Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acaa599d-041d-4181-81eb-d1fa213089e1.roa
File: acaa599d-041d-4181-81eb-d1fa213089e1.roa (raw, json)
Hash identifier: j0F8UShak4qPeca0yObqM/aHjHVGvQGgtT+tA5qeW6Y=
Subject key identifier: 80:0E:AB:97:C8:78:70:64:F9:DA:89:85:3C:94:EB:89:36:75:B1:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E05DD5E61DDE3350738FC81FF7779349EEEDC5E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acaa599d-041d-4181-81eb-d1fa213089e1.roa
Signing time: Fri 31 Oct 2025 00:30:12 +0000
ROA not before: Fri 31 Oct 2025 00:30:12 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:2080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:05:dd:5e:61:dd:e3:35:07:38:fc:81:ff:77:79:34:9e:ee:dc:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 00:30:12 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=413a4172b45e86433d6beaa35728a24d7edade9d7825b4dec639c28c35e5af9a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c5:c0:cf:f7:b0:83:11:9f:d9:df:9a:01:2b:
d9:35:d1:9e:99:09:67:f2:4b:f0:a5:94:87:35:d5:
5e:c8:92:c5:71:29:f2:c5:18:b3:ad:e3:87:6e:39:
20:4a:c2:f4:e6:f7:fd:1f:fc:ba:b2:b7:17:04:9d:
50:e1:a6:f5:9d:a1:89:2e:02:e3:c9:49:32:44:d5:
27:39:79:2f:ea:62:63:6a:95:0a:86:b3:f5:b9:f9:
65:4b:66:57:a3:6e:9c:f6:5f:cf:4c:2b:47:69:3c:
eb:eb:59:57:20:dc:38:56:47:b0:47:e8:62:25:31:
05:f3:bd:de:94:64:7c:0e:bb:d1:d9:2f:09:cb:ad:
7c:1b:78:7e:68:da:38:1b:77:54:04:86:97:2f:66:
ab:fb:18:ef:f8:87:89:cb:e2:e3:fd:11:83:e4:d6:
fc:cc:d3:6f:3f:ff:0b:94:57:23:4e:16:3e:0a:ad:
12:4c:c9:7d:24:5b:0f:84:89:98:c9:25:0f:68:64:
20:87:d5:7a:6f:a2:48:72:69:41:93:4f:aa:d8:d3:
01:3b:d7:c6:b9:68:6b:ee:d0:d5:f1:7e:56:fc:70:
9c:57:48:58:e6:f6:48:c8:8c:ac:68:3a:07:5f:a6:
74:fa:56:4d:9f:01:21:49:98:ff:28:fe:54:99:18:
c6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:0E:AB:97:C8:78:70:64:F9:DA:89:85:3C:94:EB:89:36:75:B1:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acaa599d-041d-4181-81eb-d1fa213089e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:2080::/46
Signature Algorithm: sha256WithRSAEncryption
9c:2e:8b:86:dc:9d:48:28:bd:f7:aa:bf:35:99:f4:9c:bf:18:
60:6d:e5:ce:5c:00:d0:c7:bb:2e:7e:ee:fa:91:82:86:22:e7:
92:fb:00:14:4f:f9:91:ba:f9:75:d8:93:32:85:4b:eb:5b:dc:
eb:b8:da:9a:66:3a:e8:5f:14:6d:3c:7b:c7:b1:53:62:f3:b2:
3e:2b:61:5d:bd:b9:a8:19:ad:44:05:4b:57:f7:67:90:b2:8c:
ee:07:33:f4:4c:ff:dc:06:9a:bc:fa:be:a0:a8:a0:00:cd:ae:
06:a2:1c:7f:16:dc:9a:6b:2b:35:35:b7:a9:d0:5f:bc:e3:b1:
36:15:9c:de:87:8e:4d:46:fd:9a:6a:a7:bd:b3:11:08:84:47:
d0:bd:82:94:9a:5f:b1:7c:73:f5:17:00:4f:31:5a:e0:9c:8b:
5f:12:9c:32:b2:db:33:c3:c2:cb:d6:19:f5:60:06:bd:16:70:
92:21:38:51:1a:bd:77:fa:22:e5:2e:d0:1c:1e:9b:a5:bc:76:
78:41:1d:62:10:37:5f:3d:c3:df:4e:6c:04:fb:e6:4f:ee:45:
8e:df:0a:5d:60:5d:f1:51:f5:0c:42:76:78:d3:c4:72:64:ed:
90:00:c8:66:02:0d:04:75:32:e9:0e:71:49:84:40:ad:78:44:
8b:42:97:7d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfgXdXmHd4zUHOPyB/3d5NJ7u3F4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMDMwMTJaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxM2E0MTcyYjQ1ZTg2NDMzZDZiZWFhMzU3MjhhMjRkN2VkYWRlOWQ3ODI1
YjRkZWM2MzljMjhjMzVlNWFmOWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzFwM/3sIMRn9nfmgEr2TXRnpkJZ/JL8KWUhzXVXsiSxXEp8sUYs63jh245
IErC9Ob3/R/8urK3FwSdUOGm9Z2hiS4C48lJMkTVJzl5L+piY2qVCoaz9bn5ZUtm
V6NunPZfz0wrR2k86+tZVyDcOFZHsEfoYiUxBfO93pRkfA670dkvCcutfBt4fmja
OBt3VASGly9mq/sY7/iHicvi4/0Rg+TW/MzTbz//C5RXI04WPgqtEkzJfSRbD4SJ
mMklD2hkIIfVem+iSHJpQZNPqtjTATvXxrloa+7Q1fF+VvxwnFdIWOb2SMiMrGg6
B1+mdPpWTZ8BIUmY/yj+VJkYxpUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSADquX
yHhwZPnaiYU8lOuJNnWx9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWNhYTU5OWQtMDQxZC00MTgxLTgxZWItZDFmYTIxMzA4OWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg
gDANBgkqhkiG9w0BAQsFAAOCAQEAnC6LhtydSCi996q/NZn0nL8YYG3lzlwA0Me7
Ln7u+pGChiLnkvsAFE/5kbr5ddiTMoVL61vc67jammY66F8UbTx7x7FTYvOyPith
Xb25qBmtRAVLV/dnkLKM7gcz9Ez/3AaavPq+oKigAM2uBqIcfxbcmmsrNTW3qdBf
vOOxNhWc3oeOTUb9mmqnvbMRCIRH0L2ClJpfsXxz9RcATzFa4JyLXxKcMrLbM8PC
y9YZ9WAGvRZwkiE4URq9d/oi5S7QHB6bpbx2eEEdYhA3Xz3D305sBPvmT+5Fjt8K
XWBd8VH1DEJ2eNPEcmTtkADIZgINBHUy6Q5xSYRArXhEi0KXfQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:14:34 2025 by rpki-client