Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75900e8f-9582-4f56-8b92-09a50d5110f8.roa
File: 75900e8f-9582-4f56-8b92-09a50d5110f8.roa (raw, json)
Hash identifier: o5tdsSAG8169RFao/fNaqa+wzBXR1t9z4YZdDAqlYAM=
Subject key identifier: 59:F3:D0:42:71:F2:94:F0:D2:87:C2:B1:6B:46:53:9F:E6:DE:9C:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D86B862F10C575F512F9FD1B14130184706A4E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75900e8f-9582-4f56-8b92-09a50d5110f8.roa
Signing time: Fri 31 Oct 2025 00:30:15 +0000
ROA not before: Fri 31 Oct 2025 00:30:15 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:86:b8:62:f1:0c:57:5f:51:2f:9f:d1:b1:41:30:18:47:06:a4:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 00:30:15 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=e2df7e275524e9d2c7c7c9b87e16df8e2f91858216f7b00f17a813ca12ff0b55, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d2:4f:9c:49:35:2e:a4:a2:3c:41:8f:84:28:
fd:a4:d0:dc:1f:9f:68:62:21:0a:b7:5b:5b:cb:6b:
8a:e3:4f:91:08:9b:38:76:12:1a:05:c8:e9:15:83:
80:5d:2b:3b:bc:31:29:06:e0:10:28:19:64:5a:37:
6d:0f:47:c9:89:e7:60:bd:02:e8:6c:b4:fe:de:9b:
9d:fa:e7:34:4d:27:4f:1d:71:25:03:9a:8e:0c:06:
a6:ae:fb:b2:d9:27:35:9c:14:1e:e4:b6:8b:45:87:
6f:b4:4b:6e:96:52:c8:57:d0:09:08:4f:cd:9f:72:
a8:51:a6:53:f7:b2:56:3c:ee:83:6e:00:e7:7f:cf:
4b:fb:02:41:85:f1:b1:3c:5a:e7:1d:71:f8:62:47:
a1:33:7a:e6:36:be:f3:5e:29:02:e9:09:8b:31:d6:
12:ad:ee:27:af:66:12:75:e5:8f:72:b0:6b:83:b2:
d1:8d:49:85:1a:97:d3:0b:3d:3a:2d:52:8b:99:c1:
4d:f2:1b:d9:32:6f:2b:02:eb:2c:2c:c0:66:21:8f:
4f:00:13:ed:ad:45:a9:b3:39:06:89:c1:54:dd:51:
ee:a3:58:8f:3c:b7:06:e8:64:97:cd:e2:6d:b6:3e:
e3:68:b1:59:b6:5f:ce:b8:6f:7a:98:ad:55:1d:97:
e1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F3:D0:42:71:F2:94:F0:D2:87:C2:B1:6B:46:53:9F:E6:DE:9C:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75900e8f-9582-4f56-8b92-09a50d5110f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:a000::/40
Signature Algorithm: sha256WithRSAEncryption
ae:a5:ca:da:12:c8:2e:21:c8:41:76:37:fb:2c:a8:8a:ad:40:
3a:66:84:99:e7:6a:b3:d2:cc:8a:b8:ce:95:a2:69:74:65:21:
5d:c1:a7:db:0b:75:57:c4:52:8f:85:bc:84:10:8a:46:15:f6:
92:5b:32:75:3a:fb:dc:a8:bc:71:61:85:58:e4:d9:cf:d5:7b:
00:30:43:9e:c0:7f:3b:8c:1a:5a:fa:f9:8a:94:9f:29:7d:04:
f4:64:c3:03:de:d2:52:14:3f:d7:1c:e3:42:ae:87:dd:38:2f:
b7:00:42:f2:3f:27:7e:fb:32:55:2d:22:2c:a4:45:68:78:bc:
e1:58:01:c6:dd:a9:c0:2c:f5:a6:e0:f1:1c:bd:ab:e4:f0:e3:
03:1c:cd:6f:19:67:ff:04:34:55:9a:16:dd:bb:b5:d3:12:5a:
00:8f:35:c3:ce:c4:73:e2:c4:62:98:83:f1:13:85:39:a4:36:
e8:89:95:95:fe:01:ad:bd:d6:f9:63:18:e8:b8:0d:6d:bf:64:
31:42:73:d2:a3:23:30:8c:cf:fa:38:9b:fc:21:42:10:4f:e4:
54:f5:62:6d:61:81:17:19:16:80:b4:ae:8c:08:35:d1:ef:ac:
b9:99:1d:c8:a4:48:36:92:31:ae:97:19:92:78:1e:4f:1d:36:
6f:24:06:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULYa4YvEMV19RL5/RsUEwGEcGpOEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMDMwMTVaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyZGY3ZTI3NTUyNGU5ZDJjN2M3YzliODdlMTZkZjhlMmY5MTg1ODIxNmY3
YjAwZjE3YTgxM2NhMTJmZjBiNTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjST5xJNS6kojxBj4Qo/aTQ3B+faGIhCrdbW8triuNPkQibOHYSGgXI6RWD
gF0rO7wxKQbgECgZZFo3bQ9HyYnnYL0C6Gy0/t6bnfrnNE0nTx1xJQOajgwGpq77
stknNZwUHuS2i0WHb7RLbpZSyFfQCQhPzZ9yqFGmU/eyVjzug24A53/PS/sCQYXx
sTxa5x1x+GJHoTN65ja+814pAukJizHWEq3uJ69mEnXlj3Kwa4Oy0Y1JhRqX0ws9
Oi1Si5nBTfIb2TJvKwLrLCzAZiGPTwAT7a1FqbM5BonBVN1R7qNYjzy3Buhkl83i
bbY+42ixWbZfzrhvepitVR2X4RkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRZ89BC
cfKU8NKHwrFrRlOf5t6cMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU5MDBlOGYtOTU4Mi00ZjU2LThiOTItMDlhNTBkNTExMGY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOg
MA0GCSqGSIb3DQEBCwUAA4IBAQCupcraEsguIchBdjf7LKiKrUA6ZoSZ52qz0syK
uM6Voml0ZSFdwafbC3VXxFKPhbyEEIpGFfaSWzJ1OvvcqLxxYYVY5NnP1XsAMEOe
wH87jBpa+vmKlJ8pfQT0ZMMD3tJSFD/XHONCrofdOC+3AELyPyd++zJVLSIspEVo
eLzhWAHG3anALPWm4PEcvavk8OMDHM1vGWf/BDRVmhbdu7XTEloAjzXDzsRz4sRi
mIPxE4U5pDboiZWV/gGtvdb5YxjouA1tv2QxQnPSoyMwjM/6OJv8IUIQT+RU9WJt
YYEXGRaAtK6MCDXR76y5mR3IpEg2kjGulxmSeB5PHTZvJAZs
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:14:41 2025 by rpki-client