Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
File: 4e84f0a8-9d20-4219-b641-9a6905a033d9.roa (raw, json)
Hash identifier: NE9SNSr8UavqSQFhOu17/lVv8nbGGvYce6TNMh+lEV0=
Subject key identifier: AE:5A:CA:41:08:D7:89:58:E3:7D:AD:C9:46:7D:95:38:3B:5F:77:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77C3C98B094F0A4F70597587FF2BA031A3167AE1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
Signing time: Tue 21 Oct 2025 13:31:05 +0000
ROA not before: Tue 21 Oct 2025 13:31:05 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:c3:c9:8b:09:4f:0a:4f:70:59:75:87:ff:2b:a0:31:a3:16:7a:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:31:05 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=bcdf117d3493140c49edc30eecbe4c26b5946d1d9a3668bf195e69773232ae57, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0e:f5:a2:e2:af:30:e8:98:90:f0:ef:81:39:
37:2e:1c:5f:33:1e:48:ee:1d:a5:05:f1:93:80:43:
78:eb:bf:9c:fb:fb:7a:3e:87:6f:e9:65:dd:d1:10:
87:31:30:bc:be:a9:af:ce:c9:e8:48:00:d0:97:5d:
a3:fd:c1:1d:57:0e:de:e5:a0:c0:23:f7:f2:a2:88:
38:1b:5a:51:17:25:8f:6a:6d:2a:a5:1c:7c:9d:33:
2f:b0:ca:1e:1b:c3:cf:d7:cc:20:a1:bc:29:cf:76:
1a:3d:2a:3f:d6:f0:5f:6b:71:e2:d2:5e:db:9a:00:
03:28:04:54:30:31:a5:75:39:3b:f9:3c:15:73:c8:
11:da:4c:4a:27:52:09:55:25:ea:4d:45:24:0e:0d:
0a:ef:97:6c:59:40:09:d9:19:14:59:e2:ad:9a:3f:
40:1e:3b:69:66:d4:07:62:1d:aa:69:ff:dd:19:3f:
b2:fa:1c:b4:aa:5b:c7:a2:95:93:af:cf:9f:fa:20:
7f:25:68:7a:c3:c8:72:e6:13:59:a4:e4:6c:ff:98:
eb:c6:2b:c0:b4:bd:a6:51:26:b2:db:53:03:dd:4a:
39:20:32:70:c9:69:c2:20:4a:c4:7e:28:68:02:f7:
1f:d1:c2:c0:b4:bd:1e:6a:86:78:5c:88:e7:89:55:
86:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:5A:CA:41:08:D7:89:58:E3:7D:AD:C9:46:7D:95:38:3B:5F:77:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a040::/48
Signature Algorithm: sha256WithRSAEncryption
0a:e9:3c:dd:c8:4a:81:69:98:a6:20:c3:d0:89:4a:35:8d:02:
d4:56:6b:3a:13:f4:98:5e:c5:64:37:69:30:fa:e5:49:2f:01:
d5:99:5a:de:e8:1b:b9:d0:03:88:70:10:ac:85:71:73:11:00:
8d:41:77:ab:28:b3:d9:a6:02:df:1f:00:fd:17:49:d6:44:03:
a6:b5:2f:90:ea:62:e4:c4:ed:ea:33:f3:88:c1:78:db:71:f3:
be:b1:b1:9b:23:a3:23:2d:89:d5:28:2f:ed:bf:76:2a:7e:b2:
4d:6e:0e:3f:db:27:e3:c8:6d:5d:35:84:dc:3a:62:9a:34:b9:
65:a1:f8:d5:e2:3c:94:69:ee:ca:50:61:02:fc:02:80:e5:8b:
0c:48:f2:8d:d7:3c:4e:9e:50:9d:cd:e7:b8:3f:0e:7f:00:1c:
ce:5e:5d:33:dc:26:a5:cb:56:99:86:96:7e:22:91:8b:14:de:
f9:d8:ab:e2:a9:f8:d6:37:3e:f4:b1:6a:29:de:89:1a:29:c2:
8f:57:4e:44:9f:4e:21:56:9c:7c:89:c9:24:49:3d:d9:40:ac:
17:8a:b2:d6:bb:6e:ff:0f:7a:42:14:c1:4b:c4:7d:e7:f3:7c:
64:70:c4:47:28:52:bc:60:b0:6e:d1:e5:58:08:13:76:23:7a:
0b:37:46:34
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd8PJiwlPCk9wWXWH/yugMaMWeuEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMxMDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjZGYxMTdkMzQ5MzE0MGM0OWVkYzMwZWVjYmU0YzI2YjU5NDZkMWQ5YTM2
NjhiZjE5NWU2OTc3MzIzMmFlNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIwO9aLirzDomJDw74E5Ny4cXzMeSO4dpQXxk4BDeOu/nPv7ej6Hb+ll3dEQ
hzEwvL6pr87J6EgA0Jddo/3BHVcO3uWgwCP38qKIOBtaURclj2ptKqUcfJ0zL7DK
HhvDz9fMIKG8Kc92Gj0qP9bwX2tx4tJe25oAAygEVDAxpXU5O/k8FXPIEdpMSidS
CVUl6k1FJA4NCu+XbFlACdkZFFnirZo/QB47aWbUB2Idqmn/3Rk/svoctKpbx6KV
k6/Pn/ogfyVoesPIcuYTWaTkbP+Y68YrwLS9plEmsttTA91KOSAycMlpwiBKxH4o
aAL3H9HCwLS9HmqGeFyI54lVhpUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSuWspB
CNeJWON9rclGfZU4O193SjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGU4NGYwYTgtOWQyMC00MjE5LWI2NDEtOWE2OTA1YTAzM2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
QDANBgkqhkiG9w0BAQsFAAOCAQEACuk83chKgWmYpiDD0IlKNY0C1FZrOhP0mF7F
ZDdpMPrlSS8B1Zla3ugbudADiHAQrIVxcxEAjUF3qyiz2aYC3x8A/RdJ1kQDprUv
kOpi5MTt6jPziMF423HzvrGxmyOjIy2J1Sgv7b92Kn6yTW4OP9sn48htXTWE3Dpi
mjS5ZaH41eI8lGnuylBhAvwCgOWLDEjyjdc8Tp5Qnc3nuD8OfwAczl5dM9wmpctW
mYaWfiKRixTe+dir4qn41jc+9LFqKd6JGinCj1dORJ9OIVacfInJJEk92UCsF4qy
1rtu/w96QhTBS8R95/N8ZHDERyhSvGCwbtHlWAgTdiN6CzdGNA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:33 2025 by rpki-client