Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f2d2dfe9-f57a-43e4-8471-748b12e9dda6.roa
File: f2d2dfe9-f57a-43e4-8471-748b12e9dda6.roa (raw, json)
Hash identifier: iYGT+vSrD70MaPacoz9XCtt6iXkcEFrwpm/D8QN7Y4A=
Subject key identifier: A6:C2:83:16:46:FC:E2:53:B3:A0:F0:CF:B5:78:E5:79:59:03:47:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78499AD7511D7AD948E254C52A07DAD02D016E4E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f2d2dfe9-f57a-43e4-8471-748b12e9dda6.roa
Signing time: Tue 21 Oct 2025 13:30:43 +0000
ROA not before: Tue 21 Oct 2025 13:30:43 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:49:9a:d7:51:1d:7a:d9:48:e2:54:c5:2a:07:da:d0:2d:01:6e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:30:43 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=d2984d2c772bf0bf615a639facefa2fe497a41221aa094664974c3027eea75ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:69:d7:77:46:3c:7f:fc:4b:07:a6:9e:57:31:
46:8f:27:5f:42:c1:de:ab:16:bb:cc:e7:86:e8:c9:
ac:19:69:5b:8d:6e:9b:f4:76:cd:ef:3d:a5:43:9b:
07:ac:cb:4a:13:65:60:64:44:f7:8e:6e:9d:fc:bb:
4d:8f:13:3b:8e:4b:c2:0e:9c:0a:9c:33:9d:1d:30:
15:25:f3:07:74:52:c4:b5:fd:97:3f:7e:e8:c1:dd:
00:dc:ab:0c:cc:60:da:21:90:f4:57:40:fb:b9:70:
66:93:cd:34:bf:b4:d2:48:ab:2a:18:99:2f:05:ff:
73:79:d1:60:df:73:40:e8:47:46:14:11:2e:f3:79:
45:55:7c:1a:5e:dd:a0:8c:7d:84:ef:30:77:24:09:
70:02:b9:43:78:f8:32:1a:e3:42:42:08:15:f6:55:
f0:47:2c:70:be:cc:ca:60:c0:3f:eb:d9:87:47:3f:
59:30:93:0b:f2:ae:0c:76:f6:ad:4c:12:35:8f:6d:
d7:98:66:80:13:10:13:3b:6e:c8:eb:27:71:de:83:
5b:95:ce:c1:9d:3e:a0:1c:53:fc:c6:40:47:08:77:
6f:a3:ed:bc:8f:f4:3e:41:9f:79:b9:e2:99:85:44:
f6:4c:1f:47:70:89:a3:34:2f:4b:5c:1e:bf:40:7d:
d8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C2:83:16:46:FC:E2:53:B3:A0:F0:CF:B5:78:E5:79:59:03:47:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f2d2dfe9-f57a-43e4-8471-748b12e9dda6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8000::/40
Signature Algorithm: sha256WithRSAEncryption
81:cd:5d:e1:db:b3:5b:0d:df:c8:7c:cf:90:38:85:bf:a9:68:
01:59:0b:39:61:ce:fa:37:25:83:1d:a5:f7:cb:fa:b4:8b:95:
fa:a2:24:46:d8:61:c5:0f:46:12:bb:a0:64:24:07:ea:3e:6c:
d6:5a:96:f4:22:32:3c:34:b8:3b:69:4d:8b:de:00:e2:42:21:
e9:6b:74:78:ad:f9:f5:c7:3c:7b:2b:4e:f6:22:93:89:b0:f7:
a6:76:77:23:99:32:10:d4:64:b3:23:01:04:82:03:c0:6e:22:
25:bb:7e:e9:a8:a1:ae:88:fa:d4:ee:30:32:ae:15:f8:fa:1e:
d6:82:7a:50:e7:91:ae:12:a3:e8:65:fe:89:c1:a0:95:ff:bc:
96:bd:7f:87:14:4f:14:a0:40:e4:ec:0e:a1:3b:ff:e4:69:ba:
eb:d0:46:f7:8c:32:66:e6:93:57:ec:40:90:66:da:de:d7:76:
6a:b9:04:35:15:f1:c6:fa:56:e6:10:4e:70:a7:86:4c:82:a6:
b0:0f:0b:bd:73:b4:38:d7:c5:96:09:93:33:dc:90:98:43:6b:
a3:a8:f6:6d:2c:a2:48:58:78:a0:14:e1:09:31:d3:7b:e0:2a:
61:5e:9e:c0:7c:6d:cf:b0:04:97:e2:80:c4:78:bc:8e:00:c5:
42:6f:88:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeEma11EdetlI4lTFKgfa0C0Bbk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMwNDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyOTg0ZDJjNzcyYmYwYmY2MTVhNjM5ZmFjZWZhMmZlNDk3YTQxMjIxYWEw
OTQ2NjQ5NzRjMzAyN2VlYTc1ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpp13dGPH/8SwemnlcxRo8nX0LB3qsWu8znhujJrBlpW41um/R2ze89pUOb
B6zLShNlYGRE945unfy7TY8TO45Lwg6cCpwznR0wFSXzB3RSxLX9lz9+6MHdANyr
DMxg2iGQ9FdA+7lwZpPNNL+00kirKhiZLwX/c3nRYN9zQOhHRhQRLvN5RVV8Gl7d
oIx9hO8wdyQJcAK5Q3j4MhrjQkIIFfZV8EcscL7MymDAP+vZh0c/WTCTC/KuDHb2
rUwSNY9t15hmgBMQEztuyOsncd6DW5XOwZ0+oBxT/MZARwh3b6PtvI/0PkGfebni
mYVE9kwfR3CJozQvS1wev0B92N0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSmwoMW
RvziU7Og8M+1eOV5WQNHjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjJkMmRmZTktZjU3YS00M2U0LTg0NzEtNzQ4YjEyZTlkZGE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKA
MA0GCSqGSIb3DQEBCwUAA4IBAQCBzV3h27NbDd/IfM+QOIW/qWgBWQs5Yc76NyWD
HaX3y/q0i5X6oiRG2GHFD0YSu6BkJAfqPmzWWpb0IjI8NLg7aU2L3gDiQiHpa3R4
rfn1xzx7K072IpOJsPemdncjmTIQ1GSzIwEEggPAbiIlu37pqKGuiPrU7jAyrhX4
+h7WgnpQ55GuEqPoZf6JwaCV/7yWvX+HFE8UoEDk7A6hO//kabrr0Eb3jDJm5pNX
7ECQZtre13ZquQQ1FfHG+lbmEE5wp4ZMgqawDwu9c7Q418WWCZMz3JCYQ2ujqPZt
LKJIWHigFOEJMdN74CphXp7AfG3PsASX4oDEeLyOAMVCb4gE
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:12:00 2025 by rpki-client