Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
File: 4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa (raw, json)
Hash identifier: PfXg8ga+1YBmiO2l5JVwUEPgE5/EA1GBY1E4kA8I3t8=
Subject key identifier: 93:6C:AD:31:51:43:4D:91:EA:72:6A:8D:BF:22:1E:10:E7:70:FC:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74972D3C250322BE884B418C09422306437B9982
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
Signing time: Tue 21 Oct 2025 14:30:54 +0000
ROA not before: Tue 21 Oct 2025 14:30:54 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:97:2d:3c:25:03:22:be:88:4b:41:8c:09:42:23:06:43:7b:99:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:30:54 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=b0a444a0fda60692c9dc951fe2549e011a3701872c10c17c87f2e26ef87dad49, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:da:3f:99:68:04:ce:d0:dd:b5:5e:28:dc:c9:
d3:53:6c:28:da:97:c1:34:50:e4:7a:ed:4a:ec:a2:
10:12:3f:7e:39:23:cd:d5:fc:a6:e9:06:ee:59:bc:
2e:e8:fd:37:bd:03:79:3b:7c:6e:15:28:04:df:fc:
f6:ea:9c:7f:d0:8d:8f:2d:5f:16:40:cb:17:0b:dc:
8e:aa:90:68:bc:24:f1:ae:cd:1a:20:03:1b:5f:bd:
b7:32:a3:0d:e7:e5:96:06:67:8d:d5:96:82:48:0e:
fb:2b:31:2c:41:b1:69:ce:4e:31:10:82:60:48:c8:
1b:6a:d9:53:12:70:2f:dd:7b:13:b9:28:04:56:74:
c0:ef:7a:a3:d9:e9:84:3d:0c:bb:03:d7:20:52:2a:
b4:71:17:1e:72:e0:84:a4:7e:7a:82:13:b3:01:86:
ed:02:95:bc:68:ff:a6:db:1a:23:c8:86:d0:11:ac:
52:9f:91:a7:8b:71:01:ab:74:c2:cd:5e:d9:cf:c8:
3e:a6:4d:98:28:d8:46:8b:61:a3:51:cd:b9:41:55:
9b:84:b2:8f:ad:40:04:cb:ad:dd:c4:d0:2f:5d:36:
ab:36:de:ca:c4:f8:eb:a0:8a:e7:da:fa:2f:57:40:
28:e5:d7:e1:d9:74:65:6c:3b:3c:1e:cb:a5:3c:c5:
44:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:6C:AD:31:51:43:4D:91:EA:72:6A:8D:BF:22:1E:10:E7:70:FC:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:400::/38
Signature Algorithm: sha256WithRSAEncryption
23:ad:c3:ab:b8:71:5a:0a:88:a0:06:0c:88:b2:00:e5:5d:0b:
b5:4f:ad:bb:d5:85:39:ff:27:eb:1a:6f:da:48:4b:8b:74:1b:
71:aa:90:e8:c2:d2:1e:eb:7c:a3:39:e1:36:62:20:2f:ff:e3:
82:29:6b:a4:d3:ed:02:ac:5e:71:a0:4e:5c:5b:96:a1:3b:e5:
d0:6a:3b:54:83:a9:ad:7a:28:76:c2:ec:20:fa:ed:92:20:b6:
0c:16:12:5c:b6:44:19:2d:cb:88:36:58:09:80:82:5c:c0:53:
13:7b:ec:b1:a7:bb:5c:0e:89:ea:cd:1b:c2:39:5e:a7:39:9b:
1c:a1:80:55:bf:ba:9d:97:bf:10:61:1d:d5:8e:b9:b0:47:a7:
89:5c:bf:7b:45:d6:4d:c5:20:53:ec:3c:43:b5:2f:2c:7c:84:
30:61:4b:49:ee:fd:6b:1a:34:cd:16:93:a9:9a:ec:7c:40:99:
2d:5a:69:e8:0d:70:0e:1a:96:cc:dd:91:9c:5b:82:da:ff:93:
16:f6:1b:e7:94:d3:35:09:7b:89:c1:20:6e:94:32:96:f9:2e:
6a:9b:c7:f0:6c:07:0d:6d:b7:41:36:d9:d0:3c:e3:a8:bb:25:
6c:3a:f3:50:da:2c:9b:d4:a4:cb:3f:e1:8b:79:6b:a9:ff:05:
bf:d3:0b:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdJctPCUDIr6IS0GMCUIjBkN7mYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMwNTRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwYTQ0NGEwZmRhNjA2OTJjOWRjOTUxZmUyNTQ5ZTAxMWEzNzAxODcyYzEw
YzE3Yzg3ZjJlMjZlZjg3ZGFkNDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnaP5loBM7Q3bVeKNzJ01NsKNqXwTRQ5HrtSuyiEBI/fjkjzdX8pukG7lm8
Luj9N70DeTt8bhUoBN/89uqcf9CNjy1fFkDLFwvcjqqQaLwk8a7NGiADG1+9tzKj
DefllgZnjdWWgkgO+ysxLEGxac5OMRCCYEjIG2rZUxJwL917E7koBFZ0wO96o9np
hD0MuwPXIFIqtHEXHnLghKR+eoITswGG7QKVvGj/ptsaI8iG0BGsUp+Rp4txAat0
ws1e2c/IPqZNmCjYRotho1HNuUFVm4Syj61ABMut3cTQL102qzbeysT466CK59r6
L1dAKOXX4dl0ZWw7PB7LpTzFRJsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSTbK0x
UUNNkepyao2/Ih4Q53D86DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGEwNzc2OTktNDhjYi00MmExLTlmMWItMWU3YzlhM2FlODA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQE
MA0GCSqGSIb3DQEBCwUAA4IBAQAjrcOruHFaCoigBgyIsgDlXQu1T6271YU5/yfr
Gm/aSEuLdBtxqpDowtIe63yjOeE2YiAv/+OCKWuk0+0CrF5xoE5cW5ahO+XQajtU
g6mteih2wuwg+u2SILYMFhJctkQZLcuINlgJgIJcwFMTe+yxp7tcDonqzRvCOV6n
OZscoYBVv7qdl78QYR3VjrmwR6eJXL97RdZNxSBT7DxDtS8sfIQwYUtJ7v1rGjTN
FpOpmux8QJktWmnoDXAOGpbM3ZGcW4La/5MW9hvnlNM1CXuJwSBulDKW+S5qm8fw
bAcNbbdBNtnQPOOouyVsOvNQ2iyb1KTLP+GLeWup/wW/0wsS
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:12 2025 by rpki-client