Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
File: 0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa (raw, json)
Hash identifier: lDp+3b9s00TSsfQCB/TVteN7v19heEXGWp1/cqxRfsM=
Subject key identifier: A9:CE:4D:A1:00:88:38:02:E4:12:28:4F:9F:D6:76:27:49:D0:D9:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44394E2A03A68B762033D740F6B9D6DABEB2CEAB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
Signing time: Tue 21 Oct 2025 14:40:04 +0000
ROA not before: Tue 21 Oct 2025 14:40:04 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:39:4e:2a:03:a6:8b:76:20:33:d7:40:f6:b9:d6:da:be:b2:ce:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:40:04 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=a8cf6e3d10cadf4971c141b2b14cb94f4a0d76976ba6b5bad83178b94a0f1976, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:83:55:29:a0:dc:17:83:98:e8:d3:89:82:a8:
da:7f:4b:c5:e9:3d:08:ce:c7:d6:82:da:ba:5a:f4:
98:7a:fd:ec:53:bc:09:20:1c:9f:5b:af:8b:d2:7b:
e7:80:df:63:6d:b7:2f:2a:69:a4:4e:ef:ad:6b:ba:
68:7d:51:4a:03:b8:88:86:f5:a4:2a:40:7f:2e:d7:
ed:bc:44:7e:c6:d2:4f:fb:66:39:a9:18:ef:d5:58:
8a:30:55:c5:12:fd:6a:77:c2:d4:ad:19:13:5e:df:
5e:54:2f:56:aa:05:ec:cb:09:47:79:15:53:fa:5d:
39:ac:80:8d:d8:08:9f:54:16:d7:b0:5a:4d:71:38:
b3:1e:31:8c:31:bc:01:20:85:18:5a:d8:8f:1c:fe:
d9:fe:1b:6b:2b:df:c6:e5:49:36:49:4c:41:5a:d4:
bd:82:1b:e8:7b:40:84:b6:e8:27:aa:22:3b:d1:bb:
0f:b0:8f:28:b2:42:f5:bc:5e:46:b7:f1:38:21:05:
f5:eb:1c:70:fc:4a:ad:01:46:be:c5:91:e4:22:aa:
0f:05:96:b3:c9:13:84:34:98:39:1e:4a:88:22:91:
e2:c1:44:10:5c:0c:79:89:a3:26:c6:e6:02:ec:ec:
a6:ad:d5:f2:a5:86:08:97:36:4e:83:e9:8b:38:23:
aa:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:CE:4D:A1:00:88:38:02:E4:12:28:4F:9F:D6:76:27:49:D0:D9:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
9c:32:0d:b3:2a:70:e1:f6:00:bb:80:75:46:a7:10:4d:66:fc:
a2:b4:92:b5:9d:c5:44:cb:34:dd:de:82:d7:37:fb:64:33:de:
15:3d:4f:f1:30:e8:14:1d:1b:ce:bd:1f:2e:7a:37:8a:f7:39:
ac:5d:62:1b:82:82:5c:59:fa:29:75:a6:fb:95:bd:57:c3:0a:
68:7c:05:49:0e:89:0c:2d:85:3c:39:ec:01:6c:c5:5e:2b:a0:
3e:0b:0f:56:b1:73:c7:44:6a:ed:3d:d9:6a:a1:7b:0b:3d:37:
0d:0b:4a:09:e3:79:03:67:ea:e0:90:8f:b0:13:e1:b2:af:32:
a6:af:b6:2f:5c:93:7b:6f:66:6c:9d:5d:11:70:97:cb:13:90:
87:bf:1a:bf:7c:61:af:4d:73:8d:c3:da:a6:f4:cc:6c:3c:37:
22:eb:e4:3e:77:58:c9:b5:aa:b6:1e:18:fa:eb:d2:bd:1e:08:
8f:8b:74:0f:eb:a4:76:4a:38:4d:b2:77:7f:bd:2d:d6:9e:ea:
df:25:5d:31:b3:31:0d:48:49:4d:1a:ab:dc:70:7f:a2:fe:2b:
39:2c:7a:b7:a3:cd:9d:8a:c9:ee:e1:5a:87:ff:cf:20:0e:ab:
a6:18:86:76:09:e5:51:4d:63:f1:58:27:9b:5a:06:0e:ca:25:
aa:e3:91:be
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURDlOKgOmi3YgM9dA9rnW2r6yzqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDQwMDRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4Y2Y2ZTNkMTBjYWRmNDk3MWMxNDFiMmIxNGNiOTRmNGEwZDc2OTc2YmE2
YjViYWQ4MzE3OGI5NGEwZjE5NzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6DVSmg3BeDmOjTiYKo2n9Lxek9CM7H1oLaulr0mHr97FO8CSAcn1uvi9J7
54DfY223LypppE7vrWu6aH1RSgO4iIb1pCpAfy7X7bxEfsbST/tmOakY79VYijBV
xRL9anfC1K0ZE17fXlQvVqoF7MsJR3kVU/pdOayAjdgIn1QW17BaTXE4sx4xjDG8
ASCFGFrYjxz+2f4bayvfxuVJNklMQVrUvYIb6HtAhLboJ6oiO9G7D7CPKLJC9bxe
RrfxOCEF9esccPxKrQFGvsWR5CKqDwWWs8kThDSYOR5KiCKR4sFEEFwMeYmjJsbm
Auzspq3V8qWGCJc2ToPpizgjqksCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSpzk2h
AIg4AuQSKE+f1nYnSdDZQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGUwODI1MzctNmUzNi00NzRhLTlmZjgtYjdkM2JjYWFiYjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Drg
MA0GCSqGSIb3DQEBCwUAA4IBAQCcMg2zKnDh9gC7gHVGpxBNZvyitJK1ncVEyzTd
3oLXN/tkM94VPU/xMOgUHRvOvR8uejeK9zmsXWIbgoJcWfopdab7lb1XwwpofAVJ
DokMLYU8OewBbMVeK6A+Cw9WsXPHRGrtPdlqoXsLPTcNC0oJ43kDZ+rgkI+wE+Gy
rzKmr7YvXJN7b2ZsnV0RcJfLE5CHvxq/fGGvTXONw9qm9MxsPDci6+Q+d1jJtaq2
Hhj669K9HgiPi3QP66R2SjhNsnd/vS3WnurfJV0xszENSElNGqvccH+i/is5LHq3
o82disnu4VqH/88gDqumGIZ2CeVRTWPxWCebWgYOyiWq45G+
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:35 2025 by rpki-client