Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
File: 404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa (raw, json)
Hash identifier: LqCM34BHog7/omCwBrT/NG9eCLwHW5W5rUZ7kZ15Qp4=
Subject key identifier: 4E:4C:0D:B3:46:8E:BA:3C:0E:B4:97:CF:23:59:AE:15:D6:BC:04:68
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 564B5A695A16954082FBD01C255D03765D657FD6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
Signing time: Tue 21 Oct 2025 14:10:23 +0000
ROA not before: Tue 21 Oct 2025 14:10:23 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d017::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:4b:5a:69:5a:16:95:40:82:fb:d0:1c:25:5d:03:76:5d:65:7f:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:10:23 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=f34ff3fb1f9f96675dd18cfe6fd8304aaa36a953f9d8d2f00a2718e66ea15f12, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1f:01:35:12:8f:84:be:6d:35:e9:c6:c3:6d:
93:26:10:80:47:16:57:b2:65:f4:fc:19:7c:34:ab:
15:5d:d2:9c:a5:ab:e0:61:a7:ec:92:de:79:07:bb:
b5:fa:43:d5:84:09:31:77:51:7f:a7:e4:6f:bd:bc:
80:f4:1e:52:e9:0d:48:4a:b8:fd:50:ac:19:74:22:
73:6f:01:8b:a5:46:86:f3:75:4c:28:91:1a:c3:da:
9f:82:f4:d3:31:7d:eb:d0:9e:0e:5c:75:fe:d6:46:
f3:80:a1:eb:1b:e2:13:97:2d:2e:d4:9a:72:e5:1b:
c6:82:ad:f1:50:04:51:29:99:f6:eb:6e:d5:ab:23:
04:dc:cd:25:79:b3:da:e5:81:71:b8:1a:fd:bb:e9:
fe:ca:a3:de:b6:8e:dc:67:b1:d5:e0:42:92:1d:26:
c3:87:ed:fb:dc:39:3a:28:5a:8a:63:ba:2e:14:92:
0c:04:f4:7e:dd:f1:92:dc:2a:7e:f2:c5:69:5c:a3:
07:22:38:78:19:44:02:37:38:03:0c:56:15:25:cf:
1c:7b:e3:3a:63:3e:12:04:35:eb:d3:10:a9:93:c1:
18:c4:38:5a:bc:98:9a:d6:0f:f8:ee:fb:1d:eb:b2:
b9:9f:d6:48:57:a2:f0:bd:57:0b:76:29:aa:aa:4f:
54:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:4C:0D:B3:46:8E:BA:3C:0E:B4:97:CF:23:59:AE:15:D6:BC:04:68
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d017::/36
Signature Algorithm: sha256WithRSAEncryption
71:08:84:6b:91:85:31:75:b5:02:e1:61:dd:6e:5a:f5:14:ca:
fb:f0:5c:09:b3:c2:10:29:e6:5c:08:35:55:30:e0:dd:35:be:
01:ea:7f:9b:13:96:e6:68:d9:ab:39:6e:bf:79:8b:31:4c:e7:
11:11:41:38:71:3b:5d:5f:20:ed:a3:3a:81:ff:69:f4:3b:c3:
9b:77:bc:db:f1:37:c4:1a:d6:c5:60:0a:d5:f9:40:e1:a2:e5:
44:29:39:bc:c3:b9:24:c0:d0:d9:e0:13:72:a7:f3:4f:15:42:
14:57:44:95:4a:88:98:cf:69:b7:58:9a:f2:00:e1:46:00:17:
a8:6f:18:57:90:bf:3d:05:b5:0d:ce:9f:4b:9f:6e:2b:ef:e9:
b6:0e:b8:4e:51:1e:0f:4e:0d:5e:31:59:5c:ae:c1:b7:2f:eb:
6b:f3:f9:99:69:bf:35:33:24:6c:8a:67:36:38:69:d3:f4:63:
9e:23:c4:af:21:78:d3:62:41:a4:75:37:7a:63:de:06:44:ed:
1d:52:ab:07:ce:3f:f6:ed:fd:b5:b3:82:88:66:9d:06:e3:04:
91:a1:86:ce:6b:8f:cc:ad:65:af:9f:b7:4c:5f:d3:ee:78:79:
14:ce:76:10:10:c4:18:a9:ae:6e:85:70:46:d0:0f:53:19:d0:
af:58:7f:a3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVktaaVoWlUCC+9AcJV0Ddl1lf9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDEwMjNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzNGZmM2ZiMWY5Zjk2Njc1ZGQxOGNmZTZmZDgzMDRhYWEzNmE5NTNmOWQ4
ZDJmMDBhMjcxOGU2NmVhMTVmMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsfATUSj4S+bTXpxsNtkyYQgEcWV7Jl9PwZfDSrFV3SnKWr4GGn7JLeeQe7
tfpD1YQJMXdRf6fkb728gPQeUukNSEq4/VCsGXQic28Bi6VGhvN1TCiRGsPan4L0
0zF969CeDlx1/tZG84Ch6xviE5ctLtSacuUbxoKt8VAEUSmZ9utu1asjBNzNJXmz
2uWBcbga/bvp/sqj3raO3Gex1eBCkh0mw4ft+9w5OihaimO6LhSSDAT0ft3xktwq
fvLFaVyjByI4eBlEAjc4AwxWFSXPHHvjOmM+EgQ169MQqZPBGMQ4WryYmtYP+O77
HeuyuZ/WSFei8L1XC3YpqqpPVBsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROTA2z
Ro66PA60l88jWa4V1rwEaDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA0ZWYxYWYtZTA1Mi00MWI4LWEwYmYtNzBlM2ZhMGFhMDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BcA
MA0GCSqGSIb3DQEBCwUAA4IBAQBxCIRrkYUxdbUC4WHdblr1FMr78FwJs8IQKeZc
CDVVMODdNb4B6n+bE5bmaNmrOW6/eYsxTOcREUE4cTtdXyDtozqB/2n0O8Obd7zb
8TfEGtbFYArV+UDhouVEKTm8w7kkwNDZ4BNyp/NPFUIUV0SVSoiYz2m3WJryAOFG
ABeobxhXkL89BbUNzp9Ln24r7+m2DrhOUR4PTg1eMVlcrsG3L+tr8/mZab81MyRs
imc2OGnT9GOeI8SvIXjTYkGkdTd6Y94GRO0dUqsHzj/27f21s4KIZp0G4wSRoYbO
a4/MrWWvn7dMX9PueHkUznYQEMQYqa5uhXBG0A9TGdCvWH+j
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:33 2025 by rpki-client