Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
File: 408fc879-4db9-446c-bdb3-37bf4ee28c97.roa (raw, json)
Hash identifier: IoBVFGAKtr8zagnfupcHXiAaU7fmsjayM4xVplWlm8k=
Subject key identifier: 9C:A8:5F:D6:05:25:52:4E:78:A7:18:62:92:C4:3C:5B:48:A9:44:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 761770C1CBAC077ABA66E080D8692B25109183CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
Signing time: Tue 21 Oct 2025 13:50:44 +0000
ROA not before: Tue 21 Oct 2025 13:50:44 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:17:70:c1:cb:ac:07:7a:ba:66:e0:80:d8:69:2b:25:10:91:83:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:44 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=54d8cedc0ee2dddcc52d51e32c080f16fc86787a968ab4ecdc3e095c2dc69cab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2a:53:15:8a:bd:1d:6c:50:3c:61:58:0d:0c:
bd:15:f7:98:87:7b:ed:18:c9:2a:ae:9a:48:e7:0e:
e6:27:08:c1:5f:5e:a5:6b:d9:82:04:9d:d7:bf:a6:
03:89:67:45:e2:14:9f:68:e9:4d:24:e2:6f:ca:1c:
c7:e1:84:f6:b2:1a:9a:20:f2:a7:7a:a9:34:9c:6c:
99:13:e8:a3:fe:3c:b1:25:71:32:ce:7b:54:29:c4:
cc:7b:0a:9b:9d:d3:39:91:43:c6:ed:96:7b:8c:4c:
f2:fb:f2:75:a3:bb:ff:47:ed:7e:a2:35:88:31:f5:
c2:87:9c:57:4e:97:9e:06:b1:45:71:36:a3:dc:ce:
93:ca:6a:25:db:87:db:96:8a:4c:df:a2:af:03:da:
41:e4:d9:21:d2:91:70:30:1b:5f:f0:91:f1:51:76:
e6:03:7a:a6:30:e5:bb:0a:be:d5:95:64:a1:88:d7:
98:17:77:ea:45:67:66:21:a5:2a:88:ec:e4:2e:3e:
34:0b:55:4a:37:72:16:f8:e6:c7:8c:75:86:6a:7b:
55:b1:82:46:c1:a7:41:f6:6f:52:d1:56:1d:7d:15:
55:e9:39:85:de:27:e2:96:0c:e5:34:76:65:65:cf:
e6:d5:c5:2c:dc:44:95:05:87:c7:28:59:93:3a:1a:
19:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A8:5F:D6:05:25:52:4E:78:A7:18:62:92:C4:3C:5B:48:A9:44:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:a3:07:ef:f5:c5:69:6a:06:7f:be:c3:c9:c1:5c:11:c9:c8:
3e:06:d2:49:66:03:0e:cb:3e:24:e4:d7:96:03:b5:6d:78:75:
4c:e6:d9:d2:73:9d:cc:58:48:79:ec:5c:85:65:60:4e:e3:fc:
3a:c9:36:0f:36:df:e1:e0:97:29:b7:a7:1f:9d:e3:90:a7:46:
a4:66:93:17:37:7a:f3:08:0c:10:db:7f:f3:9d:3b:d8:9b:1f:
70:91:92:44:a1:39:02:9a:c1:44:08:e6:2e:bb:40:ee:45:d7:
d6:15:2b:5f:74:1d:e0:5c:c2:55:e2:2e:b7:ba:6a:66:26:6c:
d8:90:49:4a:ed:1d:5d:10:a9:7f:8c:ce:8b:8b:52:37:57:f5:
a5:90:bf:7a:38:34:97:94:c2:42:33:49:89:dd:07:c2:46:02:
a9:6b:17:dc:c0:3d:ab:1e:54:ee:83:09:33:51:f7:a3:35:92:
0a:74:f3:ac:87:80:c9:8c:be:f0:71:d5:b6:28:9b:85:8b:70:
de:76:81:7d:ca:73:8b:da:1b:90:e9:ab:e8:3d:a8:fa:b4:a6:
84:35:51:3a:84:28:12:63:eb:b5:cb:eb:7a:2d:3a:20:df:28:
9a:a7:d5:8e:fa:0f:19:09:4a:8a:ff:e8:4e:62:20:94:1c:68:
3f:6d:ef:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdhdwwcusB3q6ZuCA2GkrJRCRg8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwNDRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0ZDhjZWRjMGVlMmRkZGNjNTJkNTFlMzJjMDgwZjE2ZmM4Njc4N2E5Njhh
YjRlY2RjM2UwOTVjMmRjNjljYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkqUxWKvR1sUDxhWA0MvRX3mId77RjJKq6aSOcO5icIwV9epWvZggSd17+m
A4lnReIUn2jpTSTib8ocx+GE9rIamiDyp3qpNJxsmRPoo/48sSVxMs57VCnEzHsK
m53TOZFDxu2We4xM8vvydaO7/0ftfqI1iDH1woecV06XngaxRXE2o9zOk8pqJduH
25aKTN+irwPaQeTZIdKRcDAbX/CR8VF25gN6pjDluwq+1ZVkoYjXmBd36kVnZiGl
Kojs5C4+NAtVSjdyFvjmx4x1hmp7VbGCRsGnQfZvUtFWHX0VVek5hd4n4pYM5TR2
ZWXP5tXFLNxElQWHxyhZkzoaGd8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBScqF/W
BSVSTninGGKSxDxbSKlEJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA4ZmM4NzktNGRiOS00NDZjLWJkYjMtMzdiZjRlZTI4Yzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hqg
MA0GCSqGSIb3DQEBCwUAA4IBAQCeowfv9cVpagZ/vsPJwVwRycg+BtJJZgMOyz4k
5NeWA7VteHVM5tnSc53MWEh57FyFZWBO4/w6yTYPNt/h4Jcpt6cfneOQp0akZpMX
N3rzCAwQ23/znTvYmx9wkZJEoTkCmsFECOYuu0DuRdfWFStfdB3gXMJV4i63umpm
JmzYkElK7R1dEKl/jM6Li1I3V/WlkL96ODSXlMJCM0mJ3QfCRgKpaxfcwD2rHlTu
gwkzUfejNZIKdPOsh4DJjL7wcdW2KJuFi3DedoF9ynOL2huQ6avoPaj6tKaENVE6
hCgSY+u1y+t6LTog3yiap9WO+g8ZCUqK/+hOYiCUHGg/be9G
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:22 2025 by rpki-client