Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
File: c65e11fa-ec6d-4214-88c5-464a024d8957.roa (raw, json)
Hash identifier: 22Vk6rCy3aZ9e+lKB5cQbfOcsQ+98t4kLIRy7x6NJb4=
Subject key identifier: 75:55:E7:BB:2B:CD:81:CB:75:84:0B:DD:5B:EA:E5:0E:49:C6:B5:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 738AE3CD2CE94ACB3219488620031F3AC6736292
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
Signing time: Fri 31 Oct 2025 01:20:04 +0000
ROA not before: Fri 31 Oct 2025 01:20:04 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:8a:e3:cd:2c:e9:4a:cb:32:19:48:86:20:03:1f:3a:c6:73:62:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 01:20:04 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=f76260b128d3dd87a5cf648bdb3715e7db69018c73f34fd5bc1cac0d07263242, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b9:ee:78:cc:b4:05:b5:a6:fa:62:a5:b4:d3:
b7:6d:b2:e0:14:ce:7f:49:13:08:67:32:12:d7:8c:
38:c4:34:bf:9f:83:02:8b:6a:3f:29:6a:bb:a2:86:
ac:71:ae:4d:20:0d:09:00:d5:1b:ef:39:41:70:1d:
bb:c7:d2:4f:c7:4d:63:ed:68:bf:de:31:68:5a:38:
e9:ca:ba:6a:9b:40:e8:06:03:00:8a:ea:8a:10:16:
79:d9:ec:bb:37:8b:b4:5b:1e:80:70:ac:61:fc:56:
7c:bc:5d:25:24:b3:44:fc:82:d1:55:38:c1:4f:d3:
fa:a1:50:1a:59:90:51:27:7e:f5:68:52:82:51:cb:
9f:51:d6:69:33:46:39:61:f3:86:a0:69:68:56:a4:
d0:3d:42:7f:c7:ab:20:cd:5b:d0:e1:03:64:f7:5d:
33:18:22:b5:04:81:d9:76:b9:c0:6a:b2:e0:a1:e7:
8e:e0:a5:57:4f:ab:fc:ff:b9:10:56:7b:91:6e:d6:
3d:0d:a3:ca:fb:e9:52:fd:89:b3:76:1b:0a:fd:1c:
17:64:6a:f0:23:d6:4b:75:94:e6:d3:17:65:c4:1f:
fc:65:f8:36:bf:08:a9:bd:db:a4:96:e3:7a:ea:2c:
ef:dc:9f:69:7e:48:6b:4d:a1:30:aa:bc:bf:b5:91:
f3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:55:E7:BB:2B:CD:81:CB:75:84:0B:DD:5B:EA:E5:0E:49:C6:B5:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4000::/40
Signature Algorithm: sha256WithRSAEncryption
94:d7:a7:73:a4:0e:6b:47:00:43:d5:39:a0:63:c4:13:a5:cd:
55:c2:be:18:80:b9:51:fc:87:11:83:1a:87:25:52:93:d8:83:
8f:f4:81:93:e8:60:a7:ef:3a:cd:0a:03:8a:b9:0e:31:b1:a8:
25:ef:60:ca:97:1a:6f:1a:68:e1:0c:ba:31:6a:9e:2c:67:b9:
ea:fa:19:d3:78:4d:fd:91:1e:95:6f:cd:38:32:08:7f:b2:31:
cd:37:09:2f:0f:60:96:6d:6b:29:cb:1d:29:6a:57:fb:7e:36:
d4:60:ef:3a:52:ac:0e:78:21:87:8c:91:a7:02:85:20:4e:3d:
01:d8:5f:8b:1e:6c:0d:01:26:ca:8e:01:ae:6d:6a:a1:3c:37:
c5:07:58:3f:b6:ea:2f:19:b2:0c:6d:29:f5:93:af:7d:65:b8:
04:9d:1e:ed:59:00:66:9d:79:99:ae:be:c3:ed:c5:b1:f8:a8:
50:5a:64:1a:3b:db:23:83:6a:1e:39:28:fc:31:3d:00:7c:ff:
a9:41:5a:95:63:e3:41:7d:d8:2c:ab:bc:a6:24:00:fa:3d:dd:
f3:04:ed:8e:26:dc:7b:bb:d0:62:c9:ae:65:4d:ad:ae:ea:48:
dd:cb:a8:3f:ad:d7:c4:de:a8:f6:b5:9f:28:ed:1f:29:2b:33:
4a:43:f9:37
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc4rjzSzpSssyGUiGIAMfOsZzYpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMTIwMDRaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3NjI2MGIxMjhkM2RkODdhNWNmNjQ4YmRiMzcxNWU3ZGI2OTAxOGM3M2Yz
NGZkNWJjMWNhYzBkMDcyNjMyNDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJG57njMtAW1pvpipbTTt22y4BTOf0kTCGcyEteMOMQ0v5+DAotqPylqu6KG
rHGuTSANCQDVG+85QXAdu8fST8dNY+1ov94xaFo46cq6aptA6AYDAIrqihAWedns
uzeLtFsegHCsYfxWfLxdJSSzRPyC0VU4wU/T+qFQGlmQUSd+9WhSglHLn1HWaTNG
OWHzhqBpaFak0D1Cf8erIM1b0OEDZPddMxgitQSB2Xa5wGqy4KHnjuClV0+r/P+5
EFZ7kW7WPQ2jyvvpUv2Js3YbCv0cF2Rq8CPWS3WU5tMXZcQf/GX4Nr8Iqb3bpJbj
euos79yfaX5Ia02hMKq8v7WR8x0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR1Vee7
K82By3WEC91b6uUOSca1ATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzY1ZTExZmEtZWM2ZC00MjE0LTg4YzUtNDY0YTAyNGQ4OTU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFA
MA0GCSqGSIb3DQEBCwUAA4IBAQCU16dzpA5rRwBD1TmgY8QTpc1Vwr4YgLlR/IcR
gxqHJVKT2IOP9IGT6GCn7zrNCgOKuQ4xsagl72DKlxpvGmjhDLoxap4sZ7nq+hnT
eE39kR6Vb804Mgh/sjHNNwkvD2CWbWspyx0palf7fjbUYO86UqwOeCGHjJGnAoUg
Tj0B2F+LHmwNASbKjgGubWqhPDfFB1g/tuovGbIMbSn1k699ZbgEnR7tWQBmnXmZ
rr7D7cWx+KhQWmQaO9sjg2oeOSj8MT0AfP+pQVqVY+NBfdgsq7ymJAD6Pd3zBO2O
Jtx7u9Biya5lTa2u6kjdy6g/rdfE3qj2tZ8o7R8pKzNKQ/k3
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:32:49 2025 by rpki-client