Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
File: 6f78d89d-1d32-4176-8f3e-9966f674843e.roa (raw, json)
Hash identifier: LLUc/Ab1GTdcNFo1LwdlIvxab/XbEGmLeYPNKzOevcg=
Subject key identifier: EF:38:AB:E1:F7:63:19:93:1F:CE:FA:B8:62:88:5B:C5:32:78:BC:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C4A0FBE9A53409D15A2F20CC0708263BEBB4D35
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
Signing time: Tue 21 Oct 2025 13:40:50 +0000
ROA not before: Tue 21 Oct 2025 13:40:50 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:4a:0f:be:9a:53:40:9d:15:a2:f2:0c:c0:70:82:63:be:bb:4d:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:40:50 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=928f996bbaea01deb82febff203c07d1f6bc92e16aa0f1963654c21af87ba28d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0e:28:c8:c8:8b:0c:64:b5:b5:bc:a8:93:7d:
d2:86:61:e6:1a:d7:1b:7d:ea:30:b0:d5:42:83:f2:
75:cf:c7:4a:59:f2:53:86:06:04:66:e3:e0:3f:a9:
86:0e:91:e3:7b:de:12:ce:45:ad:74:1c:12:c0:19:
f5:6d:05:6e:c0:32:d1:0f:08:6b:ee:a8:97:54:51:
7e:00:6c:3e:71:9e:c7:68:17:94:13:ce:7f:2a:78:
0e:e6:5c:ec:71:26:50:33:09:6f:5c:8e:66:9f:2f:
e2:43:f4:d9:2e:47:4a:17:47:0c:42:93:b8:5a:44:
80:e1:be:d1:52:41:a5:ef:9e:9c:29:d8:91:ef:1b:
8f:2c:8b:a2:ef:27:bc:c3:cd:ff:a5:45:9f:50:4b:
dc:92:04:23:ea:b7:2d:d9:3a:d3:72:5f:7d:5c:ad:
c6:a6:e0:47:f5:a5:19:86:f8:f6:05:13:3d:ae:9e:
81:b4:7f:b0:ea:98:9c:50:0e:8f:ea:71:b4:e7:57:
0c:c5:28:e1:5e:9f:35:3f:83:89:c2:2f:72:45:53:
ca:f1:b3:a6:03:4e:fa:ff:a9:91:f1:74:7f:dd:19:
cc:e3:28:8e:40:3e:8a:28:a5:25:e6:77:b2:57:06:
8c:e2:bc:24:07:c0:b2:87:25:e3:3b:49:35:22:b0:
20:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:38:AB:E1:F7:63:19:93:1F:CE:FA:B8:62:88:5B:C5:32:78:BC:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071::/32
Signature Algorithm: sha256WithRSAEncryption
19:ae:47:ca:76:84:f9:76:c4:a6:5a:53:e0:1d:4a:1f:a9:f8:
61:04:35:8a:56:a2:e0:4d:fb:ef:ad:ab:60:78:e7:88:f8:76:
db:8c:53:3d:e3:c4:36:b6:68:fd:0a:2f:27:60:4d:b7:64:60:
1e:87:f0:0e:ef:36:46:eb:b0:ca:f1:98:5b:ab:2d:ab:e6:f7:
12:51:61:39:05:40:62:0c:c4:92:57:10:ab:35:45:50:2d:f0:
24:a1:97:4b:d9:38:98:60:4d:1e:0a:56:fb:fe:99:6f:46:4e:
e6:6e:e6:32:58:e2:35:a5:7d:4b:9a:eb:cf:3e:77:de:52:0a:
9e:66:2c:8a:a6:b1:6d:37:f1:49:4c:88:6e:8a:a1:83:5f:d2:
1a:93:89:f7:be:b2:5d:2e:2d:75:4a:60:97:08:00:af:42:1d:
3f:ef:83:7c:f2:05:6a:5f:0c:72:6c:67:d9:a0:95:84:d8:13:
7c:3d:41:1b:c1:68:71:5d:65:7f:9c:f4:28:a3:03:99:47:c1:
94:b4:7c:9d:83:99:3a:82:e5:6a:92:1c:a1:d0:80:54:f2:27:
04:9c:75:fd:b3:82:16:e9:34:38:fb:b3:e4:14:a2:16:6b:70:
a4:54:9c:d8:09:81:5f:bf:63:1b:bc:86:4a:79:c9:a1:8e:53:
b3:28:30:71
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUPEoPvppTQJ0VovIMwHCCY767TTUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzQwNTBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyOGY5OTZiYmFlYTAxZGViODJmZWJmZjIwM2MwN2QxZjZiYzkyZTE2YWEw
ZjE5NjM2NTRjMjFhZjg3YmEyOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAOKMjIiwxktbW8qJN90oZh5hrXG33qMLDVQoPydc/HSlnyU4YGBGbj4D+p
hg6R43veEs5FrXQcEsAZ9W0FbsAy0Q8Ia+6ol1RRfgBsPnGex2gXlBPOfyp4DuZc
7HEmUDMJb1yOZp8v4kP02S5HShdHDEKTuFpEgOG+0VJBpe+enCnYke8bjyyLou8n
vMPN/6VFn1BL3JIEI+q3Ldk603JffVytxqbgR/WlGYb49gUTPa6egbR/sOqYnFAO
j+pxtOdXDMUo4V6fNT+DicIvckVTyvGzpgNO+v+pkfF0f90ZzOMojkA+iiilJeZ3
slcGjOK8JAfAsocl4ztJNSKwIPsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTvOKvh
92MZkx/O+rhiiFvFMni8njAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY3OGQ4OWQtMWQzMi00MTc2LThmM2UtOTk2NmY2NzQ4NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HEw
DQYJKoZIhvcNAQELBQADggEBABmuR8p2hPl2xKZaU+AdSh+p+GEENYpWouBN+++t
q2B454j4dtuMUz3jxDa2aP0KLydgTbdkYB6H8A7vNkbrsMrxmFurLavm9xJRYTkF
QGIMxJJXEKs1RVAt8CShl0vZOJhgTR4KVvv+mW9GTuZu5jJY4jWlfUua688+d95S
Cp5mLIqmsW038UlMiG6KoYNf0hqTife+sl0uLXVKYJcIAK9CHT/vg3zyBWpfDHJs
Z9mglYTYE3w9QRvBaHFdZX+c9CijA5lHwZS0fJ2DmTqC5WqSHKHQgFTyJwScdf2z
ghbpNDj7s+QUohZrcKRUnNgJgV+/Yxu8hkp5yaGOU7MoMHE=
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:39 2025 by rpki-client