Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
File: f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa (raw, json)
Hash identifier: WK+oyHOwsaJS3ql2fOH9fz+ifw2oUjqEWc/3lZo2lhk=
Subject key identifier: D2:E0:77:D5:1A:0E:C7:28:71:36:84:2F:5F:AE:46:4B:3E:C5:C5:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07656BEA7E226B2F2828E925D67AA39ABA0C5FDE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
Signing time: Tue 21 Oct 2025 13:20:48 +0000
ROA not before: Tue 21 Oct 2025 13:20:48 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:65:6b:ea:7e:22:6b:2f:28:28:e9:25:d6:7a:a3:9a:ba:0c:5f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:48 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=37f3dba96a55bb3dffd1d097b187f8cf7753e3c68e8ee334c8411a8575994204, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:be:0d:f5:7b:7b:8f:37:22:a2:21:f2:0c:90:
d4:62:85:d5:ca:cf:f3:f3:57:dd:c3:16:16:0d:f8:
f1:d2:8b:cf:97:12:2a:a2:32:8f:12:a3:1b:fe:9c:
8e:fb:b2:b3:a9:a4:6f:24:d2:ae:da:cb:a8:4a:6e:
12:56:87:df:7d:a6:45:2b:b2:06:86:33:cc:02:f7:
33:11:41:4a:34:c2:b6:6a:ee:1b:f6:24:b7:26:a5:
16:8e:b2:ac:87:c2:c6:7e:cf:e6:a9:70:1d:44:7e:
bb:aa:bb:18:d7:c8:17:55:9b:de:94:2c:76:38:ac:
ee:f4:78:2c:c5:f2:66:3b:f1:37:fb:72:07:7f:d8:
8f:b4:69:38:03:88:22:43:7a:a4:1e:15:7f:3e:07:
1b:2d:32:4b:1e:db:f8:06:f2:a6:d9:6f:14:fb:e5:
34:f2:a4:8b:b2:18:06:90:17:b4:93:35:e6:cb:21:
ff:42:05:bd:60:79:a0:25:61:e5:ed:1e:a6:36:aa:
b1:70:e8:72:7d:e1:78:81:65:1c:ad:78:76:ba:88:
08:80:70:66:72:98:af:76:f3:ce:30:c3:ec:19:5b:
13:74:f9:af:58:cc:99:1f:5e:9a:4b:7c:22:ea:8e:
be:f2:c3:10:7c:48:5f:c8:0b:dd:55:bd:f5:87:24:
ca:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:E0:77:D5:1A:0E:C7:28:71:36:84:2F:5F:AE:46:4B:3E:C5:C5:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8000::/38
Signature Algorithm: sha256WithRSAEncryption
86:13:03:68:31:e1:bf:f4:e8:6b:26:71:c2:0d:1c:e9:83:ae:
4b:f5:13:fe:33:05:f6:27:d5:1a:c3:50:26:59:65:9d:ae:bf:
b9:dd:ec:84:71:4d:e6:26:c8:d3:30:36:0d:80:c7:09:39:e9:
39:f3:85:ad:a0:1a:f2:dc:ce:56:a5:fe:fc:d4:fb:63:9b:39:
f0:81:c0:d9:a4:3a:ee:e1:74:2b:f5:da:d6:99:b5:76:71:46:
79:88:e3:2d:84:bd:68:70:71:59:04:6f:05:9c:78:b2:cb:cd:
e3:b3:6d:76:37:2d:55:4f:c3:db:fe:83:14:8d:4b:30:46:eb:
38:c0:e5:f0:5f:48:5c:49:44:41:64:f6:09:91:4f:ac:dd:c2:
b6:7a:1c:f3:65:58:9e:5b:7b:a7:b4:35:60:cd:44:31:69:3b:
15:4a:1c:9c:b1:59:a0:50:45:08:15:69:48:15:6e:35:f4:16:
66:8a:59:00:d3:0e:53:50:3b:6f:20:40:15:0a:79:6c:9b:c9:
0e:4e:d7:4f:f6:6d:c3:74:2d:e8:84:65:5e:40:6d:f5:16:b5:
35:41:3a:df:61:89:21:92:f0:31:fd:51:48:eb:d8:8e:5c:8c:
77:1d:7f:59:32:3a:ae:7a:9c:8a:44:d5:a4:12:38:16:ef:c2:
d9:32:98:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB2Vr6n4iay8oKOkl1nqjmroMX94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwNDhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3ZjNkYmE5NmE1NWJiM2RmZmQxZDA5N2IxODdmOGNmNzc1M2UzYzY4ZThl
ZTMzNGM4NDExYTg1NzU5OTQyMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALe+DfV7e483IqIh8gyQ1GKF1crP8/NX3cMWFg348dKLz5cSKqIyjxKjG/6c
jvuys6mkbyTSrtrLqEpuElaH332mRSuyBoYzzAL3MxFBSjTCtmruG/YktyalFo6y
rIfCxn7P5qlwHUR+u6q7GNfIF1Wb3pQsdjis7vR4LMXyZjvxN/tyB3/Yj7RpOAOI
IkN6pB4Vfz4HGy0ySx7b+AbyptlvFPvlNPKki7IYBpAXtJM15ssh/0IFvWB5oCVh
5e0epjaqsXDocn3heIFlHK14drqICIBwZnKYr3bzzjDD7BlbE3T5r1jMmR9emkt8
IuqOvvLDEHxIX8gL3VW99YckyjcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTS4HfV
Gg7HKHE2hC9frkZLPsXFujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjViMjViMDgtZWMyNC00ZTE4LTg0YzktMDVhYzAzNWIxNWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCA
MA0GCSqGSIb3DQEBCwUAA4IBAQCGEwNoMeG/9OhrJnHCDRzpg65L9RP+MwX2J9Ua
w1AmWWWdrr+53eyEcU3mJsjTMDYNgMcJOek584WtoBry3M5Wpf781PtjmznwgcDZ
pDru4XQr9drWmbV2cUZ5iOMthL1ocHFZBG8FnHiyy83js212Ny1VT8Pb/oMUjUsw
Rus4wOXwX0hcSURBZPYJkU+s3cK2ehzzZVieW3untDVgzUQxaTsVShycsVmgUEUI
FWlIFW419BZmilkA0w5TUDtvIEAVCnlsm8kOTtdP9m3DdC3ohGVeQG31FrU1QTrf
YYkhkvAx/VFI69iOXIx3HX9ZMjquepyKRNWkEjgW78LZMphX
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:12:02 2025 by rpki-client