Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53f71feb-77ff-438f-8d1f-e553194144d2.roa
File: 53f71feb-77ff-438f-8d1f-e553194144d2.roa (raw, json)
Hash identifier: vRmeqP9Aefmur/gl46YNVKBLLrm+1ObnXv/pvG2yY/c=
Subject key identifier: 69:2B:E8:FD:AA:99:27:D4:D0:5F:A9:B7:E5:99:32:69:5D:51:F5:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F1FBF5809C523078C30B1EC65B43F7CF9FF6359
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53f71feb-77ff-438f-8d1f-e553194144d2.roa
Signing time: Fri 31 Oct 2025 01:40:16 +0000
ROA not before: Fri 31 Oct 2025 01:40:16 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:1f:bf:58:09:c5:23:07:8c:30:b1:ec:65:b4:3f:7c:f9:ff:63:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 01:40:16 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=a4b59dea3ebf82ad139fdba8cc3aae33e6ea53e71ad9c1d9c4e0d7ca2b66b42a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7a:08:44:3a:89:26:64:5b:d6:af:e1:3a:f7:
61:f3:18:a0:62:0d:00:6a:ee:2c:6e:16:30:2b:dc:
ec:25:39:7c:82:eb:70:df:71:c4:c4:a9:60:1f:e8:
ec:b0:37:7f:b7:c1:81:8e:c3:8b:43:f6:cb:e2:fb:
12:d2:45:95:94:1e:76:24:97:3d:83:82:b0:6e:67:
9f:81:2a:73:e0:73:1a:e6:9c:b3:59:e8:4b:a4:21:
96:a8:42:f3:72:86:2f:4a:45:16:b5:ae:6e:8c:a0:
d8:2c:30:5e:a9:c7:c2:23:bc:5f:47:8d:11:86:f2:
d1:10:fd:2d:5b:c7:d8:ea:5b:07:63:ae:e2:94:d0:
76:53:fd:33:94:4c:7b:c9:5a:b1:87:0b:41:a6:05:
e5:66:66:80:a6:96:4c:71:3a:db:7d:81:54:75:e4:
ad:7e:70:57:3c:65:8f:b1:0a:44:a6:a7:d1:05:b1:
36:70:19:d2:79:bb:af:a0:1e:c4:8b:cf:ba:50:52:
f0:50:c8:c7:fd:b1:e0:6f:c6:93:7b:2e:e5:a9:33:
37:51:2d:66:9e:ea:ba:2e:2c:ed:b1:44:e2:5b:d9:
f0:9c:2a:13:6b:71:a4:fc:ae:19:bb:84:b6:84:55:
68:2b:c7:a7:aa:02:e8:82:90:52:c0:68:e8:ca:d2:
08:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:2B:E8:FD:AA:99:27:D4:D0:5F:A9:B7:E5:99:32:69:5D:51:F5:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53f71feb-77ff-438f-8d1f-e553194144d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4020::/48
Signature Algorithm: sha256WithRSAEncryption
19:e9:2a:d0:d2:67:12:7f:9f:cf:a3:1f:5a:85:37:a1:3b:f0:
95:c9:ff:7e:c5:40:dc:ae:86:2c:64:f1:72:34:41:28:09:cf:
1d:86:dc:b7:32:6f:f1:db:6e:54:ca:ec:bf:05:80:f4:35:c0:
fd:01:12:70:b7:ae:79:d7:30:a5:9f:25:52:8c:54:c9:7d:29:
0e:a8:7a:cf:dd:b2:c5:13:ac:8e:b9:0a:32:30:b2:53:4a:9f:
4d:53:39:d5:c5:1f:9e:51:8f:38:95:dd:28:e8:5b:9f:b8:cc:
df:31:2d:08:66:fa:b2:04:f0:bd:53:53:8b:60:8c:e0:87:de:
ec:2a:f9:43:aa:78:85:72:a8:66:d3:c4:dd:9a:7a:8e:44:e3:
8c:28:b2:93:e7:f8:17:ec:21:22:ac:9a:4f:26:ac:2f:f2:96:
94:bc:ff:af:30:af:69:c6:32:64:ca:bd:03:4b:e1:11:c2:77:
69:68:c6:d7:07:28:96:32:ca:e9:bc:9d:ba:57:93:82:fe:ef:
30:06:be:0f:8f:48:05:af:0c:b2:90:32:9c:a1:c2:ca:08:f1:
cf:c7:7a:9d:2c:28:72:8e:84:92:e9:d5:40:86:5d:e0:40:4c:
f1:c6:83:83:cc:7f:8d:e9:47:76:51:70:cf:1c:c8:fe:a3:8d:
06:24:e7:87
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbx+/WAnFIweMMLHsZbQ/fPn/Y1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMTQwMTZaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0YjU5ZGVhM2ViZjgyYWQxMzlmZGJhOGNjM2FhZTMzZTZlYTUzZTcxYWQ5
YzFkOWM0ZTBkN2NhMmI2NmI0MmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL96CEQ6iSZkW9av4Tr3YfMYoGINAGruLG4WMCvc7CU5fILrcN9xxMSpYB/o
7LA3f7fBgY7Di0P2y+L7EtJFlZQediSXPYOCsG5nn4Eqc+BzGuacs1noS6QhlqhC
83KGL0pFFrWuboyg2CwwXqnHwiO8X0eNEYby0RD9LVvH2OpbB2Ou4pTQdlP9M5RM
e8lasYcLQaYF5WZmgKaWTHE6232BVHXkrX5wVzxlj7EKRKan0QWxNnAZ0nm7r6Ae
xIvPulBS8FDIx/2x4G/Gk3su5akzN1EtZp7qui4s7bFE4lvZ8JwqE2txpPyuGbuE
toRVaCvHp6oC6IKQUsBo6MrSCC0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRpK+j9
qpkn1NBfqbflmTJpXVH11jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTNmNzFmZWItNzdmZi00MzhmLThkMWYtZTU1MzE5NDE0NGQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
IDANBgkqhkiG9w0BAQsFAAOCAQEAGekq0NJnEn+fz6MfWoU3oTvwlcn/fsVA3K6G
LGTxcjRBKAnPHYbctzJv8dtuVMrsvwWA9DXA/QEScLeuedcwpZ8lUoxUyX0pDqh6
z92yxROsjrkKMjCyU0qfTVM51cUfnlGPOJXdKOhbn7jM3zEtCGb6sgTwvVNTi2CM
4Ife7Cr5Q6p4hXKoZtPE3Zp6jkTjjCiyk+f4F+whIqyaTyasL/KWlLz/rzCvacYy
ZMq9A0vhEcJ3aWjG1wcoljLK6byduleTgv7vMAa+D49IBa8MspAynKHCygjxz8d6
nSwoco6EkunVQIZd4EBM8caDg8x/jelHdlFwzxzI/qONBiTnhw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:21:32 2025 by rpki-client