Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77f2b0c8-c734-4ae5-a499-7037e76d0f03.roa
File: 77f2b0c8-c734-4ae5-a499-7037e76d0f03.roa (raw, json)
Hash identifier: TsVoGaycDZ9J8ZeQUKWOKdLEwS7pTebbBrJNTvsBmS0=
Subject key identifier: 42:F4:C5:7F:36:F6:F6:9E:1E:47:76:20:AD:80:E2:93:EE:34:9A:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B9E993FBE094A5C4AABEFBD6C9FD35CC09704AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77f2b0c8-c734-4ae5-a499-7037e76d0f03.roa
Signing time: Fri 07 Nov 2025 16:36:41 +0000
ROA not before: Fri 07 Nov 2025 16:36:41 +0000
ROA not after: Fri 12 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:9e:99:3f:be:09:4a:5c:4a:ab:ef:bd:6c:9f:d3:5c:c0:97:04:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 7 16:36:41 2025 GMT
Not After : Dec 12 23:59:59 2025 GMT
Subject: serialNumber=be2ab03050c87eb60e187aba7c31756cf3100024ad5a97fac4323d4bcd778b1c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ef:6c:6d:6b:3f:28:f9:1f:fa:47:02:57:5a:
0d:de:f4:3e:69:90:11:1a:bf:1a:54:9a:6a:dd:3f:
99:0f:5e:be:29:8b:20:f4:10:8d:e1:af:88:ec:9a:
bc:c4:f3:23:1b:6e:ff:89:83:1b:5f:2c:d4:e3:25:
6f:8c:9b:f0:0e:93:41:07:ba:f8:54:ed:f1:b7:fd:
a7:aa:97:6c:2b:cf:3b:b0:64:de:26:fd:40:13:7c:
91:7e:89:a6:93:4b:92:6d:54:f9:eb:44:68:95:75:
27:fa:e8:f6:60:f7:9f:37:ea:a9:ec:61:51:10:ac:
6c:a0:43:57:8a:fd:7a:56:e1:ac:8e:11:94:0c:04:
1f:98:68:29:21:63:e3:18:d2:21:b3:c1:f7:85:44:
9e:9b:3a:a6:d2:47:72:9d:54:38:36:7c:06:e1:58:
6a:98:63:61:1a:da:e6:ab:82:6c:5b:09:4e:8d:bc:
f6:21:37:54:e6:86:d1:fd:be:c7:e4:12:d2:ab:41:
fa:a5:41:b5:7f:39:53:82:4b:cc:12:76:7c:ef:ff:
99:b1:26:72:11:c5:73:dd:dc:69:41:e9:e2:01:f7:
60:94:2d:f1:52:5e:f5:2e:55:af:07:96:83:4c:0e:
b3:b3:cd:1c:76:58:f7:5f:66:36:fa:dd:c6:d2:c9:
17:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F4:C5:7F:36:F6:F6:9E:1E:47:76:20:AD:80:E2:93:EE:34:9A:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77f2b0c8-c734-4ae5-a499-7037e76d0f03.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028:8000::/36
Signature Algorithm: sha256WithRSAEncryption
96:6d:0d:e6:f4:39:49:a5:81:75:80:bb:bc:55:49:18:2d:fb:
ba:90:17:4b:cf:ec:6e:12:06:9a:b5:f7:0f:be:dc:1f:22:5f:
a8:35:2b:dd:46:10:d5:ce:90:cc:a9:48:50:c0:7a:39:bd:65:
d0:ad:e3:42:72:91:75:74:f2:e8:f1:e7:26:8e:2f:63:40:a2:
7e:5a:c6:91:bd:49:14:b0:d3:9a:be:80:46:aa:eb:c1:bf:ef:
fd:a1:5b:66:5c:9d:1a:0b:57:cb:af:42:b3:ba:2c:bc:a0:2d:
84:07:f0:57:a4:49:e4:6c:95:72:7f:2e:ed:0f:d3:04:f8:7f:
a3:72:48:9a:3d:e8:38:72:d3:05:9c:9e:32:18:96:fa:cc:a1:
84:84:9b:48:30:5b:7e:f0:84:79:3c:13:87:6f:08:67:c7:84:
56:37:60:80:c3:2f:5b:4e:2a:b6:14:4d:c8:9a:eb:22:89:98:
96:b1:de:2e:0f:83:40:6a:7d:02:81:70:80:92:cb:be:70:b4:
03:49:71:47:65:d0:b9:cb:8a:ef:0f:b9:5b:c1:92:26:00:8e:
09:aa:fc:87:7b:d3:be:40:33:04:ec:eb:ea:f2:65:24:8a:67:
13:a0:a5:0c:64:29:24:54:b6:59:2e:1b:ef:9b:e1:03:74:79:
81:63:fc:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC56ZP74JSlxKq++9bJ/TXMCXBK0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDcxNjM2NDFaFw0yNTEyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlMmFiMDMwNTBjODdlYjYwZTE4N2FiYTdjMzE3NTZjZjMxMDAwMjRhZDVh
OTdmYWM0MzIzZDRiY2Q3NzhiMWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXvbG1rPyj5H/pHAldaDd70PmmQERq/GlSaat0/mQ9evimLIPQQjeGviOya
vMTzIxtu/4mDG18s1OMlb4yb8A6TQQe6+FTt8bf9p6qXbCvPO7Bk3ib9QBN8kX6J
ppNLkm1U+etEaJV1J/ro9mD3nzfqqexhURCsbKBDV4r9elbhrI4RlAwEH5hoKSFj
4xjSIbPB94VEnps6ptJHcp1UODZ8BuFYaphjYRra5quCbFsJTo289iE3VOaG0f2+
x+QS0qtB+qVBtX85U4JLzBJ2fO//mbEmchHFc93caUHp4gH3YJQt8VJe9S5VrweW
g0wOs7PNHHZY919mNvrdxtLJF2ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRC9MV/
Nvb2nh5HdiCtgOKT7jSarTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzdmMmIwYzgtYzczNC00YWU1LWE0OTktNzAzN2U3NmQwZjAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CiA
MA0GCSqGSIb3DQEBCwUAA4IBAQCWbQ3m9DlJpYF1gLu8VUkYLfu6kBdLz+xuEgaa
tfcPvtwfIl+oNSvdRhDVzpDMqUhQwHo5vWXQreNCcpF1dPLo8ecmji9jQKJ+WsaR
vUkUsNOavoBGquvBv+/9oVtmXJ0aC1fLr0Kzuiy8oC2EB/BXpEnkbJVyfy7tD9ME
+H+jckiaPeg4ctMFnJ4yGJb6zKGEhJtIMFt+8IR5PBOHbwhnx4RWN2CAwy9bTiq2
FE3ImusiiZiWsd4uD4NAan0CgXCAksu+cLQDSXFHZdC5y4rvD7lbwZImAI4JqvyH
e9O+QDME7Ovq8mUkimcToKUMZCkkVLZZLhvvm+EDdHmBY/xN
-----END CERTIFICATE-----
Generated at Tue Nov 18 07:59:11 2025 by rpki-client