Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
File: 0d8c280f-edb2-45fb-9207-8226dc900bb1.roa (raw, json)
Hash identifier: k5zHRcRWCwRlqwYG4XPDW7m29RPYUJw12VGPC2xxivE=
Subject key identifier: 59:43:9A:A1:24:68:6E:4E:81:DF:93:3F:B4:A4:2D:3D:0F:81:65:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74344AEADF13678A59B10A75C54FDD42FEDF701D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
Signing time: Tue 21 Oct 2025 13:40:04 +0000
ROA not before: Tue 21 Oct 2025 13:40:04 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:34:4a:ea:df:13:67:8a:59:b1:0a:75:c5:4f:dd:42:fe:df:70:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:40:04 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=8dc2c8c618e2a14a598aa47c29741907d2dfc25451c306aa77f637e91f148b82, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a1:a2:ac:1f:14:7f:3b:0c:cc:81:d9:ff:1e:
bb:ad:7b:bd:96:25:08:0b:17:ec:98:12:fe:0a:6c:
42:7b:df:6a:1d:e7:a0:c6:b4:ee:23:aa:24:a1:a9:
f3:e8:7d:58:79:f5:ae:b7:5c:2b:ec:90:5e:c1:1f:
ae:71:b8:df:10:3e:e0:c9:b3:be:f1:9d:b1:98:5e:
3a:d5:bd:78:d8:8b:a3:d7:cf:ac:ce:a5:76:4e:55:
ad:89:32:23:32:4f:31:aa:55:bc:e7:96:60:bd:28:
04:bf:81:36:7e:cc:6c:63:0f:5e:54:29:30:a7:9b:
c6:66:8d:bd:1d:10:5f:b7:5a:f7:07:77:31:9b:7a:
3a:b4:34:21:b1:d2:ef:90:6d:a2:2e:64:ca:c0:a3:
51:48:56:e0:2b:72:34:17:46:d7:89:e7:21:ee:14:
7e:a1:76:35:3a:e1:4b:84:d4:aa:82:35:e2:14:6f:
47:7e:5e:cb:7e:78:21:a9:5a:ef:6c:f6:c9:3d:12:
4c:15:8c:03:5a:30:92:af:4c:69:ea:11:b0:6c:ee:
a9:c5:35:8d:3f:03:fa:73:ba:c4:c2:42:da:52:04:
f8:b4:91:ac:84:c5:31:27:60:a3:6f:ed:0b:6a:c7:
2c:95:44:5a:2a:5b:b8:36:e8:37:37:cd:de:c5:4d:
3f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:43:9A:A1:24:68:6E:4E:81:DF:93:3F:B4:A4:2D:3D:0F:81:65:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5080::/48
Signature Algorithm: sha256WithRSAEncryption
41:5f:b9:c2:b4:74:68:48:a1:b8:78:65:fa:18:4d:0e:1d:27:
6a:8d:8e:84:a1:2f:d2:c4:ae:79:d7:9b:1f:cc:5f:d5:01:dd:
ee:9c:f2:2d:8a:29:e8:fa:34:72:a9:31:3e:1d:75:e4:c6:6f:
76:d1:78:89:24:f1:1a:17:db:33:e9:31:5d:62:56:1d:e1:62:
98:3d:da:14:6c:39:34:3a:fc:52:ea:f6:ae:36:f5:7e:89:91:
4f:e3:18:06:29:ff:f4:22:9e:f3:17:94:43:7a:c2:08:dd:f8:
c5:38:5f:d7:34:a4:19:e4:37:98:7f:13:cd:a4:e0:50:a7:22:
3a:c2:2e:d4:a3:20:01:80:a6:63:49:29:87:67:84:66:fd:11:
be:67:6d:03:79:14:f6:84:b2:a7:8d:77:fe:17:90:d2:76:25:
eb:a3:f5:b5:df:42:89:ec:04:35:82:14:61:4c:77:e3:c2:1d:
7f:f8:84:97:d4:da:07:1d:d5:cc:24:2f:2b:91:e6:55:cb:2f:
e6:9d:e3:d5:ac:45:34:7c:97:83:45:de:b4:79:e0:12:46:7a:
c4:c6:10:8d:b9:bc:31:ab:5c:78:3d:f8:8f:be:6e:05:9f:3a:
0f:10:3c:64:43:b7:3d:05:16:85:5c:c9:1e:5c:ee:ab:27:2a:
dd:38:f0:84
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdDRK6t8TZ4pZsQp1xU/dQv7fcB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzQwMDRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkYzJjOGM2MThlMmExNGE1OThhYTQ3YzI5NzQxOTA3ZDJkZmMyNTQ1MWMz
MDZhYTc3ZjYzN2U5MWYxNDhiODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIyhoqwfFH87DMyB2f8eu617vZYlCAsX7JgS/gpsQnvfah3noMa07iOqJKGp
8+h9WHn1rrdcK+yQXsEfrnG43xA+4MmzvvGdsZheOtW9eNiLo9fPrM6ldk5VrYky
IzJPMapVvOeWYL0oBL+BNn7MbGMPXlQpMKebxmaNvR0QX7da9wd3MZt6OrQ0IbHS
75Btoi5kysCjUUhW4CtyNBdG14nnIe4UfqF2NTrhS4TUqoI14hRvR35ey354Iala
72z2yT0STBWMA1owkq9MaeoRsGzuqcU1jT8D+nO6xMJC2lIE+LSRrITFMSdgo2/t
C2rHLJVEWipbuDboNzfN3sVNPyECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRZQ5qh
JGhuToHfkz+0pC09D4FlfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGQ4YzI4MGYtZWRiMi00NWZiLTkyMDctODIyNmRjOTAwYmIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAQV+5wrR0aEihuHhl+hhNDh0nao2OhKEv0sSu
edebH8xf1QHd7pzyLYop6Po0cqkxPh115MZvdtF4iSTxGhfbM+kxXWJWHeFimD3a
FGw5NDr8Uur2rjb1fomRT+MYBin/9CKe8xeUQ3rCCN34xThf1zSkGeQ3mH8TzaTg
UKciOsIu1KMgAYCmY0kph2eEZv0RvmdtA3kU9oSyp413/heQ0nYl66P1td9CiewE
NYIUYUx348Idf/iEl9TaBx3VzCQvK5HmVcsv5p3j1axFNHyXg0XetHngEkZ6xMYQ
jbm8MatceD34j75uBZ86DxA8ZEO3PQUWhVzJHlzuqycq3TjwhA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:57 2025 by rpki-client