Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4078cff6-9b34-4f16-903f-c7817d86bf50.roa
File: 4078cff6-9b34-4f16-903f-c7817d86bf50.roa (raw, json)
Hash identifier: md29zcQ0N65XGLrqrggaMMDcrV57e5kFrCzlzzV20MM=
Subject key identifier: 54:A4:B2:55:A9:ED:C8:88:AB:B2:35:EC:71:63:9A:01:5F:23:D4:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64C315F85A37B43E74139FB52EB9C5BE6A4986EF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4078cff6-9b34-4f16-903f-c7817d86bf50.roa
Signing time: Tue 21 Oct 2025 13:31:07 +0000
ROA not before: Tue 21 Oct 2025 13:31:07 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:c3:15:f8:5a:37:b4:3e:74:13:9f:b5:2e:b9:c5:be:6a:49:86:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:31:07 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=eb90975e06210cf5e8849b4909be27a58bcc3a436fba959a0e7d6cec0702aa42, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:06:97:20:c8:b6:5d:c5:08:2e:66:6a:30:4e:
94:58:e3:f2:3c:fb:1e:49:26:d7:a6:f4:b2:40:7b:
4b:62:b8:c7:2c:9b:c2:f1:2a:e4:c7:08:92:3f:ca:
e9:6b:a1:0a:4a:e5:9b:0d:9f:5d:e0:d9:99:7c:2a:
50:fe:33:68:3e:e7:f3:c2:98:1d:74:11:c3:35:fe:
3e:d5:7a:dd:ec:87:26:8f:e4:ec:55:58:fb:87:6d:
b7:77:8d:39:c7:e3:94:1e:84:05:c1:f6:46:54:c9:
71:c0:7b:8e:af:f8:5a:60:a3:77:a7:fb:9f:9f:78:
2d:02:74:65:7a:ab:b7:55:b9:b8:9e:58:73:fb:af:
7c:46:b8:2e:21:a6:4d:ce:9c:02:3e:3b:e8:81:18:
63:95:66:c8:c3:d0:65:b3:18:0d:8b:1e:73:e8:96:
90:64:92:75:26:d5:fc:d3:4c:30:f9:d6:b2:21:90:
81:66:52:f0:60:45:07:ae:6b:76:4b:fa:92:bb:b7:
33:a9:28:1e:04:ee:e6:10:87:9c:dd:6a:aa:44:93:
e0:d0:20:87:3c:03:d8:4c:b9:a0:58:05:78:15:33:
bd:c1:9c:68:40:41:d8:d5:7a:09:87:e8:c7:11:8e:
cf:24:f0:ad:81:5d:7f:6c:34:c5:c7:f1:6e:32:0e:
ce:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A4:B2:55:A9:ED:C8:88:AB:B2:35:EC:71:63:9A:01:5F:23:D4:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4078cff6-9b34-4f16-903f-c7817d86bf50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a080::/48
Signature Algorithm: sha256WithRSAEncryption
65:7b:5f:f7:43:d5:bc:a6:e3:b9:31:b7:72:e9:db:31:1c:f8:
28:c3:fc:33:1d:01:48:5a:f8:97:c9:1f:80:de:e0:29:20:9e:
71:88:29:10:88:7e:ff:9e:70:dc:de:34:fa:db:98:d4:d2:15:
9b:3a:25:fa:a9:a5:5b:4f:8c:ea:48:3e:ce:86:a6:e8:3f:29:
f3:d4:46:be:90:ea:92:26:b2:01:da:c1:30:4a:8b:c0:61:56:
19:42:73:9e:e3:5c:d3:87:39:cb:9b:64:2f:ec:06:93:35:4a:
51:58:b4:dd:48:2a:03:c6:c4:af:4e:ee:36:c3:42:59:4c:ca:
2f:6d:52:2a:6b:0a:7a:f5:f9:df:53:96:57:68:2e:c4:58:59:
c4:da:31:85:47:24:d0:af:df:ab:ec:17:92:fb:27:9b:54:0a:
e6:86:a1:3f:53:f0:23:17:60:4d:9c:e3:8f:bb:06:28:ed:b9:
39:32:e0:50:ff:60:c1:a2:65:e5:9c:a5:e4:bb:63:a1:d5:b7:
8d:25:7b:18:08:83:c5:5b:e8:54:c8:a2:31:80:fc:cc:10:0c:
a2:e8:1d:07:67:ce:09:2e:67:29:0c:7d:1a:29:8c:03:48:27:
36:a4:0d:6b:8a:b1:68:67:e2:95:86:58:00:f1:39:fd:4a:2f:
fd:1b:4f:d3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZMMV+Fo3tD50E5+1LrnFvmpJhu8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMxMDdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGViOTA5NzVlMDYyMTBjZjVlODg0OWI0OTA5YmUyN2E1OGJjYzNhNDM2ZmJh
OTU5YTBlN2Q2Y2VjMDcwMmFhNDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoGlyDItl3FCC5majBOlFjj8jz7Hkkm16b0skB7S2K4xyybwvEq5McIkj/K
6WuhCkrlmw2fXeDZmXwqUP4zaD7n88KYHXQRwzX+PtV63eyHJo/k7FVY+4dtt3eN
OcfjlB6EBcH2RlTJccB7jq/4WmCjd6f7n594LQJ0ZXqrt1W5uJ5Yc/uvfEa4LiGm
Tc6cAj476IEYY5VmyMPQZbMYDYsec+iWkGSSdSbV/NNMMPnWsiGQgWZS8GBFB65r
dkv6kru3M6koHgTu5hCHnN1qqkST4NAghzwD2Ey5oFgFeBUzvcGcaEBB2NV6CYfo
xxGOzyTwrYFdf2w0xcfxbjIOzhcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRUpLJV
qe3IiKuyNexxY5oBXyPUiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA3OGNmZjYtOWIzNC00ZjE2LTkwM2YtYzc4MTdkODZiZjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
gDANBgkqhkiG9w0BAQsFAAOCAQEAZXtf90PVvKbjuTG3cunbMRz4KMP8Mx0BSFr4
l8kfgN7gKSCecYgpEIh+/55w3N40+tuY1NIVmzol+qmlW0+M6kg+zoam6D8p89RG
vpDqkiayAdrBMEqLwGFWGUJznuNc04c5y5tkL+wGkzVKUVi03UgqA8bEr07uNsNC
WUzKL21SKmsKevX531OWV2guxFhZxNoxhUck0K/fq+wXkvsnm1QK5oahP1PwIxdg
TZzjj7sGKO25OTLgUP9gwaJl5Zyl5LtjodW3jSV7GAiDxVvoVMiiMYD8zBAMougd
B2fOCS5nKQx9GimMA0gnNqQNa4qxaGfilYZYAPE5/Uov/RtP0w==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:29 2025 by rpki-client