:58:cc:72:8e:7b:78:4d:a7:32:44:a1:13:d5:0a:
87:f0:90:f4:6b:1d:4e:b7:e9:03:d5:61:54:8d:b7:
5b:77:85:8f:af:37:dd:7d:b2:71:a6:25:16:11:22:
60:30:71:60:98:9a:13:7e:86:eb:28:26:fe:c4:44:
66:73:ee:1e:5a:f7:ac:3b:ae:fd:ee:00:57:92:5f:
fb:4f:6e:5c:c2:ee:b9:1e:d8:56:22:40:da:5b:28:
db:9c:5f:14:d1:d4:4b:c8:8f:2a:33:b4:49:78:3d:
3e:5f:c7:0c:9e:45:7c:f2:aa:b9:1d:68:04:9a:f1:
92:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:7E:F1:19:A6:2F:86:2D:3F:7D:05:AA:A0:CA:25:75:82:98:55:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1d8b868-c959-421c-83d1-d5235f6ed47e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
6b:ee:4c:27:e3:9e:cb:6a:61:d3:f5:b3:6d:56:21:be:39:f7:
42:2b:71:ae:53:59:f1:f7:d0:1a:27:b0:bd:94:0d:d3:36:8e:
af:3c:cf:91:a5:a7:5f:fc:04:91:bc:1e:d9:44:e8:1e:4d:bf:
7b:c7:1c:bf:cb:57:7c:05:a1:55:96:3a:6e:22:f2:48:63:50:
2b:de:6b:43:23:8e:d6:63:90:49:fd:f1:2d:89:23:f3:b1:59:
3c:01:6b:28:31:9a:75:92:78:26:36:15:d7:62:44:96:29:2a:
6f:bc:6d:57:57:09:c7:c4:93:07:81:cb:32:a9:2a:1a:f1:0a:
87:53:3e:6e:ee:fb:89:4b:74:62:5c:49:f5:fd:e8:44:22:67:
e2:e3:12:e5:1c:d5:12:bd:d8:d8:32:e5:21:e1:79:18:91:07:
14:e3:50:7f:ff:9c:8d:e1:de:97:eb:e9:de:3a:94:ac:07:99:
ea:48:e9:c9:de:d1:0a:ca:b7:9a:8f:00:a4:e9:bf:8c:c9:48:
69:07:fd:1b:cf:f5:ad:d8:67:04:5a:60:08:09:fe:01:7e:57:
b8:59:23:38:bb:55:8d:8a:67:36:60:fc:bb:48:dd:9c:be:c0:
db:5a:96:f8:63:28:ad:b2:31:ee:6a:d3:9a:5c:73:eb:df:7e:
ca:6e:bc:c0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcX1fjw5h+6CaDbkpccYD3nUOcjwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMzRaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2NDhlZjg1OTViZTA5YzA1ZTZhOTQzNmE4MGRmMzI5ZGE5NGM4N2IwYjg0
ZmE3NmEzZmY4ZDljNjFhZWI5YjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJMxW0qNEA8mlUqo8yGx9WFE5fc9mEEUXtMINNDPmJ5T2hBSOnyS0/Qc+yV0
46yBAtNCwV6TTUJLYJ9arlWkceqZ3Ys1gj8sur7tIjumBS6nhPf1TLh+zsezpZgo
RAzC/n9uY+EWtoQLqXDDQhIH6gK2AVD+l9126pqiItV4NT8AbWhbjpwOLFjMco57
eE2nMkShE9UKh/CQ9GsdTrfpA9VhVI23W3eFj6833X2ycaYlFhEiYDBxYJiaE36G
6ygm/sREZnPuHlr3rDuu/e4AV5Jf+09uXMLuuR7YViJA2lso25xfFNHUS8iPKjO0
SXg9Pl/HDJ5FfPKquR1oBJrxkuECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTifvEZ
pi+GLT99BaqgyiV1gphVhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjFkOGI4NjgtYzk1OS00MjFjLTgzZDEtZDUyMzVmNmVkNDdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
wDANBgkqhkiG9w0BAQsFAAOCAQEAa+5MJ+Oey2ph0/WzbVYhvjn3QitxrlNZ8ffQ
GiewvZQN0zaOrzzPkaWnX/wEkbwe2UToHk2/e8ccv8tXfAWhVZY6biLySGNQK95r
QyOO1mOQSf3xLYkj87FZPAFrKDGadZJ4JjYV12JElikqb7xtV1cJx8STB4HLMqkq
GvEKh1M+bu77iUt0YlxJ9f3oRCJn4uMS5RzVEr3Y2DLlIeF5GJEHFONQf/+cjeHe
l+vp3jqUrAeZ6kjpyd7RCsq3mo8ApOm/jMlIaQf9G8/1rdhnBFpgCAn+AX5XuFkj
OLtVjYpnNmD8u0jdnL7A21qW+GMorbIx7mrTmlxz699+ym68wA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:18 2025 by rpki-client