Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
File: 58699fff-50fe-46a7-8e85-38dbafe34c1b.roa (raw, json)
Hash identifier: ErP4bzI65P+KhyHmteoxJgduVvYyIiJ2T1og+2dQAqc=
Subject key identifier: D1:1B:CD:6B:5C:1A:F5:79:A7:8F:61:01:CD:8E:B7:7B:0D:3D:0D:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54253F55CE3525822D9BCF5C41064055EC86275D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
Signing time: Tue 21 Oct 2025 12:30:15 +0000
ROA not before: Tue 21 Oct 2025 12:30:15 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:25:3f:55:ce:35:25:82:2d:9b:cf:5c:41:06:40:55:ec:86:27:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 12:30:15 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=f94ef3156478e958e77a52e51391326eda9646e6b3acaf71e60f51f8ca115140, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:91:68:0d:d3:aa:a8:89:10:b8:29:0b:06:6d:
fc:5f:1c:56:60:e7:2e:53:3d:c5:ee:86:64:3b:5d:
1e:d0:07:6f:a6:fe:45:73:2a:39:1b:3b:34:de:aa:
bd:ee:ae:87:f7:fd:61:4e:e1:25:60:44:4a:9c:b7:
1a:06:0f:9a:4c:35:2d:18:00:27:06:75:2f:1b:99:
37:b5:d5:76:25:3f:6c:9d:7d:69:d6:44:c9:77:79:
d0:f3:bf:50:8a:91:b6:85:f8:e2:d2:61:31:72:5c:
bc:b8:62:48:61:b6:b8:75:fe:6a:e3:a3:e4:c1:6e:
65:67:38:8d:bb:fd:c0:2b:b0:60:53:76:98:9a:21:
a0:96:51:e1:01:a9:d0:8f:f7:e9:14:66:1e:53:97:
77:76:69:3a:78:8d:8e:91:8b:0d:84:b1:79:e4:9c:
59:47:de:9e:e1:7e:f9:89:cf:bd:af:17:68:c9:fa:
45:9c:b5:2b:14:68:77:f7:19:8c:20:86:7f:71:9f:
22:ba:80:36:40:97:53:2c:50:7f:9f:9e:e5:6c:bf:
9f:75:4f:fc:32:40:65:b0:e4:dd:ad:8e:56:70:27:
c7:4c:6d:d7:83:a3:04:ee:54:9b:e8:3f:fa:8a:91:
aa:98:ff:0d:7b:ff:b0:b6:c7:1d:06:d0:d8:0e:c4:
c0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:1B:CD:6B:5C:1A:F5:79:A7:8F:61:01:CD:8E:B7:7B:0D:3D:0D:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
a5:11:88:4b:94:82:16:0e:f0:1b:5f:c0:6b:f9:7a:8b:05:9d:
d3:f2:e2:96:8c:bb:60:18:fa:4e:b4:53:71:07:fa:18:cc:4e:
59:6a:8c:2c:06:f2:f8:70:99:70:ec:5d:ba:60:90:c6:9b:6f:
f9:9d:56:aa:91:3c:c7:c1:e1:e1:fc:d1:26:b1:8e:f7:8b:fd:
49:10:87:7f:df:3c:81:48:89:fe:02:fb:ee:9b:f8:af:e9:cc:
73:ea:11:34:81:44:dd:cd:17:59:a7:1e:47:3b:a1:70:29:77:
8f:4d:57:6c:db:fb:3e:ba:95:0f:69:ab:2e:85:07:98:ae:d6:
19:62:dc:81:e6:d9:ae:65:50:0e:b2:9f:8f:c4:1a:5d:2f:6c:
4f:a7:86:d2:c2:df:0d:cc:a8:c3:57:4a:a9:8b:78:5a:06:31:
d4:b6:82:1c:2a:26:8d:6c:2f:07:a5:38:c0:85:e4:8a:1f:13:
90:bf:d9:87:47:80:44:d5:d6:0b:b2:0c:4b:cb:c0:3e:63:81:
28:6c:4b:35:48:77:b0:d4:30:44:34:d7:3f:b3:16:68:ba:d4:
00:5f:e6:f3:0d:cd:ee:7e:55:a7:52:87:15:3d:4f:c6:d0:cc:
78:51:b8:ff:03:ad:99:7b:42:9b:f6:6e:31:e0:49:4c:fb:61:
10:56:a6:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVCU/Vc41JYItm89cQQZAVeyGJ10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMjMwMTVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5NGVmMzE1NjQ3OGU5NThlNzdhNTJlNTEzOTEzMjZlZGE5NjQ2ZTZiM2Fj
YWY3MWU2MGY1MWY4Y2ExMTUxNDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPaRaA3TqqiJELgpCwZt/F8cVmDnLlM9xe6GZDtdHtAHb6b+RXMqORs7NN6q
ve6uh/f9YU7hJWBESpy3GgYPmkw1LRgAJwZ1LxuZN7XVdiU/bJ19adZEyXd50PO/
UIqRtoX44tJhMXJcvLhiSGG2uHX+auOj5MFuZWc4jbv9wCuwYFN2mJohoJZR4QGp
0I/36RRmHlOXd3ZpOniNjpGLDYSxeeScWUfenuF++YnPva8XaMn6RZy1KxRod/cZ
jCCGf3GfIrqANkCXUyxQf5+e5Wy/n3VP/DJAZbDk3a2OVnAnx0xt14OjBO5Um+g/
+oqRqpj/DXv/sLbHHQbQ2A7EwLECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTRG81r
XBr1eaePYQHNjrd7DT0NbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg2OTlmZmYtNTBmZS00NmE3LThlODUtMzhkYmFmZTM0YzFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/g
MA0GCSqGSIb3DQEBCwUAA4IBAQClEYhLlIIWDvAbX8Br+XqLBZ3T8uKWjLtgGPpO
tFNxB/oYzE5ZaowsBvL4cJlw7F26YJDGm2/5nVaqkTzHweHh/NEmsY73i/1JEId/
3zyBSIn+Avvum/iv6cxz6hE0gUTdzRdZpx5HO6FwKXePTVds2/s+upUPaasuhQeY
rtYZYtyB5tmuZVAOsp+PxBpdL2xPp4bSwt8NzKjDV0qpi3haBjHUtoIcKiaNbC8H
pTjAheSKHxOQv9mHR4BE1dYLsgxLy8A+Y4EobEs1SHew1DBENNc/sxZoutQAX+bz
Dc3uflWnUocVPU/G0Mx4Ubj/A62Ze0Kb9m4x4ElM+2EQVqbX
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:21:15 2025 by rpki-client