Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
File: 819bfec2-19de-4cdb-ba40-657fff6a743e.roa (raw, json)
Hash identifier: GpNQmBf26pnwfmY1Z5Y9bBhRTMZqNKenXex0e3399xA=
Subject key identifier: 81:4B:75:81:66:8C:7C:F0:F5:F1:A2:64:87:74:64:B8:93:FB:64:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3085310ED2ED2175549E12E0BCB4C97753A82A8E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
Signing time: Tue 21 Oct 2025 13:10:45 +0000
ROA not before: Tue 21 Oct 2025 13:10:45 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:85:31:0e:d2:ed:21:75:54:9e:12:e0:bc:b4:c9:77:53:a8:2a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:10:45 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=321715334d3d70c368b6299896b229b5533c2cd4ba32f6ec7215709a3c4ccfeb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:38:05:82:39:d0:20:13:3d:90:a9:3a:8b:91:
62:fa:ab:c3:e9:45:77:5a:a2:65:b5:f6:ed:67:fe:
be:fa:85:2a:57:1b:ef:a7:79:02:b4:f3:d1:0e:09:
d7:ca:53:85:9c:bb:30:81:90:4d:31:44:0c:aa:69:
e2:70:78:e8:0a:da:fe:0e:f1:95:9a:83:5e:1e:94:
ad:14:93:fc:f6:ef:1e:9e:f4:d8:03:f2:cb:41:99:
a7:46:18:fa:f2:1f:0e:d6:6c:b0:f1:d9:23:e2:d8:
87:4d:6a:93:af:d0:6d:93:a8:6e:eb:d5:05:b1:f8:
29:56:17:1b:90:34:eb:58:b8:94:0a:e1:70:9e:41:
41:78:71:8b:b7:ae:83:eb:0e:d9:41:14:b1:6e:21:
e7:99:ae:9c:77:56:04:4a:0a:7a:e1:af:cc:ea:29:
5f:65:d7:7f:5f:27:19:a9:b2:fb:ba:95:09:ec:93:
01:ab:98:c9:45:f3:36:7b:9a:6d:6c:6b:32:85:c3:
fd:76:c8:1c:11:be:20:54:4d:17:d1:0c:88:ec:a3:
e8:ed:17:74:85:de:44:bd:3b:7a:f2:f5:43:25:ad:
5b:9d:03:67:7a:5c:31:39:fe:52:e0:bd:07:e0:15:
95:fe:b4:68:f5:6a:ec:72:6a:4f:c5:ae:b3:fa:f2:
38:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:4B:75:81:66:8C:7C:F0:F5:F1:A2:64:87:74:64:B8:93:FB:64:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:bc:b3:b8:7a:b3:72:60:e4:b9:a6:10:7d:0d:c5:df:09:ee:
9f:bf:31:0a:64:89:99:de:f7:84:9c:b5:dc:c9:5c:49:37:ac:
44:c4:db:3e:0c:af:a8:e7:82:9c:01:67:0d:73:86:40:b8:04:
4c:7d:4b:64:9a:ba:0d:b7:0b:35:f9:0e:29:62:cc:dd:12:42:
a1:53:4a:e4:4f:b1:27:57:52:76:24:77:bc:00:23:a6:36:39:
5b:66:f9:c8:c9:dc:2d:49:f8:84:ae:54:8f:31:e0:09:fd:c1:
34:a7:58:05:15:85:4c:a5:33:37:05:4f:e8:81:e6:28:16:9f:
7b:0b:3a:5e:e6:69:d6:66:61:82:ed:a7:39:c9:89:85:06:d0:
19:c3:15:46:0b:c2:57:b6:ed:6a:e6:05:ec:f7:55:5a:02:47:
d8:78:eb:20:98:54:7c:90:41:2a:43:f7:78:e1:81:35:c8:62:
8d:9e:8e:a7:e7:bb:e6:76:e6:5d:db:31:e9:b9:33:ac:64:4c:
79:1e:4c:7f:4e:2e:4e:c5:ae:2a:16:45:02:ca:93:f8:3d:21:
7c:cf:c3:f3:bf:0c:4c:ec:26:08:f5:16:5c:92:7a:e0:08:eb:
f7:60:4d:e7:8f:d8:72:f0:99:91:df:17:2c:99:81:25:93:4b:
29:6a:52:ce
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMIUxDtLtIXVUnhLgvLTJd1OoKo4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzEwNDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyMTcxNTMzNGQzZDcwYzM2OGI2Mjk5ODk2YjIyOWI1NTMzYzJjZDRiYTMy
ZjZlYzcyMTU3MDlhM2M0Y2NmZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMk4BYI50CATPZCpOouRYvqrw+lFd1qiZbX27Wf+vvqFKlcb76d5ArTz0Q4J
18pThZy7MIGQTTFEDKpp4nB46Ara/g7xlZqDXh6UrRST/PbvHp702APyy0GZp0YY
+vIfDtZssPHZI+LYh01qk6/QbZOobuvVBbH4KVYXG5A061i4lArhcJ5BQXhxi7eu
g+sO2UEUsW4h55munHdWBEoKeuGvzOopX2XXf18nGamy+7qVCeyTAauYyUXzNnua
bWxrMoXD/XbIHBG+IFRNF9EMiOyj6O0XdIXeRL07evL1QyWtW50DZ3pcMTn+UuC9
B+AVlf60aPVq7HJqT8Wus/ryOKsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBS3WB
Zox88PXxomSHdGS4k/tk8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODE5YmZlYzItMTlkZS00Y2RiLWJhNDAtNjU3ZmZmNmE3NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCavLO4erNyYOS5phB9DcXfCe6fvzEKZImZ3veE
nLXcyVxJN6xExNs+DK+o54KcAWcNc4ZAuARMfUtkmroNtws1+Q4pYszdEkKhU0rk
T7EnV1J2JHe8ACOmNjlbZvnIydwtSfiErlSPMeAJ/cE0p1gFFYVMpTM3BU/ogeYo
Fp97Czpe5mnWZmGC7ac5yYmFBtAZwxVGC8JXtu1q5gXs91VaAkfYeOsgmFR8kEEq
Q/d44YE1yGKNno6n57vmduZd2zHpuTOsZEx5Hkx/Ti5Oxa4qFkUCypP4PSF8z8Pz
vwxM7CYI9RZcknrgCOv3YE3nj9hy8JmR3xcsmYElk0spalLO
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:12:00 2025 by rpki-client