Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
File: 758ab83f-3a25-48db-a214-04c27915b62e.roa (raw, json)
Hash identifier: quBYEnGxB6d2poFrdfVB8OmCA9q213sNI5r2Kwbg8PY=
Subject key identifier: F4:24:1D:F1:41:A7:14:02:DE:E9:8A:3A:7D:69:52:0B:81:DA:86:A1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 374BB5C56744B3B8C43CFAE837ACB8511DAB5897
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
Signing time: Tue 21 Oct 2025 14:21:01 +0000
ROA not before: Tue 21 Oct 2025 14:21:01 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:4b:b5:c5:67:44:b3:b8:c4:3c:fa:e8:37:ac:b8:51:1d:ab:58:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:21:01 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=8f5adcf1251110d2253ee533a80488cda5da82c2a0006742a0b7f3d2c02c931e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:00:92:af:36:78:55:44:0b:6c:d6:41:66:7c:
80:41:f5:a4:a1:4e:b6:17:0b:19:7e:c0:05:5c:26:
df:6c:2b:f0:b6:8f:34:fe:46:7f:8b:5a:14:15:7b:
20:cb:5c:cd:c9:ba:e4:7b:ad:a2:33:78:36:3b:6a:
15:78:0c:1f:04:17:12:26:81:9a:cb:24:41:bd:a6:
20:11:84:2b:c9:42:0b:dc:5f:7a:aa:79:89:ab:8b:
70:56:41:f3:ea:cd:9e:cc:9b:fc:07:73:d7:b3:a5:
ba:42:39:a8:27:25:b3:9e:6a:7c:01:29:4b:24:60:
51:9d:d8:07:0b:77:80:af:92:22:8a:6a:bd:c3:58:
b8:b3:72:76:eb:98:46:fd:6a:ef:ca:2e:f4:17:c4:
5b:82:f9:ee:45:69:2e:4e:ef:59:5f:d7:88:d6:ec:
ef:64:af:47:fb:3e:9b:aa:77:22:00:5f:c0:f4:35:
c5:28:0c:fb:c7:3d:5c:0d:3c:88:29:29:99:1b:72:
07:7c:66:fa:06:28:13:62:b3:f8:35:09:54:28:71:
45:57:7d:2e:1c:78:79:d3:fd:b7:61:cb:e7:4b:3d:
88:6c:cb:f6:1a:48:82:00:a1:f5:a1:ba:38:ba:cc:
80:40:fb:9f:19:1c:94:f6:07:3b:91:6d:6d:c3:48:
bf:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:24:1D:F1:41:A7:14:02:DE:E9:8A:3A:7D:69:52:0B:81:DA:86:A1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:a000::/40
Signature Algorithm: sha256WithRSAEncryption
9d:ba:09:1d:fc:9c:3a:29:a7:93:0d:cf:bc:17:b3:aa:17:72:
fa:be:ae:2f:03:d6:fb:6b:a9:4b:a6:6f:80:07:b8:5d:04:3e:
f3:71:0e:ed:ba:bc:e1:48:e2:e2:3b:13:4c:5e:63:ce:71:c5:
b9:f9:62:e2:b8:4a:46:fd:4b:4a:4f:ba:f5:ab:00:97:fc:aa:
6b:76:ac:f3:4d:69:7d:a4:db:0f:42:f4:ea:c8:01:9b:6c:dd:
3e:8a:53:85:f4:86:0f:86:34:e1:19:bb:c0:36:a0:06:cc:89:
50:45:f8:b8:38:48:0b:42:74:87:2a:37:6f:ee:76:e1:3a:73:
72:e1:af:02:49:35:63:a2:83:14:16:de:32:f6:16:09:57:3f:
ce:17:4a:d9:22:d5:ce:f5:66:a1:34:6d:d4:1b:f1:8c:f2:5f:
41:f8:86:59:6f:c8:1e:e9:c6:3f:10:52:fb:f8:21:43:90:36:
1b:db:f0:8a:62:9d:f8:8c:18:26:ba:e2:15:fe:4a:4c:d8:86:
1a:fc:cd:f0:e6:e8:3e:4e:76:27:b5:6a:84:c6:94:9c:bd:c3:
bb:bd:9f:e8:eb:c6:f6:b4:da:7f:26:63:75:4c:eb:16:83:f3:
86:85:80:c7:94:18:4b:9f:d6:83:a1:53:23:bc:d4:9d:60:3c:
b8:62:b6:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN0u1xWdEs7jEPProN6y4UR2rWJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIxMDFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmNWFkY2YxMjUxMTEwZDIyNTNlZTUzM2E4MDQ4OGNkYTVkYTgyYzJhMDAw
Njc0MmEwYjdmM2QyYzAyYzkzMWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcAkq82eFVEC2zWQWZ8gEH1pKFOthcLGX7ABVwm32wr8LaPNP5Gf4taFBV7
IMtczcm65HutojN4NjtqFXgMHwQXEiaBmsskQb2mIBGEK8lCC9xfeqp5iauLcFZB
8+rNnsyb/Adz17OlukI5qCcls55qfAEpSyRgUZ3YBwt3gK+SIopqvcNYuLNyduuY
Rv1q78ou9BfEW4L57kVpLk7vWV/XiNbs72SvR/s+m6p3IgBfwPQ1xSgM+8c9XA08
iCkpmRtyB3xm+gYoE2Kz+DUJVChxRVd9Lhx4edP9t2HL50s9iGzL9hpIggCh9aG6
OLrMgED7nxkclPYHO5FtbcNIv80CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0JB3x
QacUAt7pijp9aVILgdqGoTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU4YWI4M2YtM2EyNS00OGRiLWEyMTQtMDRjMjc5MTViNjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2g
MA0GCSqGSIb3DQEBCwUAA4IBAQCdugkd/Jw6KaeTDc+8F7OqF3L6vq4vA9b7a6lL
pm+AB7hdBD7zcQ7turzhSOLiOxNMXmPOccW5+WLiuEpG/UtKT7r1qwCX/Kprdqzz
TWl9pNsPQvTqyAGbbN0+ilOF9IYPhjThGbvANqAGzIlQRfi4OEgLQnSHKjdv7nbh
OnNy4a8CSTVjooMUFt4y9hYJVz/OF0rZItXO9WahNG3UG/GM8l9B+IZZb8ge6cY/
EFL7+CFDkDYb2/CKYp34jBgmuuIV/kpM2IYa/M3w5ug+TnYntWqExpScvcO7vZ/o
68b2tNp/JmN1TOsWg/OGhYDHlBhLn9aDoVMjvNSdYDy4YrY/
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:15 2025 by rpki-client