Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
File: 788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa (raw, json)
Hash identifier: EiX0qlJPufeeJ4dr3howMRyQNHtVtmiIomsXd3Gv8NQ=
Subject key identifier: 36:34:A6:6A:BD:32:D3:D0:0F:AE:3C:7F:D2:DF:17:AB:4F:3D:EC:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01978EC6944C5F5CD59CF337EE48F37B85366D04
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
Signing time: Tue 21 Oct 2025 14:30:57 +0000
ROA not before: Tue 21 Oct 2025 14:30:57 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8e:c6:94:4c:5f:5c:d5:9c:f3:37:ee:48:f3:7b:85:36:6d:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:30:57 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=e6568265613e0cfc79988cee8deccb2851ef989cc05783ad371bbc7bcdf88123, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:65:5c:d6:43:f5:83:d6:b7:cc:cd:96:19:3f:
6e:6e:65:0a:c1:5d:d9:80:9b:7f:04:e7:61:5e:f4:
27:9f:b9:e2:bb:88:11:7f:15:2d:c8:12:b8:5f:68:
fa:35:58:91:1c:b0:f4:0e:69:d4:84:dd:83:0e:d1:
56:2e:98:bb:d6:38:e2:76:a6:a7:1e:36:b6:54:24:
49:17:00:f1:91:ee:80:37:d2:b9:6b:8e:90:bd:fb:
0d:b3:9e:b0:0c:42:8c:4d:f2:de:47:94:f8:12:71:
ad:84:30:44:7e:be:36:82:d1:ea:3a:ec:0d:a0:14:
e1:d9:62:d8:51:05:88:f6:1e:e0:30:8d:6f:4f:6e:
32:a6:8d:ef:06:02:df:32:06:da:6e:02:fe:d7:c7:
51:c8:23:9f:c3:ba:a5:85:f5:0e:99:f8:b3:a5:25:
da:82:aa:87:bd:2a:40:9b:19:1e:02:e6:a0:60:9e:
9c:ca:fe:7c:f1:cd:16:bf:fc:04:00:3b:c0:8c:7b:
d1:a9:8e:5b:1f:8e:3d:f6:d1:09:fb:c7:a8:ca:c3:
89:77:e8:ca:62:8c:cd:51:8b:0b:0c:2f:ad:69:f0:
62:51:9b:96:c1:1c:65:aa:dc:3e:62:21:d7:04:d5:
68:be:25:d4:c6:63:07:1f:4d:7b:15:23:06:85:b8:
b0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:34:A6:6A:BD:32:D3:D0:0F:AE:3C:7F:D2:DF:17:AB:4F:3D:EC:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:9000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:b9:7d:1d:a4:32:29:52:ef:f0:9a:05:48:2e:17:4b:b9:87:
8b:ec:9a:84:2f:44:99:1c:dd:0f:f2:ed:2b:bc:46:28:23:78:
63:8b:c1:be:5b:97:9d:90:3b:98:69:3c:31:85:e7:b4:44:68:
2f:e0:57:d9:fd:f4:a4:24:39:06:e0:2b:62:07:f8:54:fe:2e:
6f:8c:74:ef:77:0c:29:d5:0d:69:c4:fa:33:02:36:fd:69:e0:
b9:71:2f:35:33:85:f4:c4:c6:65:06:c5:d0:71:8e:e9:4b:5c:
1b:9e:46:bb:17:d0:0d:b6:dc:f9:27:33:d2:a5:ca:ea:cb:07:
af:2c:38:7c:30:b1:0d:25:14:40:43:d8:22:f7:71:73:70:dd:
d6:19:0c:06:f7:f9:8c:12:30:a8:c7:a2:9c:fe:08:75:4f:00:
8b:f1:75:af:0d:21:27:7c:6e:cd:2c:5b:c5:42:72:4f:bc:8d:
59:89:54:d3:f9:7a:fa:4e:e4:13:bf:93:78:ec:4c:db:27:98:
34:30:e6:d7:83:75:06:62:45:6e:c4:a0:bc:8c:29:c9:41:ee:
fe:20:fa:65:c5:90:97:59:d1:68:91:56:33:4e:f1:a4:b8:8f:
4f:35:ce:f1:d8:3e:99:0f:a5:32:b6:25:6d:c0:a8:be:e2:83:
69:7d:d3:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAZeOxpRMX1zVnPM37kjze4U2bQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMwNTdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2NTY4MjY1NjEzZTBjZmM3OTk4OGNlZThkZWNjYjI4NTFlZjk4OWNjMDU3
ODNhZDM3MWJiYzdiY2RmODgxMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdlXNZD9YPWt8zNlhk/bm5lCsFd2YCbfwTnYV70J5+54ruIEX8VLcgSuF9o
+jVYkRyw9A5p1ITdgw7RVi6Yu9Y44nampx42tlQkSRcA8ZHugDfSuWuOkL37DbOe
sAxCjE3y3keU+BJxrYQwRH6+NoLR6jrsDaAU4dli2FEFiPYe4DCNb09uMqaN7wYC
3zIG2m4C/tfHUcgjn8O6pYX1Dpn4s6Ul2oKqh70qQJsZHgLmoGCenMr+fPHNFr/8
BAA7wIx70amOWx+OPfbRCfvHqMrDiXfoymKMzVGLCwwvrWnwYlGblsEcZarcPmIh
1wTVaL4l1MZjBx9NexUjBoW4sLsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ2NKZq
vTLT0A+uPH/S3xerTz3srTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzg4ZDlkMjMtYmEzZi00MmM0LWIxYTMtODBmMjQxNGVmYjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA+uX0dpDIpUu/wmgVILhdLuYeL7JqEL0SZHN0P
8u0rvEYoI3hji8G+W5edkDuYaTwxhee0RGgv4FfZ/fSkJDkG4CtiB/hU/i5vjHTv
dwwp1Q1pxPozAjb9aeC5cS81M4X0xMZlBsXQcY7pS1wbnka7F9ANttz5JzPSpcrq
ywevLDh8MLENJRRAQ9gi93FzcN3WGQwG9/mMEjCox6Kc/gh1TwCL8XWvDSEnfG7N
LFvFQnJPvI1ZiVTT+Xr6TuQTv5N47EzbJ5g0MObXg3UGYkVuxKC8jCnJQe7+IPpl
xZCXWdFokVYzTvGkuI9PNc7x2D6ZD6UytiVtwKi+4oNpfdOs
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:12:01 2025 by rpki-client