Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
File: 86433272-8233-4231-82ff-92246d0a41a5.roa (raw, json)
Hash identifier: Zb9t9oDOAm3RyWnwTzUpNxqTHXGSFsNnB4um7/TvbyU=
Subject key identifier: A4:FA:F3:76:0B:F1:B3:44:6A:4B:8F:38:B7:38:6A:33:29:62:A0:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B78C698E291D1BC702613BF74FFECC7413869F5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
Signing time: Tue 21 Oct 2025 14:10:41 +0000
ROA not before: Tue 21 Oct 2025 14:10:41 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:78:c6:98:e2:91:d1:bc:70:26:13:bf:74:ff:ec:c7:41:38:69:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:10:41 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=11beb5d756535ad2563a7c9c1a755bd9d189b92d43a5e04719f4dac8621119f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f7:5a:a3:a3:7f:21:5a:c3:31:fe:ac:92:29:
cd:93:5e:c1:f8:e6:cb:8c:07:12:52:32:4d:a2:ae:
5e:1d:02:01:ee:b9:7e:fe:b1:8f:9f:a5:7e:45:48:
51:6e:49:08:c8:37:61:1f:e6:66:09:6f:a9:53:14:
9c:24:a9:cf:75:fe:89:6b:96:04:69:44:c1:24:ff:
16:35:8a:83:b4:7c:6b:fe:7c:98:18:0e:b8:e5:1b:
10:f0:70:1c:2b:d6:f0:61:88:f1:1f:f0:c7:af:59:
63:24:e3:a8:da:92:97:43:18:a6:0f:9d:22:1c:90:
2c:71:b8:d0:c5:83:fc:50:fe:77:c0:49:b8:93:b2:
1e:0f:88:7a:11:1b:6e:1c:70:21:cd:aa:54:48:af:
d5:57:08:25:a1:f1:56:db:a7:23:a8:b5:be:63:14:
c4:41:52:21:90:c2:2c:0d:1d:fc:3c:9f:9d:fc:c3:
96:14:30:d8:8b:49:64:7a:8e:73:0b:d0:38:0f:fc:
73:c2:59:2e:61:74:87:6e:ee:36:66:9f:3e:e7:15:
12:03:4d:b5:be:2b:13:3e:64:ba:ef:97:3f:c0:b3:
55:ee:ef:15:de:fa:d5:2c:9e:17:f5:b5:d2:3f:36:
45:42:67:30:11:a2:4d:46:51:e4:0a:0f:d6:1b:15:
32:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:FA:F3:76:0B:F1:B3:44:6A:4B:8F:38:B7:38:6A:33:29:62:A0:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
43:40:2f:b7:21:57:2c:43:4a:33:bf:0d:72:c0:65:f7:fe:b3:
46:37:2e:01:5a:de:78:07:5b:d1:fc:07:90:15:74:4b:6e:1a:
9a:44:c9:75:c1:14:a1:6a:cf:04:eb:31:48:9a:3d:da:85:bb:
02:3d:d7:30:86:67:ec:e8:b5:fc:2f:f9:c8:85:4b:2e:5e:10:
c5:3e:3a:a8:29:16:67:34:06:3b:ac:ea:41:53:d0:7c:f2:bd:
d4:35:8c:eb:24:59:27:35:d1:f1:23:65:0b:0f:d9:df:a5:ca:
60:4b:bf:7d:96:ca:a4:81:89:3c:01:c0:72:2a:2d:04:f9:62:
25:03:2c:f2:c4:6a:65:c9:87:8c:a9:ac:3d:b2:54:35:30:70:
87:eb:f0:83:67:8d:80:f5:18:8b:1d:b8:cd:6b:e5:f6:40:76:
c9:2d:0a:cb:38:e0:86:94:83:f0:fb:53:28:3e:0a:77:48:52:
9e:ee:40:a1:d2:32:2f:a4:61:a9:67:56:07:92:84:77:0b:80:
0c:5f:e5:13:66:f5:48:72:c3:49:27:1d:3b:d5:ef:0a:aa:34:
13:fd:99:27:cf:9e:fb:32:40:26:dd:d9:ff:19:d7:0b:a1:2a:
73:12:bb:fd:2e:f2:ae:1c:6c:0f:1a:8e:8d:61:6e:92:b0:9b:
b9:35:88:db
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe3jGmOKR0bxwJhO/dP/sx0E4afUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDEwNDFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDExYmViNWQ3NTY1MzVhZDI1NjNhN2M5YzFhNzU1YmQ5ZDE4OWI5MmQ0M2E1
ZTA0NzE5ZjRkYWM4NjIxMTE5ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALL3WqOjfyFawzH+rJIpzZNewfjmy4wHElIyTaKuXh0CAe65fv6xj5+lfkVI
UW5JCMg3YR/mZglvqVMUnCSpz3X+iWuWBGlEwST/FjWKg7R8a/58mBgOuOUbEPBw
HCvW8GGI8R/wx69ZYyTjqNqSl0MYpg+dIhyQLHG40MWD/FD+d8BJuJOyHg+IehEb
bhxwIc2qVEiv1VcIJaHxVtunI6i1vmMUxEFSIZDCLA0d/DyfnfzDlhQw2ItJZHqO
cwvQOA/8c8JZLmF0h27uNmafPucVEgNNtb4rEz5kuu+XP8CzVe7vFd761SyeF/W1
0j82RUJnMBGiTUZR5AoP1hsVMsMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSk+vN2
C/GzRGpLjzi3OGozKWKgCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY0MzMyNzItODIzMy00MjMxLTgyZmYtOTIyNDZkMGE0MWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
wDANBgkqhkiG9w0BAQsFAAOCAQEAQ0AvtyFXLENKM78NcsBl9/6zRjcuAVreeAdb
0fwHkBV0S24amkTJdcEUoWrPBOsxSJo92oW7Aj3XMIZn7Oi1/C/5yIVLLl4QxT46
qCkWZzQGO6zqQVPQfPK91DWM6yRZJzXR8SNlCw/Z36XKYEu/fZbKpIGJPAHAciot
BPliJQMs8sRqZcmHjKmsPbJUNTBwh+vwg2eNgPUYix24zWvl9kB2yS0KyzjghpSD
8PtTKD4Kd0hSnu5AodIyL6RhqWdWB5KEdwuADF/lE2b1SHLDSScdO9XvCqo0E/2Z
J8+e+zJAJt3Z/xnXC6EqcxK7/S7yrhxsDxqOjWFukrCbuTWI2w==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:21:12 2025 by rpki-client