Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
File: d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa (raw, json)
Hash identifier: s7fsMZIfVS3LkijNI2H6R9HTdD6mmhK6wDFRSYNZn04=
Subject key identifier: 8C:D7:16:51:62:72:35:FA:F3:D0:A7:B1:3D:59:36:8D:33:DF:71:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 744B1D319761633518A8A9BF9CEB89CB666FA94D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
Signing time: Fri 31 Oct 2025 01:40:19 +0000
ROA not before: Fri 31 Oct 2025 01:40:19 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:4b:1d:31:97:61:63:35:18:a8:a9:bf:9c:eb:89:cb:66:6f:a9:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 01:40:19 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=2204b4d919c40e31cb8cf77641de3da48427cb650e63766858c9e12cbbd75ca9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:97:0e:c1:5b:b4:2c:28:ee:62:03:7c:82:e7:
ea:1c:05:d6:73:ac:e5:54:54:a7:7b:f1:c6:b0:cd:
c3:6d:d4:5b:ae:1a:5e:7d:ed:e4:8b:82:66:78:66:
be:6e:a7:82:9c:56:98:29:7b:b1:3e:07:6a:7f:c8:
1a:83:b8:59:0b:01:b4:34:1c:d2:fd:72:ec:5f:5d:
00:81:96:e5:e2:53:d4:83:f1:3a:88:f2:8d:2f:9b:
59:4f:4e:ac:05:c7:fd:04:a4:58:58:f0:72:79:5f:
1a:0a:23:89:92:52:f1:a2:34:da:8d:6a:e1:02:74:
ed:ad:3a:ec:f4:e1:4e:66:bc:e0:f6:17:c5:25:7c:
a9:b1:97:b6:f1:c8:f1:c0:29:ab:77:4e:db:21:dd:
41:bf:1d:c2:e3:c4:a1:7d:8e:4e:ee:85:7b:03:17:
2d:25:25:cc:da:6a:28:85:21:e0:0a:05:e7:08:b6:
41:d4:79:35:15:e5:b2:9b:ec:ad:ac:ca:21:bb:f4:
70:68:09:be:7f:c6:bf:e0:b8:67:4f:7b:4a:71:bf:
5e:13:00:bb:58:13:7d:2c:89:70:17:a1:9c:3a:62:
ff:e4:4d:84:2d:91:f2:52:55:04:be:bf:72:7a:eb:
8f:a5:60:9b:70:96:40:32:10:09:3b:2c:2a:b7:9b:
3b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:D7:16:51:62:72:35:FA:F3:D0:A7:B1:3D:59:36:8D:33:DF:71:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c040::/46
Signature Algorithm: sha256WithRSAEncryption
45:2c:0e:b2:5a:66:dd:2b:05:46:23:2e:3d:8e:3e:bb:0d:bf:
96:cc:27:7f:c2:98:b8:c0:07:f1:35:22:c0:ac:b2:2c:1a:36:
3b:df:2b:f9:1f:34:20:41:f1:16:db:cb:08:9f:e7:fa:60:13:
10:20:5a:3f:3d:ec:e1:80:51:74:ef:da:bd:8d:99:fe:db:7d:
fa:7a:73:cc:a0:98:9c:1c:3f:68:0a:dc:9b:8f:a5:95:24:2b:
fe:d7:d1:25:1c:1e:de:97:fa:da:6f:dc:08:7e:bb:33:8c:c8:
42:0c:68:e7:25:c4:85:4c:f2:33:14:9a:3c:f1:89:fd:17:2c:
52:d9:c9:ec:d4:b3:d9:7e:9c:c8:4d:88:b3:75:c4:6c:d7:09:
ad:0f:e7:0f:4e:29:ba:11:c5:45:c1:47:e7:ce:9d:a9:8f:a9:
6f:69:a2:a0:49:cd:04:56:23:96:b8:38:3e:1a:b6:1e:91:2d:
67:a5:fc:9c:fa:27:0f:88:30:e6:b8:3a:f2:2a:b6:42:d1:12:
67:dd:39:85:fb:23:74:9d:66:4b:db:21:bc:f9:33:58:db:3e:
41:b7:af:a9:90:e8:f3:89:29:20:6f:97:4c:79:db:95:1b:9d:
c9:0d:41:b7:03:c0:0e:fe:48:94:f5:d7:47:af:13:39:c1:4e:
f6:69:a3:04
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdEsdMZdhYzUYqKm/nOuJy2ZvqU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMTQwMTlaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyMDRiNGQ5MTljNDBlMzFjYjhjZjc3NjQxZGUzZGE0ODQyN2NiNjUwZTYz
NzY2ODU4YzllMTJjYmJkNzVjYTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaXDsFbtCwo7mIDfILn6hwF1nOs5VRUp3vxxrDNw23UW64aXn3t5IuCZnhm
vm6ngpxWmCl7sT4Han/IGoO4WQsBtDQc0v1y7F9dAIGW5eJT1IPxOojyjS+bWU9O
rAXH/QSkWFjwcnlfGgojiZJS8aI02o1q4QJ07a067PThTma84PYXxSV8qbGXtvHI
8cApq3dO2yHdQb8dwuPEoX2OTu6FewMXLSUlzNpqKIUh4AoF5wi2QdR5NRXlspvs
razKIbv0cGgJvn/Gv+C4Z097SnG/XhMAu1gTfSyJcBehnDpi/+RNhC2R8lJVBL6/
cnrrj6Vgm3CWQDIQCTssKrebO1ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSM1xZR
YnI1+vPQp7E9WTaNM99xcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDFjMDFjOTItNGEyZS00MGM4LTliNzItZTY1M2FjOTg5NmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPA
QDANBgkqhkiG9w0BAQsFAAOCAQEARSwOslpm3SsFRiMuPY4+uw2/lswnf8KYuMAH
8TUiwKyyLBo2O98r+R80IEHxFtvLCJ/n+mATECBaPz3s4YBRdO/avY2Z/tt9+npz
zKCYnBw/aArcm4+llSQr/tfRJRwe3pf62m/cCH67M4zIQgxo5yXEhUzyMxSaPPGJ
/RcsUtnJ7NSz2X6cyE2Is3XEbNcJrQ/nD04puhHFRcFH586dqY+pb2mioEnNBFYj
lrg4Phq2HpEtZ6X8nPonD4gw5rg68iq2QtESZ905hfsjdJ1mS9shvPkzWNs+Qbev
qZDo84kpIG+XTHnblRudyQ1BtwPADv5IlPXXR68TOcFO9mmjBA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:54 2025 by rpki-client