Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/075bdd7a-ba79-4543-9f8e-ac092351419b.roa
File: 075bdd7a-ba79-4543-9f8e-ac092351419b.roa (raw, json)
Hash identifier: UWVa6f202AdlYAGuLXMqDD5aETsyzaO3t9qrygkS4AA=
Subject key identifier: A4:7F:D4:97:9F:D7:4F:FE:6D:EE:28:43:78:2D:B6:B2:55:19:EF:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F60C0DBAFF3770B9E9C0F9A4A267C92224B538D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/075bdd7a-ba79-4543-9f8e-ac092351419b.roa
Signing time: Wed 29 Oct 2025 07:36:48 +0000
ROA not before: Wed 29 Oct 2025 07:36:48 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:60:c0:db:af:f3:77:0b:9e:9c:0f:9a:4a:26:7c:92:22:4b:53:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:48 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=22302d4faae368a61cc29de338a9107fb994cf5c4a6c8dee5a64ab4ec2e71432, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:82:e5:dd:7e:41:42:79:87:9c:2f:72:fa:44:
95:df:90:c3:23:ff:83:80:31:a2:46:83:42:d3:9b:
c4:2a:eb:74:b9:ea:b8:18:83:25:7a:13:12:e6:44:
29:4e:a6:aa:9b:a0:d0:8d:81:ca:f5:6f:28:11:70:
b6:93:04:3f:35:02:b2:58:30:14:4b:80:45:ea:b5:
7e:dd:df:3a:c8:23:fe:26:66:8f:d5:63:82:96:f5:
6e:66:71:d8:32:b7:e0:0f:b9:2b:78:f0:22:b4:6e:
75:f2:01:f0:2f:23:e9:a4:55:17:99:1d:75:49:8d:
9d:6b:2c:e8:7f:f2:b5:f3:6d:77:30:5b:05:3f:74:
03:7d:78:09:89:89:bd:c9:09:51:7c:0a:0a:c9:42:
e4:b4:08:3c:31:97:2f:72:32:0e:a1:58:11:b2:b2:
93:0b:27:80:cf:c9:04:a5:79:a7:73:b6:cc:32:5a:
ac:14:73:ab:d4:36:fb:2c:48:c6:95:e8:e5:23:42:
30:07:35:fd:f5:ce:4a:79:18:d0:2e:65:c0:70:d8:
46:3b:fd:6f:cb:fd:74:8d:40:b9:d7:6a:35:8f:f7:
98:bd:2f:5f:87:3f:03:0f:94:2f:e8:a5:25:57:cd:
64:9c:5e:44:74:72:e4:61:a0:8c:7d:ab:df:19:34:
03:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:7F:D4:97:9F:D7:4F:FE:6D:EE:28:43:78:2D:B6:B2:55:19:EF:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/075bdd7a-ba79-4543-9f8e-ac092351419b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:7c:d2:65:47:6b:04:47:3b:8e:c6:ab:a0:a6:18:94:94:1d:
c2:0b:ce:b7:c6:ad:7c:97:9a:94:3e:d2:55:ec:8e:d1:c2:9d:
85:9e:4b:05:2f:05:b1:9d:0b:f7:e9:ee:b2:c7:43:b7:a3:e6:
4d:0e:a9:66:05:8b:6e:54:eb:df:74:eb:2d:df:5c:14:79:1f:
d0:3c:bb:5f:fe:92:e3:4a:c2:7b:a5:22:ca:d6:eb:87:3d:d1:
d0:de:8c:9c:c7:af:c6:b9:4f:86:8b:ca:f1:67:a8:01:6d:a7:
a8:77:fe:d8:98:1b:e4:fd:c3:cd:0f:54:6a:fa:c8:a5:a6:88:
5f:0f:d6:98:21:fa:1b:a7:2d:f4:e8:40:89:a8:1a:49:56:7a:
bb:4f:35:0e:27:d3:4f:54:d6:97:df:47:12:ea:b6:c9:03:4f:
37:57:95:79:ee:6c:7d:8a:74:85:39:0b:c0:bb:72:9c:8b:4e:
f7:35:82:a1:b4:f3:d5:a8:dd:96:7d:46:0d:0c:1c:97:b1:c6:
a0:52:a2:b7:03:09:2b:89:3e:fa:2e:f9:de:5f:6e:e0:fb:b5:
72:41:aa:c7:5b:76:a0:dd:5b:65:38:2a:04:6d:cd:57:0d:5e:
00:68:46:9c:7a:1a:47:a4:56:9d:a0:2d:5c:22:5d:68:7c:b4:
8f:7b:5a:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP2DA26/zdwuenA+aSiZ8kiJLU40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NDhaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyMzAyZDRmYWFlMzY4YTYxY2MyOWRlMzM4YTkxMDdmYjk5NGNmNWM0YTZj
OGRlZTVhNjRhYjRlYzJlNzE0MzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWC5d1+QUJ5h5wvcvpEld+QwyP/g4AxokaDQtObxCrrdLnquBiDJXoTEuZE
KU6mqpug0I2ByvVvKBFwtpMEPzUCslgwFEuAReq1ft3fOsgj/iZmj9Vjgpb1bmZx
2DK34A+5K3jwIrRudfIB8C8j6aRVF5kddUmNnWss6H/ytfNtdzBbBT90A314CYmJ
vckJUXwKCslC5LQIPDGXL3IyDqFYEbKykwsngM/JBKV5p3O2zDJarBRzq9Q2+yxI
xpXo5SNCMAc1/fXOSnkY0C5lwHDYRjv9b8v9dI1AuddqNY/3mL0vX4c/Aw+UL+il
JVfNZJxeRHRy5GGgjH2r3xk0AycCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSkf9SX
n9dP/m3uKEN4LbayVRnvCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDc1YmRkN2EtYmE3OS00NTQzLTlmOGUtYWMwOTIzNTE0MTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Gpg
MA0GCSqGSIb3DQEBCwUAA4IBAQB/fNJlR2sERzuOxqugphiUlB3CC863xq18l5qU
PtJV7I7Rwp2FnksFLwWxnQv36e6yx0O3o+ZNDqlmBYtuVOvfdOst31wUeR/QPLtf
/pLjSsJ7pSLK1uuHPdHQ3oycx6/GuU+Gi8rxZ6gBbaeod/7YmBvk/cPND1Rq+sil
pohfD9aYIfobpy306ECJqBpJVnq7TzUOJ9NPVNaX30cS6rbJA083V5V57mx9inSF
OQvAu3Kci073NYKhtPPVqN2WfUYNDByXscagUqK3AwkriT76LvneX27g+7VyQarH
W3ag3VtlOCoEbc1XDV4AaEacehpHpFadoC1cIl1ofLSPe1pX
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:42:22 2025 by rpki-client