Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
File: 3c7c4703-2876-4e04-b857-8c0298bd0897.roa (raw, json)
Hash identifier: 69VxJUxDndlV+ctK2uH2xdEpHTS8iyqyKX33lHJeTkw=
Subject key identifier: 91:48:33:4D:E9:DE:20:2A:74:E7:40:EA:0B:2E:B7:48:6F:A1:00:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D0F41CE90FEFB5AD09A0032A3AF909B3071FB01
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
Signing time: Tue 21 Oct 2025 13:20:11 +0000
ROA not before: Tue 21 Oct 2025 13:20:11 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:0f:41:ce:90:fe:fb:5a:d0:9a:00:32:a3:af:90:9b:30:71:fb:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:11 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=4e8795dc42bac091499c7a1539e1802e3591cb89f049ac47a66d640965f1c4d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a0:cc:95:4a:d2:1e:cd:f6:81:1e:24:2d:f4:
1c:ad:3e:d1:7a:fe:ef:8f:b9:1a:f4:c2:4c:4f:c0:
96:9d:68:94:c4:2a:aa:e6:5a:d4:5c:a0:d9:2b:c1:
17:a3:43:0a:10:e3:fe:7f:fb:e7:11:6c:01:82:fc:
f7:31:64:2b:ca:46:3e:05:d5:db:d4:05:7c:dc:b0:
5c:fc:37:f6:be:26:5b:db:ac:16:a0:2e:b6:66:cc:
a7:53:a2:95:44:22:4f:2a:77:3d:f5:f4:90:5d:48:
2e:12:d0:20:82:62:21:a1:fc:47:76:ac:38:78:75:
f4:49:de:68:46:14:47:d5:34:a7:f4:cc:c5:b2:93:
a5:60:05:ca:39:40:40:f3:9d:7d:79:95:b6:5b:bb:
3c:fd:0d:7f:36:28:e3:bc:8d:86:8e:0e:f6:23:07:
13:7f:d2:6c:ad:55:e9:5f:ed:34:7e:7b:b6:7c:86:
90:7d:51:c4:5f:ca:2a:c8:72:0e:69:1b:0e:77:a8:
5e:b6:a8:8f:f4:f5:aa:62:74:f1:bc:54:e2:80:19:
ac:53:e6:3f:7b:9e:8e:7a:25:bf:f9:dc:f3:e0:a7:
84:b9:7a:ff:69:96:e9:ae:1e:c2:90:dc:83:fd:90:
ea:62:c9:b4:5b:ff:c2:7f:6d:bd:0e:ed:05:1f:c2:
58:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:48:33:4D:E9:DE:20:2A:74:E7:40:EA:0B:2E:B7:48:6F:A1:00:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
33:85:83:62:1f:9d:e3:e5:bc:fb:f2:e1:59:89:ef:45:e0:49:
6d:ee:95:b2:15:27:49:bf:64:e0:89:9b:be:58:5f:8a:71:05:
25:3d:12:97:c6:94:26:91:85:2f:52:7a:68:19:2a:4b:b0:1c:
3a:3c:2c:1b:a3:a0:62:18:d4:55:31:36:e7:a1:94:b7:0c:7e:
12:9d:a3:b0:16:a7:b6:87:0a:c5:e3:c0:11:26:54:2b:c7:44:
86:3d:76:8f:17:a4:38:d1:83:a8:3f:42:97:0c:ad:75:33:cc:
0b:62:61:8b:e6:12:22:6f:63:f2:da:75:91:f2:fb:4b:23:b5:
b4:1f:04:c4:25:42:32:6f:7f:76:06:d1:54:ac:38:36:01:ac:
4e:22:6c:5b:af:e5:d4:fa:75:17:0e:21:d7:c6:35:3b:06:5f:
28:55:3a:2f:17:44:37:9f:b1:5f:da:7f:a9:25:fb:be:99:13:
95:db:1e:26:0f:8c:27:00:5c:8d:0e:0e:33:33:9b:21:30:37:
34:bf:8f:96:cf:ab:06:50:bb:25:80:0e:b9:a6:7a:00:71:d3:
98:8d:e2:90:4d:74:29:8f:af:0d:79:c7:ab:e7:34:7c:5e:f6:
f7:41:90:e7:cb:1b:16:16:3c:75:11:2b:14:9b:60:73:22:f5:
db:4d:38:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbQ9BzpD++1rQmgAyo6+QmzBx+wEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwMTFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlODc5NWRjNDJiYWMwOTE0OTljN2ExNTM5ZTE4MDJlMzU5MWNiODlmMDQ5
YWM0N2E2NmQ2NDA5NjVmMWM0ZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSgzJVK0h7N9oEeJC30HK0+0Xr+74+5GvTCTE/Alp1olMQqquZa1Fyg2SvB
F6NDChDj/n/75xFsAYL89zFkK8pGPgXV29QFfNywXPw39r4mW9usFqAutmbMp1Oi
lUQiTyp3PfX0kF1ILhLQIIJiIaH8R3asOHh19EneaEYUR9U0p/TMxbKTpWAFyjlA
QPOdfXmVtlu7PP0NfzYo47yNho4O9iMHE3/SbK1V6V/tNH57tnyGkH1RxF/KKshy
DmkbDneoXraoj/T1qmJ08bxU4oAZrFPmP3uejnolv/nc8+CnhLl6/2mW6a4ewpDc
g/2Q6mLJtFv/wn9tvQ7tBR/CWL8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSRSDNN
6d4gKnTnQOoLLrdIb6EARzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2M3YzQ3MDMtMjg3Ni00ZTA0LWI4NTctOGMwMjk4YmQwODk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+w
MA0GCSqGSIb3DQEBCwUAA4IBAQAzhYNiH53j5bz78uFZie9F4Elt7pWyFSdJv2Tg
iZu+WF+KcQUlPRKXxpQmkYUvUnpoGSpLsBw6PCwbo6BiGNRVMTbnoZS3DH4SnaOw
Fqe2hwrF48ARJlQrx0SGPXaPF6Q40YOoP0KXDK11M8wLYmGL5hIib2Py2nWR8vtL
I7W0HwTEJUIyb392BtFUrDg2AaxOImxbr+XU+nUXDiHXxjU7Bl8oVTovF0Q3n7Ff
2n+pJfu+mROV2x4mD4wnAFyNDg4zM5shMDc0v4+Wz6sGULslgA65pnoAcdOYjeKQ
TXQpj68Necer5zR8Xvb3QZDnyxsWFjx1ESsUm2BzIvXbTTgD
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:13 2025 by rpki-client