Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d1726e5-e9c4-4d05-af09-dd32f2219cc8.roa
File: 7d1726e5-e9c4-4d05-af09-dd32f2219cc8.roa (raw, json)
Hash identifier: 7uybXzeYiduylqw8LKfRnEZcVQ6+iJPclxLjp5NG4XI=
Subject key identifier: 33:E5:45:AE:AB:69:28:7E:2A:C7:1E:DF:03:5D:51:8C:D2:E4:79:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68A3B4966454A8ABE9D517AF4359FC76A612538C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d1726e5-e9c4-4d05-af09-dd32f2219cc8.roa
Signing time: Wed 29 Oct 2025 07:36:45 +0000
ROA not before: Wed 29 Oct 2025 07:36:45 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:a3:b4:96:64:54:a8:ab:e9:d5:17:af:43:59:fc:76:a6:12:53:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:45 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=c382e0ec316c1c834bca497cefad26f995cc2c64733606a2880fccbac63eda45, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:03:0f:be:3e:22:34:85:90:d5:b7:b3:19:cc:
0a:bc:47:a3:5f:56:0b:a1:b3:3e:cb:5a:d9:ce:5a:
79:76:66:3d:76:6c:c7:8c:35:af:1c:b6:2a:fa:76:
65:7e:68:e5:9f:eb:cc:f7:c0:ee:fa:0b:2f:06:6a:
7a:d8:90:fa:ba:ca:82:4f:69:a2:38:fc:64:e8:be:
74:9d:2d:25:a0:22:3d:b3:89:3e:86:d7:39:e3:82:
a9:f1:43:87:25:df:a2:03:aa:5e:a5:96:f6:72:3c:
88:52:99:51:87:37:0b:f9:62:eb:98:86:5a:87:8a:
ce:cc:11:f5:82:15:70:98:f6:ee:47:60:99:ac:a2:
61:73:ce:1b:ed:7e:7c:bc:3c:02:e2:63:62:47:bb:
d9:ab:d7:21:78:91:0e:ba:d9:6e:2a:d6:18:3d:37:
f8:9a:fa:3f:8c:15:b0:eb:fe:85:55:04:55:10:3d:
61:20:8e:03:cf:8e:c2:d8:57:1e:5a:83:0a:49:aa:
1c:23:cd:cc:9a:bd:7e:43:92:95:1e:c2:e6:81:32:
0a:3b:0e:6b:cb:62:ef:f8:fb:e2:52:46:31:25:fe:
b6:b7:33:fd:62:56:df:b2:ca:da:f9:dd:78:75:cf:
0c:e6:1a:2d:81:73:16:02:99:36:c3:e3:dc:ed:2e:
10:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E5:45:AE:AB:69:28:7E:2A:C7:1E:DF:03:5D:51:8C:D2:E4:79:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d1726e5-e9c4-4d05-af09-dd32f2219cc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:e080::/48
Signature Algorithm: sha256WithRSAEncryption
0b:2b:16:0a:69:6f:54:e7:ef:bf:fb:64:14:aa:c7:fc:05:9e:
a3:2c:21:f5:30:02:89:ba:ae:d2:73:60:f3:cb:c9:9c:f8:d0:
25:b8:07:ee:57:49:a9:e5:08:53:5e:1d:e8:8b:ac:9c:a0:88:
bb:0d:eb:ad:c7:fa:8d:53:dc:9a:f3:dc:3f:b6:e6:bd:be:75:
ec:03:6d:16:05:87:82:28:c5:c2:ed:53:df:a9:c8:34:5a:0b:
6a:4e:21:3f:f6:d5:9b:89:b0:57:58:83:80:91:22:7e:71:fc:
8b:aa:3e:e3:65:2a:c4:df:85:c7:87:93:b5:85:da:2d:af:f7:
e7:57:bf:00:fc:93:f3:47:33:52:17:e1:54:d9:f1:a4:3b:b9:
c1:a2:76:76:c5:11:a2:d0:03:96:30:da:5c:04:33:dd:2f:c0:
15:bc:01:0a:97:f2:86:77:86:1d:6b:93:2c:b5:92:b7:17:ca:
f0:ba:0a:52:cb:f6:c5:0b:0c:8e:fc:f5:9b:cf:f2:bb:8e:8f:
60:1f:d5:07:13:5d:19:18:bc:9f:8f:57:42:ad:47:c1:f0:7d:
0d:ad:0c:0b:33:78:ec:84:0c:4e:9a:f0:5a:1b:24:66:f6:66:
bf:e8:b2:1b:bf:8a:99:8f:48:27:84:29:3e:fe:1b:8b:f5:9a:
e0:b9:09:26
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaKO0lmRUqKvp1RevQ1n8dqYSU4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NDVaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzODJlMGVjMzE2YzFjODM0YmNhNDk3Y2VmYWQyNmY5OTVjYzJjNjQ3MzM2
MDZhMjg4MGZjY2JhYzYzZWRhNDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQDD74+IjSFkNW3sxnMCrxHo19WC6GzPsta2c5aeXZmPXZsx4w1rxy2Kvp2
ZX5o5Z/rzPfA7voLLwZqetiQ+rrKgk9pojj8ZOi+dJ0tJaAiPbOJPobXOeOCqfFD
hyXfogOqXqWW9nI8iFKZUYc3C/li65iGWoeKzswR9YIVcJj27kdgmayiYXPOG+1+
fLw8AuJjYke72avXIXiRDrrZbirWGD03+Jr6P4wVsOv+hVUEVRA9YSCOA8+OwthX
HlqDCkmqHCPNzJq9fkOSlR7C5oEyCjsOa8ti7/j74lJGMSX+trcz/WJW37LK2vnd
eHXPDOYaLYFzFgKZNsPj3O0uEG0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQz5UWu
q2kofirHHt8DXVGM0uR5/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2QxNzI2ZTUtZTljNC00ZDA1LWFmMDktZGQzMmYyMjE5Y2M4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Grg
gDANBgkqhkiG9w0BAQsFAAOCAQEACysWCmlvVOfvv/tkFKrH/AWeoywh9TACibqu
0nNg88vJnPjQJbgH7ldJqeUIU14d6IusnKCIuw3rrcf6jVPcmvPcP7bmvb517ANt
FgWHgijFwu1T36nINFoLak4hP/bVm4mwV1iDgJEifnH8i6o+42UqxN+Fx4eTtYXa
La/351e/APyT80czUhfhVNnxpDu5waJ2dsURotADljDaXAQz3S/AFbwBCpfyhneG
HWuTLLWStxfK8LoKUsv2xQsMjvz1m8/yu46PYB/VBxNdGRi8n49XQq1HwfB9Da0M
CzN47IQMTprwWhskZvZmv+iyG7+KmY9IJ4QpPv4bi/Wa4LkJJg==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:50 2025 by rpki-client