Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
File: 77bc679b-5199-43c2-8199-be5c04a6c0d9.roa (raw, json)
Hash identifier: 1nI2xQFB6JeZXE4ZvfbZN1SRefHfs9Nk7xreA3rQqSk=
Subject key identifier: 98:FD:E0:90:86:09:14:CC:FB:81:3D:A9:68:76:38:3B:43:C8:EB:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C4E29D1D4A72386FA7723BEF77CB4B3C8EA3008
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
Signing time: Tue 21 Oct 2025 14:31:00 +0000
ROA not before: Tue 21 Oct 2025 14:31:00 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:4e:29:d1:d4:a7:23:86:fa:77:23:be:f7:7c:b4:b3:c8:ea:30:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:31:00 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=4e88b3a385865e90e3cfec24d57ef265d6ef20bf1a4dd1fb82e9be88b1fdce95, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6e:23:06:51:e6:83:18:27:cb:65:34:01:9f:
b9:49:09:ca:5e:51:9a:e5:74:2d:c8:a0:6e:6f:40:
75:44:63:5c:9e:2f:10:df:9c:56:2d:6e:18:c2:03:
12:60:93:2b:ff:26:b1:45:e4:0c:3b:95:b5:9c:b1:
7c:16:d3:53:17:c0:ac:b5:84:d7:ba:a2:40:f5:22:
45:24:19:f0:f9:51:c6:59:81:39:30:d9:a1:37:e1:
e4:5a:ac:d6:32:23:6a:f2:34:95:50:aa:3f:74:6a:
88:2c:3a:f8:02:fb:50:a4:de:96:29:17:62:d3:b4:
e6:98:68:a7:98:fe:30:7e:03:17:73:ca:3a:20:bf:
f6:6a:e8:8e:ea:77:85:fe:db:dd:ec:55:17:38:75:
71:13:d7:da:79:8a:20:11:d1:b4:d4:46:45:c5:af:
09:8e:9c:7b:11:a0:02:b3:79:37:59:1b:f9:88:76:
a1:8b:b9:bf:b7:fd:b7:27:be:7a:eb:1e:1e:68:be:
2d:c7:13:18:8d:8b:24:32:79:50:2d:f0:13:85:57:
07:3c:37:aa:f2:56:04:e5:ac:5d:0f:97:e3:24:c6:
b9:72:c4:b8:97:9c:df:76:1c:7c:99:43:79:b0:8b:
97:42:23:47:d5:63:f3:e4:ba:55:6c:7c:00:95:2a:
77:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FD:E0:90:86:09:14:CC:FB:81:3D:A9:68:76:38:3B:43:C8:EB:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c040::/48
Signature Algorithm: sha256WithRSAEncryption
1b:8c:74:69:34:74:fc:5c:0a:76:59:96:3f:ef:8b:72:bf:6d:
80:73:f1:14:6b:05:7a:e4:e4:54:0a:61:69:5d:78:2e:a7:32:
02:45:cb:fb:0b:f7:d7:aa:92:08:68:d5:f8:88:e0:84:bc:e4:
4c:b9:d3:2a:c4:6a:a3:fa:7d:04:c0:37:52:71:fc:5e:16:00:
66:f6:cb:bc:6f:2c:45:2c:bb:3d:da:de:d2:c6:75:05:53:fe:
a0:0f:38:c3:71:5c:e0:de:8b:91:bc:c2:3b:05:e8:f3:05:01:
67:2f:47:22:51:00:3c:ed:19:bc:c9:b2:11:a5:c8:e5:7f:23:
e8:11:e0:9c:ce:70:60:dd:47:9f:ad:86:82:44:15:f2:8e:d4:
d9:c7:7f:f3:1d:51:fb:df:ef:49:23:6c:90:7b:3c:45:9a:da:
c9:f3:bc:be:c9:57:4e:d3:26:e4:e7:01:1e:a8:bf:e3:97:44:
ce:7f:d9:d4:b2:a1:99:15:01:3c:d2:e7:a8:5c:97:ea:e3:68:
24:d8:d0:a9:33:a9:00:1c:0c:95:1e:b0:6c:08:78:84:bf:05:
a5:cf:9e:46:8f:a7:4b:ab:97:66:fb:84:64:8f:60:16:af:89:
3d:6e:8d:4d:a3:a4:64:09:f4:3a:ca:bc:87:2f:59:77:d5:72:
1c:43:9e:c2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXE4p0dSnI4b6dyO+93y0s8jqMAgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMxMDBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlODhiM2EzODU4NjVlOTBlM2NmZWMyNGQ1N2VmMjY1ZDZlZjIwYmYxYTRk
ZDFmYjgyZTliZTg4YjFmZGNlOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJVuIwZR5oMYJ8tlNAGfuUkJyl5RmuV0Lcigbm9AdURjXJ4vEN+cVi1uGMID
EmCTK/8msUXkDDuVtZyxfBbTUxfArLWE17qiQPUiRSQZ8PlRxlmBOTDZoTfh5Fqs
1jIjavI0lVCqP3RqiCw6+AL7UKTelikXYtO05phop5j+MH4DF3PKOiC/9mrojup3
hf7b3exVFzh1cRPX2nmKIBHRtNRGRcWvCY6cexGgArN5N1kb+Yh2oYu5v7f9tye+
euseHmi+LccTGI2LJDJ5UC3wE4VXBzw3qvJWBOWsXQ+X4yTGuXLEuJec33YcfJlD
ebCLl0IjR9Vj8+S6VWx8AJUqd8ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSY/eCQ
hgkUzPuBPalodjg7Q8jrqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzdiYzY3OWItNTE5OS00M2MyLTgxOTktYmU1YzA0YTZjMGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
QDANBgkqhkiG9w0BAQsFAAOCAQEAG4x0aTR0/FwKdlmWP++Lcr9tgHPxFGsFeuTk
VAphaV14LqcyAkXL+wv316qSCGjV+IjghLzkTLnTKsRqo/p9BMA3UnH8XhYAZvbL
vG8sRSy7Pdre0sZ1BVP+oA84w3Fc4N6LkbzCOwXo8wUBZy9HIlEAPO0ZvMmyEaXI
5X8j6BHgnM5wYN1Hn62GgkQV8o7U2cd/8x1R+9/vSSNskHs8RZrayfO8vslXTtMm
5OcBHqi/45dEzn/Z1LKhmRUBPNLnqFyX6uNoJNjQqTOpABwMlR6wbAh4hL8Fpc+e
Ro+nS6uXZvuEZI9gFq+JPW6NTaOkZAn0Osq8hy9Zd9VyHEOewg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:22 2025 by rpki-client