Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa
File: 7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa (raw, json)
Hash identifier: L3R0p/RA7aHtJykr5GUj6M/8KgjEa4EcCiJ4Dh0QBFw=
Subject key identifier: 2D:FA:C7:4D:73:E6:60:AF:7E:FF:E5:DF:92:82:5F:2F:5D:5C:97:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6336FC1E8293A1CC2537B71A7BCD880C1957592C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa
Signing time: Sun 02 Nov 2025 00:10:09 +0000
ROA not before: Sun 02 Nov 2025 00:10:09 +0000
ROA not after: Sun 07 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:36:fc:1e:82:93:a1:cc:25:37:b7:1a:7b:cd:88:0c:19:57:59:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 2 00:10:09 2025 GMT
Not After : Dec 7 23:59:59 2025 GMT
Subject: serialNumber=f29d51b7f9b8df94f1dba4d98ed7ff4739cfef56851e92ec7aa3cb4989a869fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:83:01:9f:a0:65:3b:d8:70:96:36:07:4d:aa:
e1:c8:5e:32:95:82:cc:c1:b2:5f:63:14:3d:1b:5b:
bf:ec:eb:a7:7d:6d:4d:9c:4a:21:0b:ad:ab:c9:95:
9a:ea:d5:95:b2:df:52:d2:f3:65:ac:3e:e6:55:5f:
fc:12:5f:cd:a7:40:9e:dc:ac:ba:f0:7e:a1:62:42:
94:68:e2:d4:d3:ad:a1:bb:8c:a4:c8:45:05:e5:f6:
ee:a6:5a:c8:c0:48:ee:16:d9:a4:29:e0:0a:30:14:
e9:a4:fa:0d:db:7e:a9:f3:45:3a:ad:8f:7d:29:cd:
9a:6c:af:06:20:64:c1:4a:d5:a1:82:a7:44:c8:6c:
2c:46:51:0d:c2:41:39:bd:44:b6:16:67:a4:73:1f:
ab:82:5f:d9:83:cb:0b:58:8c:9c:2d:1b:9b:a5:89:
7c:18:c8:72:a4:af:49:72:f7:a4:9b:4b:0b:96:5b:
68:c9:b1:84:47:db:87:21:b8:4c:e0:a1:32:54:f8:
48:91:d4:c6:60:6f:be:b1:88:2b:46:d6:60:d8:33:
b3:cb:e4:cd:77:8c:59:ed:71:ec:e3:08:c3:7d:16:
1f:d6:24:77:09:ff:fa:32:b3:9e:08:77:0b:83:e1:
04:a8:66:49:f4:92:62:43:a3:e6:1c:15:f9:c9:06:
ce:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FA:C7:4D:73:E6:60:AF:7E:FF:E5:DF:92:82:5F:2F:5D:5C:97:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/42
Signature Algorithm: sha256WithRSAEncryption
85:71:ba:f6:ce:0f:02:27:89:8a:75:90:e3:2e:6d:7b:a7:e7:
ff:97:0d:58:c1:85:33:d7:51:8f:c7:3e:aa:4d:bf:29:30:ec:
77:0d:a2:3f:bc:e6:fb:3c:06:85:15:d2:86:35:69:3c:0b:05:
b2:2f:1f:1c:b8:a4:21:31:09:67:77:00:09:f9:5e:61:5c:fd:
3b:01:d4:4c:4d:03:ea:eb:4e:a4:b5:42:5b:7c:f6:64:a3:e1:
f6:1f:f0:9c:bd:1f:91:9d:3a:d2:78:c4:28:fd:3a:b2:72:73:
70:57:ae:f6:61:db:02:b5:46:71:13:0a:68:e7:7f:34:bd:99:
eb:70:9a:45:c7:ef:bb:06:21:2b:54:15:67:ed:64:5e:2d:8c:
c8:a2:04:21:0f:af:85:0d:48:71:bd:9a:82:66:b5:fe:68:28:
f3:3f:e9:8a:c3:2e:fa:03:c0:49:7c:79:5a:89:7d:8f:e9:41:
ec:6c:6c:c7:56:7a:58:99:d0:40:11:fd:d7:80:2c:08:e2:da:
2a:0e:27:20:1d:4a:f3:04:b2:57:e9:76:15:48:d0:b6:49:ff:
ef:25:f3:93:50:73:25:0a:3b:c2:db:eb:79:fe:41:c0:7b:4f:
3d:0e:e7:f4:95:1c:12:45:75:32:8b:b0:07:d6:69:93:b3:15:
a9:04:88:45
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYzb8HoKTocwlN7cae82IDBlXWSwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDIwMDEwMDlaFw0yNTEyMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyOWQ1MWI3ZjliOGRmOTRmMWRiYTRkOThlZDdmZjQ3MzljZmVmNTY4NTFl
OTJlYzdhYTNjYjQ5ODlhODY5ZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2DAZ+gZTvYcJY2B02q4cheMpWCzMGyX2MUPRtbv+zrp31tTZxKIQutq8mV
murVlbLfUtLzZaw+5lVf/BJfzadAntysuvB+oWJClGji1NOtobuMpMhFBeX27qZa
yMBI7hbZpCngCjAU6aT6Ddt+qfNFOq2PfSnNmmyvBiBkwUrVoYKnRMhsLEZRDcJB
Ob1EthZnpHMfq4Jf2YPLC1iMnC0bm6WJfBjIcqSvSXL3pJtLC5ZbaMmxhEfbhyG4
TOChMlT4SJHUxmBvvrGIK0bWYNgzs8vkzXeMWe1x7OMIw30WH9Ykdwn/+jKzngh3
C4PhBKhmSfSSYkOj5hwV+ckGzscCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQt+sdN
c+Zgr37/5d+Sgl8vXVyX+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2YzNDUyY2MtYTJmYi00NWNhLTk2MTctOGRiNDViZDNjNTQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBioF0BsA
ADANBgkqhkiG9w0BAQsFAAOCAQEAhXG69s4PAieJinWQ4y5te6fn/5cNWMGFM9dR
j8c+qk2/KTDsdw2iP7zm+zwGhRXShjVpPAsFsi8fHLikITEJZ3cACfleYVz9OwHU
TE0D6utOpLVCW3z2ZKPh9h/wnL0fkZ060njEKP06snJzcFeu9mHbArVGcRMKaOd/
NL2Z63CaRcfvuwYhK1QVZ+1kXi2MyKIEIQ+vhQ1Icb2agma1/mgo8z/pisMu+gPA
SXx5Wol9j+lB7Gxsx1Z6WJnQQBH914AsCOLaKg4nIB1K8wSyV+l2FUjQtkn/7yXz
k1BzJQo7wtvref5BwHtPPQ7n9JUcEkV1MouwB9Zpk7MVqQSIRQ==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:45 2025 by rpki-client