Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ee4d823-9869-449e-9541-10a647125e4a.roa
File: 4ee4d823-9869-449e-9541-10a647125e4a.roa (raw, json)
Hash identifier: EOhIM53WJywmJOZQoEO7ToPTp2B99bUWRWm0+MPRLyA=
Subject key identifier: A9:40:F0:12:51:69:3C:E2:C6:16:28:BE:64:F0:93:3D:2D:E4:4C:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63275F08F4E30959E447A22B6EA82F065861B29D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ee4d823-9869-449e-9541-10a647125e4a.roa
Signing time: Tue 21 Oct 2025 14:21:03 +0000
ROA not before: Tue 21 Oct 2025 14:21:03 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:27:5f:08:f4:e3:09:59:e4:47:a2:2b:6e:a8:2f:06:58:61:b2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:21:03 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=2c3912f6f4a3d289a9d34b05dc2c0e33ee287926a3f2655183a0b20f3c56bc60, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e1:26:73:b8:1a:ce:63:4b:32:81:b6:93:d0:
ea:cc:31:77:75:21:7e:a4:94:82:b9:80:0a:7d:47:
83:28:9e:c7:1d:9b:f2:4f:5e:66:0c:0d:ac:ff:94:
ec:c1:05:db:a1:b0:7c:24:a2:29:d3:30:8d:41:91:
fc:d8:f2:02:81:a3:b5:05:9f:5f:69:b3:7f:5b:56:
43:44:20:55:65:ad:db:9c:c2:a7:9c:9c:ca:14:f7:
eb:91:33:31:28:9d:e5:8c:13:1e:73:80:89:fd:ee:
e6:6d:35:01:62:59:ce:00:f8:57:e5:ae:d7:4b:8f:
eb:d2:b6:ec:0f:a9:af:68:4c:cf:29:e6:9f:bf:9b:
3a:27:15:f5:17:3b:33:3f:46:5b:96:26:00:11:87:
39:3b:db:ad:f5:ad:5d:ca:4f:f1:bf:e8:ed:2b:3a:
94:ed:49:03:5d:80:d0:c2:de:ab:92:db:3f:17:21:
c6:78:c4:46:07:69:68:4c:97:c2:f6:0e:f4:77:b2:
05:3a:0e:0a:04:88:50:78:90:c1:57:1b:01:a4:55:
16:02:6e:22:1e:6a:02:8c:de:24:8a:d3:c6:c6:b6:
fb:dd:2a:d1:8b:fb:2c:e0:c9:8b:14:60:12:80:6c:
e6:2b:8b:e2:ca:d7:9b:6a:b2:99:51:ef:c4:eb:c7:
96:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:40:F0:12:51:69:3C:E2:C6:16:28:BE:64:F0:93:3D:2D:E4:4C:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ee4d823-9869-449e-9541-10a647125e4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c000::/40
Signature Algorithm: sha256WithRSAEncryption
ae:45:e9:e2:85:a1:b3:69:51:2e:be:2d:5c:ad:66:d0:c9:f0:
ff:e4:36:ec:c6:10:98:ab:04:a4:6a:f6:cb:6e:68:c0:1b:ed:
48:a0:73:a8:f2:7c:5f:41:34:2e:b4:90:b3:9d:43:51:a7:7a:
aa:10:bb:70:b7:70:cb:70:74:80:12:16:22:48:55:7a:3c:62:
fe:54:6c:a8:a3:2a:67:c9:e8:49:ec:90:7a:53:ec:2d:19:47:
bb:3e:30:81:dc:4f:49:9e:3e:16:d0:4f:66:de:7d:10:a6:91:
59:fc:01:a8:89:a4:45:c9:7a:07:9b:69:c0:74:bc:5a:16:65:
70:75:11:7d:8f:7f:16:33:42:1f:42:e9:a9:26:c6:8e:03:ca:
f6:77:19:f4:c8:df:53:d8:3e:a2:22:50:4c:c5:4d:be:50:89:
a7:1c:b3:e2:d3:6f:ef:7e:9f:c5:83:9a:3e:d0:b2:80:5a:f8:
a1:6a:e2:be:2f:52:d5:9f:71:da:50:8b:5e:93:e0:be:e7:90:
22:bb:ea:31:fa:ed:87:91:e3:ad:04:f0:96:91:4f:60:7f:d9:
1c:0e:c9:85:e0:a6:0b:0e:a8:3b:85:5a:9f:e2:09:6f:e1:d3:
52:c3:b0:2c:3c:51:a5:5e:2a:fa:22:06:1b:e3:04:b3:45:a3:
6b:20:82:b4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYydfCPTjCVnkR6IrbqgvBlhhsp0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIxMDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjMzkxMmY2ZjRhM2QyODlhOWQzNGIwNWRjMmMwZTMzZWUyODc5MjZhM2Yy
NjU1MTgzYTBiMjBmM2M1NmJjNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJfhJnO4Gs5jSzKBtpPQ6swxd3UhfqSUgrmACn1Hgyiexx2b8k9eZgwNrP+U
7MEF26GwfCSiKdMwjUGR/NjyAoGjtQWfX2mzf1tWQ0QgVWWt25zCp5ycyhT365Ez
MSid5YwTHnOAif3u5m01AWJZzgD4V+Wu10uP69K27A+pr2hMzynmn7+bOicV9Rc7
Mz9GW5YmABGHOTvbrfWtXcpP8b/o7Ss6lO1JA12A0MLeq5LbPxchxnjERgdpaEyX
wvYO9HeyBToOCgSIUHiQwVcbAaRVFgJuIh5qAozeJIrTxsa2+90q0Yv7LODJixRg
EoBs5iuL4srXm2qymVHvxOvHlrMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSpQPAS
UWk84sYWKL5k8JM9LeRMJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGVlNGQ4MjMtOTg2OS00NDllLTk1NDEtMTBhNjQ3MTI1ZTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/A
MA0GCSqGSIb3DQEBCwUAA4IBAQCuRenihaGzaVEuvi1crWbQyfD/5DbsxhCYqwSk
avbLbmjAG+1IoHOo8nxfQTQutJCznUNRp3qqELtwt3DLcHSAEhYiSFV6PGL+VGyo
oypnyehJ7JB6U+wtGUe7PjCB3E9Jnj4W0E9m3n0QppFZ/AGoiaRFyXoHm2nAdLxa
FmVwdRF9j38WM0IfQumpJsaOA8r2dxn0yN9T2D6iIlBMxU2+UImnHLPi02/vfp/F
g5o+0LKAWvihauK+L1LVn3HaUItek+C+55Aiu+ox+u2HkeOtBPCWkU9gf9kcDsmF
4KYLDqg7hVqf4glv4dNSw7AsPFGlXir6IgYb4wSzRaNrIIK0
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:19 2025 by rpki-client