Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/786da755-a3b1-48c5-b605-b8cfe294d18b.roa
File: 786da755-a3b1-48c5-b605-b8cfe294d18b.roa (raw, json)
Hash identifier: pr5CGbHUYgkN/0larj1wJAIsMvBjMfoCD8CY9iXAsAc=
Subject key identifier: 86:D8:4E:76:19:52:1E:B6:61:2A:01:BD:08:42:1C:DA:C8:4B:6C:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 672946A59D1DAF298C78DCC9A1A28A0861CD5F16
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/786da755-a3b1-48c5-b605-b8cfe294d18b.roa
Signing time: Fri 31 Oct 2025 00:40:05 +0000
ROA not before: Fri 31 Oct 2025 00:40:05 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:29:46:a5:9d:1d:af:29:8c:78:dc:c9:a1:a2:8a:08:61:cd:5f:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 00:40:05 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=b2ca71bbdbcaea854d6f54a2ca78f40182b59ab53cb3dd9f7f81fd8c09bdd756, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fe:0a:a9:9c:78:01:45:17:90:43:d5:e3:78:
32:12:3e:04:fb:d5:06:68:48:e4:ae:d9:1a:ab:43:
b2:f2:46:6a:f3:f9:7a:f2:51:7c:e9:ec:45:6a:03:
1e:4f:08:64:67:09:d6:af:c7:0e:be:b0:3f:ee:60:
6a:58:3f:11:e5:25:3a:41:8c:54:1b:9a:ee:e9:4e:
66:e8:bb:4b:5d:3e:3a:7a:5c:e3:f9:90:9d:88:8f:
ae:c2:c2:96:2c:d6:4b:30:c5:7d:cf:6c:51:e1:dc:
fe:46:11:6b:87:b5:58:bc:a0:1b:cd:dc:38:1d:60:
20:ae:47:cb:a6:3c:11:47:9c:1b:2f:fe:68:29:67:
b7:a7:d3:9f:33:a2:21:2f:7e:16:49:f2:13:45:11:
af:09:75:36:aa:7b:5a:1e:7c:85:57:cd:b4:c3:3f:
17:4a:0c:40:6b:53:d9:31:16:e5:8e:5f:2e:e2:fc:
c9:4e:b1:d1:35:5b:62:78:5d:c2:90:b2:e2:b1:f6:
4b:89:9e:c1:95:ff:98:7e:44:b9:df:a2:b1:4c:a2:
8a:fe:67:ea:2d:60:21:4b:04:28:87:30:25:bb:30:
0a:55:d4:7e:31:7c:ce:fd:e7:b2:22:39:2d:ba:82:
5d:76:87:2c:71:3b:b3:be:30:9c:37:32:8d:77:3b:
9c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D8:4E:76:19:52:1E:B6:61:2A:01:BD:08:42:1C:DA:C8:4B:6C:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/786da755-a3b1-48c5-b605-b8cfe294d18b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
3a:56:e9:56:e2:9c:b3:03:37:16:8d:bd:23:3a:2f:f2:26:78:
59:34:f0:0f:51:e3:36:74:4e:7f:d9:36:70:b3:8b:7b:03:03:
19:86:91:69:99:66:68:33:f4:2a:31:95:f6:a5:16:cd:6f:43:
47:b6:00:e4:56:59:66:dd:e4:8d:67:2c:0a:63:1a:52:d5:60:
b2:6b:12:c7:fb:9f:9e:f2:cf:f1:5d:73:a4:88:13:d2:dd:c2:
26:a6:ee:61:9b:2d:f2:d7:34:04:c2:fa:ba:e6:2e:7c:fc:24:
d5:69:00:02:e8:6b:37:65:45:8d:15:0f:f5:0f:04:c8:ae:13:
cb:07:40:4f:26:33:3b:f9:f2:8a:74:d3:48:82:94:4f:9f:75:
04:ac:4a:ff:ab:2d:84:f4:30:3e:5d:d5:a5:94:7b:43:05:b7:
4a:6b:5f:9d:59:c5:88:44:cb:48:c8:a8:8c:c4:73:38:eb:99:
3b:5b:a6:99:b1:e4:fb:55:e8:8f:9b:d4:65:71:e7:66:51:e6:
56:93:87:97:5a:29:80:e8:c5:30:c0:5b:45:9b:0b:69:be:63:
ff:81:4e:b5:98:53:49:f7:fa:a5:75:dd:ac:05:3a:e5:b8:aa:
be:a3:7a:51:71:bb:fa:15:3c:a5:da:11:e8:65:02:86:67:25:
46:67:1a:f8
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUZylGpZ0drymMeNzJoaKKCGHNXxYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMDQwMDVaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyY2E3MWJiZGJjYWVhODU0ZDZmNTRhMmNhNzhmNDAxODJiNTlhYjUzY2Iz
ZGQ5ZjdmODFmZDhjMDliZGQ3NTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMf+CqmceAFFF5BD1eN4MhI+BPvVBmhI5K7ZGqtDsvJGavP5evJRfOnsRWoD
Hk8IZGcJ1q/HDr6wP+5galg/EeUlOkGMVBua7ulOZui7S10+Onpc4/mQnYiPrsLC
lizWSzDFfc9sUeHc/kYRa4e1WLygG83cOB1gIK5Hy6Y8EUecGy/+aClnt6fTnzOi
IS9+FknyE0URrwl1Nqp7Wh58hVfNtMM/F0oMQGtT2TEW5Y5fLuL8yU6x0TVbYnhd
wpCy4rH2S4mewZX/mH5Eud+isUyiiv5n6i1gIUsEKIcwJbswClXUfjF8zv3nsiI5
LbqCXXaHLHE7s74wnDcyjXc7nF8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSG2E52
GVIetmEqAb0IQhzayEtseTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzg2ZGE3NTUtYTNiMS00OGM1LWI2MDUtYjhjZmUyOTRkMThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBADpW6VbinLMDNxaNvSM6L/ImeFk08A9R4zZ0Tn/Z
NnCzi3sDAxmGkWmZZmgz9CoxlfalFs1vQ0e2AORWWWbd5I1nLApjGlLVYLJrEsf7
n57yz/Fdc6SIE9Ldwiam7mGbLfLXNATC+rrmLnz8JNVpAALoazdlRY0VD/UPBMiu
E8sHQE8mMzv58op000iClE+fdQSsSv+rLYT0MD5d1aWUe0MFt0prX51ZxYhEy0jI
qIzEczjrmTtbppmx5PtV6I+b1GVx52ZR5laTh5daKYDoxTDAW0WbC2m+Y/+BTrWY
U0n3+qV13awFOuW4qr6jelFxu/oVPKXaEehlAoZnJUZnGvg=
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:14:41 2025 by rpki-client