Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/787a0cca-ea85-49b8-8c0b-bef4512620de.roa
File: 787a0cca-ea85-49b8-8c0b-bef4512620de.roa (raw, json)
Hash identifier: LUUMXbabzsSotEvoEGdG+/Bi9c/Q/CoWwVF8K3Oz2rg=
Subject key identifier: 7C:ED:32:B8:5F:9F:60:A2:13:8A:2F:A8:2E:9F:76:5E:B8:39:62:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B7AF1A005C29252EE2A0CA5804CCC399B1694B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/787a0cca-ea85-49b8-8c0b-bef4512620de.roa
Signing time: Tue 04 Nov 2025 02:50:03 +0000
ROA not before: Tue 04 Nov 2025 02:50:03 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:7a:f1:a0:05:c2:92:52:ee:2a:0c:a5:80:4c:cc:39:9b:16:94:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:03 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=0f5ff87e6f04f8049d9b1cc1f2658b7c453d6d7545684a98253a53a2187f5f2c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:dd:65:f5:8b:a3:14:87:66:8c:d1:f3:4d:9d:
4d:d0:d1:02:f8:4a:32:1a:17:df:62:6f:a9:f1:80:
28:42:76:95:93:79:fc:5f:01:49:97:59:c7:c7:b7:
3e:6d:42:18:64:72:73:f4:08:e2:df:28:67:d0:21:
11:89:aa:a4:a2:48:09:6b:37:0f:1f:da:d5:21:2f:
46:2b:38:d8:8e:89:8e:ec:97:36:ad:25:7d:ad:6a:
7a:83:53:00:6e:e2:66:5c:5e:35:17:82:7d:65:82:
eb:12:7e:56:4f:07:2c:e7:22:93:6c:09:55:a5:82:
2e:a1:4b:32:8e:a6:96:37:f5:a1:9a:14:3c:ca:f8:
04:8b:89:20:00:6c:e2:78:c3:b6:25:b2:50:d6:89:
f4:00:84:5a:a1:a8:83:7c:f1:b4:f7:40:51:44:f1:
1e:42:48:26:f9:2d:d8:0b:ba:97:08:df:84:d4:20:
23:ef:6d:eb:9e:8b:e5:5d:7f:85:32:db:72:3a:0a:
28:f4:d8:d9:69:ea:75:8d:e9:cc:d9:6f:df:d4:fb:
51:1a:35:ac:d0:a7:bb:40:61:cc:48:05:13:fd:0a:
fa:4b:a1:dd:ed:ca:a4:49:2c:81:d8:44:cd:fd:cb:
8c:bc:dc:03:07:5a:15:60:6d:bb:52:df:60:e8:fa:
d7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:ED:32:B8:5F:9F:60:A2:13:8A:2F:A8:2E:9F:76:5E:B8:39:62:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/787a0cca-ea85-49b8-8c0b-bef4512620de.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:9000::/40
Signature Algorithm: sha256WithRSAEncryption
86:62:fb:72:69:33:7e:23:a2:96:58:30:94:62:b7:bc:02:7d:
7e:25:8b:49:ae:9c:da:ea:de:7a:30:2f:0b:95:6c:38:7f:57:
b2:00:2d:76:a5:7a:12:c0:f7:d2:f1:ed:4e:10:cd:92:7c:db:
3e:f2:0c:64:3a:e0:69:88:71:b3:70:d1:2f:bd:2d:80:44:ea:
89:29:f9:5a:ec:48:43:87:7e:25:8d:99:e2:0b:6c:14:91:7f:
5f:c9:b7:53:12:63:ed:fd:67:8e:a6:09:e4:ac:e2:ad:de:d4:
84:c1:42:ff:04:4e:d8:ef:a5:2b:77:93:94:87:74:a3:59:72:
f3:b8:64:7f:e6:d5:d4:41:8b:8c:c7:3c:a9:a6:72:2a:1e:1e:
4f:87:2e:cb:86:b2:20:dc:e4:1a:e5:32:98:50:24:da:62:54:
e8:2b:ed:71:6c:b7:a4:b9:67:21:45:6f:a7:7b:eb:f4:58:98:
87:ca:42:1e:c7:fd:4a:fc:8b:03:48:e3:48:6e:bc:7a:51:15:
04:42:d1:b0:0b:c1:60:ad:bf:96:5f:b3:eb:09:36:59:17:d0:
15:98:4a:50:17:aa:4f:b6:dd:f2:01:bb:43:20:14:77:c8:2c:
8b:4c:37:de:c8:a3:a2:c5:18:b4:3a:cd:43:01:a5:5b:f5:26:
a4:15:76:97
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW3rxoAXCklLuKgylgEzMOZsWlLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwMDNaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNWZmODdlNmYwNGY4MDQ5ZDliMWNjMWYyNjU4YjdjNDUzZDZkNzU0NTY4
NGE5ODI1M2E1M2EyMTg3ZjVmMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvdZfWLoxSHZozR802dTdDRAvhKMhoX32JvqfGAKEJ2lZN5/F8BSZdZx8e3
Pm1CGGRyc/QI4t8oZ9AhEYmqpKJICWs3Dx/a1SEvRis42I6JjuyXNq0lfa1qeoNT
AG7iZlxeNReCfWWC6xJ+Vk8HLOcik2wJVaWCLqFLMo6mljf1oZoUPMr4BIuJIABs
4njDtiWyUNaJ9ACEWqGog3zxtPdAUUTxHkJIJvkt2Au6lwjfhNQgI+9t656L5V1/
hTLbcjoKKPTY2WnqdY3pzNlv39T7URo1rNCnu0BhzEgFE/0K+kuh3e3KpEksgdhE
zf3LjLzcAwdaFWBtu1LfYOj61xcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR87TK4
X59gohOKL6gun3ZeuDliKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzg3YTBjY2EtZWE4NS00OWI4LThjMGItYmVmNDUxMjYyMGRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCGYvtyaTN+I6KWWDCUYre8An1+JYtJrpza6t56
MC8LlWw4f1eyAC12pXoSwPfS8e1OEM2SfNs+8gxkOuBpiHGzcNEvvS2AROqJKfla
7EhDh34ljZniC2wUkX9fybdTEmPt/WeOpgnkrOKt3tSEwUL/BE7Y76Urd5OUh3Sj
WXLzuGR/5tXUQYuMxzyppnIqHh5Phy7LhrIg3OQa5TKYUCTaYlToK+1xbLekuWch
RW+ne+v0WJiHykIex/1K/IsDSONIbrx6URUEQtGwC8Fgrb+WX7PrCTZZF9AVmEpQ
F6pPtt3yAbtDIBR3yCyLTDfeyKOixRi0Os1DAaVb9SakFXaX
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:14:31 2025 by rpki-client