Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
File: 8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa (raw, json)
Hash identifier: svQcc45gMP4QfkBDfYLo1VFP/T4dy/r/U2MLHZvrh6M=
Subject key identifier: 87:57:F8:69:5D:01:CE:19:E3:93:87:08:BE:AB:96:C0:0F:8C:C2:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C088307B3A3F428520C43AE380F23544E5B4D6F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
Signing time: Tue 21 Oct 2025 13:50:39 +0000
ROA not before: Tue 21 Oct 2025 13:50:39 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:08:83:07:b3:a3:f4:28:52:0c:43:ae:38:0f:23:54:4e:5b:4d:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:39 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=e32188c499788d39cac2291398406d5c8d1d358710330f97987368373b2cebff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:16:30:1c:36:82:ae:b5:f4:0b:d0:ff:d3:52:
5f:99:d3:8d:36:6f:45:42:0e:5d:47:ba:6a:e5:16:
1e:81:bf:b4:c9:ee:c9:fe:01:57:93:04:09:6f:5f:
a6:34:f3:61:0d:60:f7:68:8f:47:47:fd:fa:19:85:
98:d8:17:97:6b:08:5a:5b:e8:44:c4:59:aa:a0:a8:
38:23:41:b6:2d:92:19:a6:e5:24:c1:45:6f:10:f7:
33:de:ea:fa:6b:0b:e9:79:92:f8:05:c1:48:a8:3f:
b8:43:68:b1:d4:ea:5b:07:75:f8:e2:c3:5b:21:22:
91:31:d6:09:52:81:e9:22:07:aa:21:66:38:84:dd:
bc:94:46:b6:a9:dc:38:44:9b:93:25:38:ef:5b:bd:
a6:02:7c:ce:eb:13:40:1d:d2:8d:aa:bd:4c:34:87:
0f:1c:e3:56:39:28:8c:36:66:4f:da:ce:df:4d:9f:
85:0d:bc:28:33:87:ef:3c:ca:94:3e:4e:bf:3c:f2:
64:f0:b3:22:57:a9:44:24:18:ab:57:2a:63:b2:c8:
5f:0e:7c:37:89:a1:01:05:1a:78:13:61:0f:93:ac:
00:e1:a0:26:b9:d6:b9:5d:f4:5d:08:37:d0:03:4f:
4d:65:40:1d:d9:18:54:d9:ce:dc:51:31:93:19:15:
a0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:57:F8:69:5D:01:CE:19:E3:93:87:08:BE:AB:96:C0:0F:8C:C2:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028::/36
Signature Algorithm: sha256WithRSAEncryption
8d:a8:95:9e:63:81:5b:12:0e:67:e8:97:00:e4:7f:60:56:71:
4d:3b:ec:f1:de:a6:99:d9:28:8a:78:1f:ec:45:1b:58:93:ce:
57:7d:34:19:d4:3f:58:84:7c:87:af:06:89:2c:1c:85:38:cf:
08:78:cc:af:01:4c:ad:ab:bd:99:dd:4b:cb:9f:ec:de:12:c1:
17:80:5b:c3:61:a8:fc:28:b4:08:4d:bc:a8:15:4f:17:2f:d5:
2b:28:b1:f5:31:51:9a:22:70:f8:cb:a2:21:54:cf:91:31:50:
26:dd:f6:e3:1d:23:f7:9d:9d:1a:c1:f3:5b:cc:ae:ea:fe:4a:
40:2c:fc:61:7e:a2:e9:2e:9c:9f:35:fb:fd:a3:83:bd:4e:2a:
d3:28:9f:8f:78:8e:ef:63:36:16:c8:e5:c0:d4:31:82:82:31:
a6:a3:59:a0:bc:ae:bc:23:61:19:2d:d5:16:e7:3e:3a:18:1c:
c2:49:de:08:7c:ac:c6:b0:18:89:7d:c6:90:d4:4f:bb:0b:9f:
11:64:04:2c:9d:67:b0:69:28:bd:44:71:fd:f4:da:4a:21:b1:
5a:f9:88:72:0d:0d:ad:a4:8d:b9:15:b2:45:93:57:de:c9:df:
4e:b8:26:34:e5:09:15:06:af:4a:55:fd:73:29:77:e6:89:23:
ac:de:60:7c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPAiDB7Oj9ChSDEOuOA8jVE5bTW8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwMzlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMjE4OGM0OTk3ODhkMzljYWMyMjkxMzk4NDA2ZDVjOGQxZDM1ODcxMDMz
MGY5Nzk4NzM2ODM3M2IyY2ViZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsWMBw2gq619AvQ/9NSX5nTjTZvRUIOXUe6auUWHoG/tMnuyf4BV5MECW9f
pjTzYQ1g92iPR0f9+hmFmNgXl2sIWlvoRMRZqqCoOCNBti2SGablJMFFbxD3M97q
+msL6XmS+AXBSKg/uENosdTqWwd1+OLDWyEikTHWCVKB6SIHqiFmOITdvJRGtqnc
OESbkyU471u9pgJ8zusTQB3Sjaq9TDSHDxzjVjkojDZmT9rO302fhQ28KDOH7zzK
lD5OvzzyZPCzIlepRCQYq1cqY7LIXw58N4mhAQUaeBNhD5OsAOGgJrnWuV30XQg3
0ANPTWVAHdkYVNnO3FExkxkVoBECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHV/hp
XQHOGeOThwi+q5bAD4zCPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODAxNWZkYzQtZTc5ZC00NDAwLWE3ODYtYzcwYWIzZjEwZDJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CgA
MA0GCSqGSIb3DQEBCwUAA4IBAQCNqJWeY4FbEg5n6JcA5H9gVnFNO+zx3qaZ2SiK
eB/sRRtYk85XfTQZ1D9YhHyHrwaJLByFOM8IeMyvAUytq72Z3UvLn+zeEsEXgFvD
Yaj8KLQITbyoFU8XL9UrKLH1MVGaInD4y6IhVM+RMVAm3fbjHSP3nZ0awfNbzK7q
/kpALPxhfqLpLpyfNfv9o4O9TirTKJ+PeI7vYzYWyOXA1DGCgjGmo1mgvK68I2EZ
LdUW5z46GBzCSd4IfKzGsBiJfcaQ1E+7C58RZAQsnWewaSi9RHH99NpKIbFa+Yhy
DQ2tpI25FbJFk1feyd9OuCY05QkVBq9KVf1zKXfmiSOs3mB8
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:55 2025 by rpki-client