Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e13f54c5-7648-40e1-af1b-03435f49f445.roa
File: e13f54c5-7648-40e1-af1b-03435f49f445.roa (raw, json)
Hash identifier: 7XrWxIF1QVUmx631DWGRLA6EPYfAjM1ZpoSfmTf/6tc=
Subject key identifier: 24:34:AD:4B:AC:EC:D9:9B:48:05:49:F6:59:C2:4A:EB:84:2A:17:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7657D9C08B8D6427757D427C3A7EEBC135B321C3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e13f54c5-7648-40e1-af1b-03435f49f445.roa
Signing time: Wed 29 Oct 2025 07:36:47 +0000
ROA not before: Wed 29 Oct 2025 07:36:47 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:57:d9:c0:8b:8d:64:27:75:7d:42:7c:3a:7e:eb:c1:35:b3:21:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:47 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=8cbb30c86f210d579f0c39928d42d7cdd8a792edd78b663fac26e0a9eace0794, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:57:3b:77:f4:4d:58:55:88:9d:1a:a4:01:65:
06:cb:f6:71:b7:31:eb:93:c8:c9:eb:e2:82:0e:53:
ec:84:9d:6a:1b:3f:ce:86:ca:12:8c:e2:8f:76:82:
a5:55:7a:b8:3e:a1:2b:dd:94:77:1b:87:e2:ab:a2:
61:ab:f5:8d:03:9c:1c:8a:c7:e3:8e:4f:67:6c:a8:
49:0f:71:74:67:c5:26:15:72:42:16:d8:18:5a:f6:
e7:b3:af:68:6c:1e:b1:21:34:3e:a1:b8:03:aa:ca:
4c:4c:05:a1:8e:bb:62:c8:2a:1c:75:5d:cb:96:94:
d6:ae:e0:50:01:05:17:20:f8:95:bd:0e:62:5b:3c:
1a:c0:ea:04:3f:2f:08:a0:ac:ab:6a:7b:71:27:3e:
25:97:19:4e:78:48:53:dd:05:4a:16:a6:0b:88:a1:
b7:d6:11:af:cb:52:e5:0a:a6:5a:45:cc:0f:89:f3:
91:ba:ab:e7:f6:e5:78:21:75:7e:8b:37:7b:ac:f5:
cd:58:57:82:f2:d0:75:31:f8:31:8c:e0:8d:12:96:
cb:33:0d:28:b1:33:f6:25:28:05:6c:a7:8f:44:1b:
e3:0f:83:2b:fe:d8:79:5b:93:bf:9f:4a:24:55:65:
11:e3:6b:fd:a8:33:70:f1:d6:51:e2:f9:ec:c3:ce:
8e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:34:AD:4B:AC:EC:D9:9B:48:05:49:F6:59:C2:4A:EB:84:2A:17:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e13f54c5-7648-40e1-af1b-03435f49f445.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:1000::/40
Signature Algorithm: sha256WithRSAEncryption
54:df:b3:fc:94:1e:24:d5:8b:a2:99:22:e1:aa:26:57:0e:31:
05:d3:e8:ff:52:d6:c8:0d:15:6d:68:98:ff:2c:9e:26:2a:42:
49:d6:2b:81:4e:17:b5:bf:30:6f:fe:f5:d1:1a:73:e1:01:97:
5c:88:2f:ea:5a:52:91:d2:d0:d5:26:6b:9d:72:e0:bf:e5:52:
f6:21:e4:ab:68:50:7d:5b:fc:ce:17:d1:07:31:5b:84:20:e9:
1f:08:d4:fe:f7:2e:76:c7:1e:de:b2:c3:54:b8:86:a2:24:d3:
f9:08:c4:9b:56:0e:62:1c:17:e7:39:76:6e:92:bd:05:b5:74:
65:d8:5a:55:dc:e2:0a:bd:12:b6:a0:84:f6:ec:63:33:0f:ff:
01:23:0e:0e:af:7a:7f:d4:bf:70:92:60:61:39:e5:08:03:ba:
df:e5:a6:83:76:21:19:c4:5f:b0:cb:6a:85:36:e0:71:60:19:
46:c9:b0:b3:19:7f:84:04:2d:e4:f8:e4:83:08:ce:73:63:d7:
72:b5:d3:c2:b4:48:3f:e6:d7:b9:da:d7:91:0b:f3:cc:8b:ce:
50:80:82:b5:c5:55:14:a5:01:23:4a:34:9a:54:b3:9e:73:22:
45:74:35:00:7e:47:fe:53:77:69:3f:c4:94:80:03:15:6d:76:
5f:83:8b:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdlfZwIuNZCd1fUJ8On7rwTWzIcMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NDdaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjYmIzMGM4NmYyMTBkNTc5ZjBjMzk5MjhkNDJkN2NkZDhhNzkyZWRkNzhi
NjYzZmFjMjZlMGE5ZWFjZTA3OTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFXO3f0TVhViJ0apAFlBsv2cbcx65PIyevigg5T7ISdahs/zobKEozij3aC
pVV6uD6hK92UdxuH4quiYav1jQOcHIrH445PZ2yoSQ9xdGfFJhVyQhbYGFr257Ov
aGwesSE0PqG4A6rKTEwFoY67YsgqHHVdy5aU1q7gUAEFFyD4lb0OYls8GsDqBD8v
CKCsq2p7cSc+JZcZTnhIU90FShamC4iht9YRr8tS5QqmWkXMD4nzkbqr5/bleCF1
fos3e6z1zVhXgvLQdTH4MYzgjRKWyzMNKLEz9iUoBWynj0Qb4w+DK/7YeVuTv59K
JFVlEeNr/agzcPHWUeL57MPOjrUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQkNK1L
rOzZm0gFSfZZwkrrhCoXsTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTEzZjU0YzUtNzY0OC00MGUxLWFmMWItMDM0MzVmNDlmNDQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GoQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBU37P8lB4k1YuimSLhqiZXDjEF0+j/UtbIDRVt
aJj/LJ4mKkJJ1iuBThe1vzBv/vXRGnPhAZdciC/qWlKR0tDVJmudcuC/5VL2IeSr
aFB9W/zOF9EHMVuEIOkfCNT+9y52xx7essNUuIaiJNP5CMSbVg5iHBfnOXZukr0F
tXRl2FpV3OIKvRK2oIT27GMzD/8BIw4Or3p/1L9wkmBhOeUIA7rf5aaDdiEZxF+w
y2qFNuBxYBlGybCzGX+EBC3k+OSDCM5zY9dytdPCtEg/5te52teRC/PMi85QgIK1
xVUUpQEjSjSaVLOecyJFdDUAfkf+U3dpP8SUgAMVbXZfg4v0
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:47 2025 by rpki-client