Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
File: 97700b94-3ec6-472c-97f5-b54fb1f56f76.roa (raw, json)
Hash identifier: Vek26q/LNUnvAZW7m3XF79UOS5HHemJFGqIUcK+sbtg=
Subject key identifier: E5:72:DB:1F:E2:94:02:CC:2A:59:01:F1:3D:C7:23:EA:55:5B:A0:05
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F5F6D27A5A0B899EF48A63960DDE9A5BB3B4ACD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
Signing time: Fri 31 Oct 2025 01:40:17 +0000
ROA not before: Fri 31 Oct 2025 01:40:17 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:2040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:5f:6d:27:a5:a0:b8:99:ef:48:a6:39:60:dd:e9:a5:bb:3b:4a:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 01:40:17 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=09d95441820fc795cd3816858e2047d7253ebc0d500265d5ea2b0e5d63b115fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3e:28:d7:1c:62:c9:30:d7:ef:68:06:f3:f3:
13:97:c6:99:e9:9a:07:a2:28:d4:04:1b:20:27:02:
7a:fd:9c:1c:b8:cc:d1:95:10:30:f6:a7:c7:ca:b4:
d5:ff:b3:61:0f:20:9e:c2:f6:e6:ec:08:a4:59:d9:
84:fc:74:b2:1e:5b:cd:99:60:1f:b9:49:8e:97:18:
72:97:65:5a:72:1e:d0:2d:39:49:b4:57:8e:3f:1d:
77:6c:c1:70:4c:10:92:28:20:c7:91:fc:26:46:44:
c7:a1:57:b5:4e:b8:b3:12:d1:52:c4:02:93:ae:01:
a6:e2:d3:c2:5d:b4:93:70:d7:47:09:15:db:e4:ce:
b5:c7:ec:be:5e:23:d1:85:cf:ad:4b:a9:2a:e7:be:
46:17:76:e7:ef:84:26:36:a7:9e:52:7a:57:db:ad:
53:86:be:1d:91:2c:a3:a3:03:00:56:a2:84:3b:3d:
e2:ad:9e:cd:f3:99:09:d4:a8:21:dd:69:b3:f1:0d:
5b:e0:3c:0d:b9:c6:94:41:fd:da:91:b0:6c:b3:2c:
63:50:20:7d:8c:c2:29:d2:13:dd:e9:d4:14:93:0b:
17:97:a4:9b:8e:09:91:b1:65:6e:60:b9:2c:7a:76:
df:8e:ec:d7:46:10:1e:57:ef:62:70:c2:f5:b5:7c:
2c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:72:DB:1F:E2:94:02:CC:2A:59:01:F1:3D:C7:23:EA:55:5B:A0:05
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:2040::/46
Signature Algorithm: sha256WithRSAEncryption
89:28:62:53:c4:55:c8:4c:b4:a8:f0:06:a8:ff:1c:88:bc:00:
6b:af:62:1a:dc:49:11:fe:32:e8:3a:5d:d0:f6:75:bf:aa:2f:
9b:3a:3a:5d:0e:6a:d4:b5:0f:92:18:3f:d9:ae:81:d8:76:1e:
d6:bd:50:ec:cf:41:f8:68:07:cf:48:1c:3a:34:d5:74:34:4d:
28:f4:e1:e4:81:8f:a4:4d:53:df:46:6c:b2:1c:10:7d:22:49:
43:9b:f7:45:b7:33:ae:ea:72:b1:69:b6:b9:99:54:45:a3:db:
16:3b:e9:c2:0c:ac:35:68:05:68:31:cb:6d:dc:5b:a2:82:b7:
78:05:55:ca:e1:c5:27:ed:9f:5d:e7:86:2e:b2:c4:36:aa:bc:
8f:28:29:1d:52:aa:b8:b7:6a:96:87:75:7e:29:2a:95:57:ab:
1a:07:61:f3:c3:4e:3c:88:d3:e2:7f:3c:e8:e3:c8:ee:24:ed:
e6:5d:b8:28:21:f9:be:8b:8b:20:18:dc:34:e8:0f:ad:27:0b:
97:b7:c6:16:4e:bb:6a:64:7b:c4:26:70:09:0d:d4:c1:c3:c1:
b8:05:5f:d0:49:c0:cf:ad:61:71:f3:24:f4:97:ff:bd:37:49:
96:b6:fd:d8:3c:68:be:86:3f:7b:73:12:9c:2e:0b:47:99:7d:
22:83:9e:01
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP19tJ6WguJnvSKY5YN3ppbs7Ss0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMTQwMTdaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5ZDk1NDQxODIwZmM3OTVjZDM4MTY4NThlMjA0N2Q3MjUzZWJjMGQ1MDAy
NjVkNWVhMmIwZTVkNjNiMTE1ZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQ+KNccYskw1+9oBvPzE5fGmemaB6Io1AQbICcCev2cHLjM0ZUQMPanx8q0
1f+zYQ8gnsL25uwIpFnZhPx0sh5bzZlgH7lJjpcYcpdlWnIe0C05SbRXjj8dd2zB
cEwQkiggx5H8JkZEx6FXtU64sxLRUsQCk64BpuLTwl20k3DXRwkV2+TOtcfsvl4j
0YXPrUupKue+Rhd25++EJjannlJ6V9utU4a+HZEso6MDAFaihDs94q2ezfOZCdSo
Id1ps/ENW+A8DbnGlEH92pGwbLMsY1AgfYzCKdIT3enUFJMLF5ekm44JkbFlbmC5
LHp2347s10YQHlfvYnDC9bV8LJkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTlctsf
4pQCzCpZAfE9xyPqVVugBTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc3MDBiOTQtM2VjNi00NzJjLTk3ZjUtYjU0ZmIxZjU2Zjc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg
QDANBgkqhkiG9w0BAQsFAAOCAQEAiShiU8RVyEy0qPAGqP8ciLwAa69iGtxJEf4y
6Dpd0PZ1v6ovmzo6XQ5q1LUPkhg/2a6B2HYe1r1Q7M9B+GgHz0gcOjTVdDRNKPTh
5IGPpE1T30ZsshwQfSJJQ5v3RbczrupysWm2uZlURaPbFjvpwgysNWgFaDHLbdxb
ooK3eAVVyuHFJ+2fXeeGLrLENqq8jygpHVKquLdqlod1fikqlVerGgdh88NOPIjT
4n886OPI7iTt5l24KCH5vouLIBjcNOgPrScLl7fGFk67amR7xCZwCQ3UwcPBuAVf
0EnAz61hcfMk9Jf/vTdJlrb92DxovoY/e3MSnC4LR5l9IoOeAQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:29:45 2025 by rpki-client