Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
File: 37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa (raw, json)
Hash identifier: 4cH742rNwNMEKQGKGoySI0b0g47EH0ELbk2PKXThWow=
Subject key identifier: DF:F5:18:51:AE:F0:39:5C:9B:64:77:0E:3A:5C:59:5F:18:37:65:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1306A0B21B930440F688053CBE35CE23C9AC9ED6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
Signing time: Tue 21 Oct 2025 14:31:13 +0000
ROA not before: Tue 21 Oct 2025 14:31:13 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:06:a0:b2:1b:93:04:40:f6:88:05:3c:be:35:ce:23:c9:ac:9e:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:31:13 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=a161cd5b141d76a12dd2fcbc38d6e4518d143bcc95d3af47a8ea49fbac54c3c7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b1:48:24:e2:72:30:97:b7:f1:62:a7:6b:e7:
15:6f:89:82:46:a7:32:24:1c:c0:c1:12:9a:a6:b5:
8e:c5:e9:60:14:25:05:1b:5c:94:a9:d8:a4:ec:ce:
19:bc:c5:f5:36:a9:bf:5f:86:5e:a8:02:65:f9:34:
35:31:de:36:c9:f6:4e:1b:ab:8a:a7:20:dc:1f:1f:
d2:ba:67:1e:8b:50:e0:5d:18:a5:80:14:7f:3b:6a:
cb:4c:fc:e3:5f:95:ea:3a:84:96:31:db:31:fc:77:
4b:93:67:4f:48:a8:02:64:70:2c:e5:d6:e2:16:c5:
68:bd:df:c3:6e:ef:9a:d5:b4:41:d2:21:d9:d0:a1:
5e:7f:26:8e:f6:9a:cb:71:1e:d5:9b:f2:2d:09:f6:
d7:04:59:40:05:1f:b5:1f:f9:31:da:71:58:fc:f8:
cf:d2:8e:5c:0b:e4:be:cf:9d:e5:e7:e4:e0:0f:35:
40:92:6e:5a:af:3e:b7:f9:80:8f:4a:58:c7:34:15:
7a:eb:ee:03:a1:72:20:03:3e:de:93:d5:24:4c:83:
66:33:e1:ce:2e:8e:38:95:d8:c4:67:aa:66:21:de:
1c:8b:57:58:ac:a7:af:7b:b5:24:ac:42:20:46:32:
9b:0f:7d:fb:79:fb:90:fe:89:4d:5a:0e:39:9b:bf:
eb:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F5:18:51:AE:F0:39:5C:9B:64:77:0E:3A:5C:59:5F:18:37:65:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:8000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:32:34:eb:be:91:04:c2:64:e1:da:d4:99:73:ad:41:e4:39:
32:77:6f:18:0b:13:98:4c:57:3f:90:65:33:cb:8d:50:63:e3:
20:64:60:61:8d:34:82:e6:30:4a:eb:3c:4e:d9:90:ec:07:0b:
55:0f:42:0a:28:7f:2c:8a:2d:e3:b7:65:b5:7d:40:28:a6:7c:
b4:d9:90:28:e6:05:16:c6:3c:77:bc:86:59:42:16:aa:6e:72:
55:6b:11:80:b4:67:58:a2:70:3f:01:3f:55:08:a9:44:52:64:
47:a3:22:7b:97:57:a7:b1:e8:7f:d5:30:bc:a7:d4:e9:be:8e:
81:f0:b9:12:5d:8e:1d:85:13:96:65:84:9b:9d:fb:e9:78:3c:
09:d7:72:7d:c9:be:fb:18:71:bd:e0:58:03:53:fa:dc:29:08:
06:2a:d0:6e:41:02:aa:5b:df:7a:b0:93:e8:2f:c1:bd:80:42:
9e:2a:b5:9d:bb:40:6f:29:7b:29:ac:8b:a6:64:98:3f:e2:cf:
a6:2f:9c:ab:8d:77:d2:cf:67:16:27:6e:d5:1b:79:8c:cf:15:
92:3c:f1:77:fe:76:ed:2e:c2:5b:c2:0a:42:70:86:75:d4:c8:
b7:6b:95:f7:35:89:91:81:10:69:a9:11:7a:5b:e9:87:f4:8e:
f8:3b:0f:42
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEwagshuTBED2iAU8vjXOI8msntYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMxMTNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGExNjFjZDViMTQxZDc2YTEyZGQyZmNiYzM4ZDZlNDUxOGQxNDNiY2M5NWQz
YWY0N2E4ZWE0OWZiYWM1NGMzYzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuxSCTicjCXt/Fip2vnFW+JgkanMiQcwMESmqa1jsXpYBQlBRtclKnYpOzO
GbzF9Tapv1+GXqgCZfk0NTHeNsn2Thuriqcg3B8f0rpnHotQ4F0YpYAUfztqy0z8
41+V6jqEljHbMfx3S5NnT0ioAmRwLOXW4hbFaL3fw27vmtW0QdIh2dChXn8mjvaa
y3Ee1ZvyLQn21wRZQAUftR/5MdpxWPz4z9KOXAvkvs+d5efk4A81QJJuWq8+t/mA
j0pYxzQVeuvuA6FyIAM+3pPVJEyDZjPhzi6OOJXYxGeqZiHeHItXWKynr3u1JKxC
IEYymw99+3n7kP6JTVoOOZu/65cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTf9RhR
rvA5XJtkdw46XFlfGDdlkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdmODQ3OGYtNWVmOC00ZmU1LWI5YTItMWJiZDYwNWE2YWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaA
MA0GCSqGSIb3DQEBCwUAA4IBAQAaMjTrvpEEwmTh2tSZc61B5Dkyd28YCxOYTFc/
kGUzy41QY+MgZGBhjTSC5jBK6zxO2ZDsBwtVD0IKKH8sii3jt2W1fUAopny02ZAo
5gUWxjx3vIZZQhaqbnJVaxGAtGdYonA/AT9VCKlEUmRHoyJ7l1enseh/1TC8p9Tp
vo6B8LkSXY4dhROWZYSbnfvpeDwJ13J9yb77GHG94FgDU/rcKQgGKtBuQQKqW996
sJPoL8G9gEKeKrWdu0BvKXsprIumZJg/4s+mL5yrjXfSz2cWJ27VG3mMzxWSPPF3
/nbtLsJbwgpCcIZ11Mi3a5X3NYmRgRBpqRF6W+mH9I74Ow9C
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:07 2025 by rpki-client