Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
File: 87659113-4050-43f4-ade6-cfd7a3483d5c.roa (raw, json)
Hash identifier: QdYrXt4RpTDhV/idIhrezMWrCHKDbVhsOZQtZ8KGVXE=
Subject key identifier: C2:60:AF:FF:DC:FE:91:CA:91:FD:09:72:DA:3A:3F:1D:E6:F7:56:53
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D9870FBD20F11496694D6C37A23FB0E9FD32835
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
Signing time: Sat 15 Nov 2025 06:10:46 +0000
ROA not before: Sat 15 Nov 2025 06:10:46 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 15:37:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:98:70:fb:d2:0f:11:49:66:94:d6:c3:7a:23:fb:0e:9f:d3:28:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 06:10:46 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=90e1de0aff1afe37e0b6ed682c34e3df45b9bdc093f13cd9054cf4d3e627a23c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:77:ff:bd:01:71:c8:4a:9d:07:fd:09:5f:5b:
26:2d:c5:84:eb:34:18:6c:10:55:6d:88:9e:81:a3:
35:07:87:1e:08:08:bb:60:69:96:44:25:ba:39:36:
80:20:43:6e:e4:61:87:65:20:e1:37:f5:59:af:0c:
da:a5:4d:9b:d5:34:1b:8a:c8:19:74:0f:2a:c4:5a:
7d:61:aa:b7:76:40:d5:20:ba:0a:05:b3:a2:79:a5:
8e:9e:28:3f:bb:71:8e:e6:18:8d:47:a0:f9:65:e4:
1e:47:d7:11:aa:ef:13:03:a9:5f:b3:9c:fd:f4:cf:
e8:2b:71:1d:e6:02:14:2e:77:76:78:41:7d:f9:6f:
5d:48:b3:c4:5b:5e:92:a4:31:54:5f:bf:2f:87:4f:
88:64:7a:82:90:d5:f5:b6:6b:2e:55:23:b1:70:8b:
e7:fb:e8:9d:4b:0a:d1:76:48:b9:84:4c:b0:39:60:
03:c8:08:9a:03:34:db:33:b4:f5:39:aa:91:9b:4e:
f5:46:7c:78:72:29:af:68:7c:94:3d:5d:b2:81:a9:
ea:c4:1b:8d:f2:74:34:c9:6f:bb:11:2b:e4:0b:b4:
49:cb:24:fa:01:36:a9:be:b4:00:d9:1c:16:9a:d3:
a0:d9:52:c0:6a:68:bf:c1:b1:52:5c:a9:21:2e:e4:
a6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:60:AF:FF:DC:FE:91:CA:91:FD:09:72:DA:3A:3F:1D:E6:F7:56:53
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:8000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:55:ed:b7:7e:55:b7:67:48:dc:d1:1a:0c:75:9a:93:c1:73:
e9:08:3a:1a:21:e0:64:c6:57:52:b9:c0:8c:d2:10:6d:52:e5:
3e:01:ea:1f:e4:e2:61:ae:19:f3:5e:c0:38:7b:e1:99:3f:dc:
f6:02:c1:b7:21:77:b0:8e:98:68:f1:13:94:86:0c:f5:d1:a3:
c9:14:87:b5:65:cf:73:19:14:44:a4:f2:b9:0f:3c:f0:08:5a:
a0:06:a3:d3:6d:09:e9:57:2a:a6:ce:9a:02:43:c1:12:0d:14:
5b:6f:3f:0e:9b:30:7a:b8:1d:09:94:3b:36:1b:cf:07:ab:60:
6e:dc:25:c9:b8:b5:65:2a:c8:88:24:4b:07:56:6f:d5:f6:e5:
3d:a5:01:5a:c4:c4:b7:0e:21:f9:f0:21:97:3e:95:1d:09:fb:
1d:f8:42:4a:38:05:b4:ec:c5:49:13:83:c0:bf:c7:7e:44:42:
a7:df:99:5f:13:b2:7b:d7:ae:d2:ef:12:f5:b4:39:31:9c:16:
f9:95:82:b0:d5:bc:16:59:72:ee:0e:d2:3a:38:04:a8:15:84:
45:d2:36:53:12:9a:bc:b2:ab:a4:65:0d:2b:13:d8:b2:d5:31:
0a:cb:53:19:e6:70:6e:0a:73:32:0e:d6:12:d2:c9:0d:f7:69:
98:10:5d:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPZhw+9IPEUlmlNbDeiP7Dp/TKDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMTUwNjEwNDZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwZTFkZTBhZmYxYWZlMzdlMGI2ZWQ2ODJjMzRlM2RmNDViOWJkYzA5M2Yx
M2NkOTA1NGNmNGQzZTYyN2EyM2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMN3/70BcchKnQf9CV9bJi3FhOs0GGwQVW2InoGjNQeHHggIu2BplkQlujk2
gCBDbuRhh2Ug4Tf1Wa8M2qVNm9U0G4rIGXQPKsRafWGqt3ZA1SC6CgWzonmljp4o
P7txjuYYjUeg+WXkHkfXEarvEwOpX7Oc/fTP6CtxHeYCFC53dnhBfflvXUizxFte
kqQxVF+/L4dPiGR6gpDV9bZrLlUjsXCL5/vonUsK0XZIuYRMsDlgA8gImgM02zO0
9TmqkZtO9UZ8eHIpr2h8lD1dsoGp6sQbjfJ0NMlvuxEr5Au0Scsk+gE2qb60ANkc
FprToNlSwGpov8GxUlypIS7kpnECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTCYK//
3P6RypH9CXLaOj8d5vdWUzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODc2NTkxMTMtNDA1MC00M2Y0LWFkZTYtY2ZkN2EzNDgzZDVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HiA
MA0GCSqGSIb3DQEBCwUAA4IBAQA+Ve23flW3Z0jc0RoMdZqTwXPpCDoaIeBkxldS
ucCM0hBtUuU+Aeof5OJhrhnzXsA4e+GZP9z2AsG3IXewjpho8ROUhgz10aPJFIe1
Zc9zGRREpPK5DzzwCFqgBqPTbQnpVyqmzpoCQ8ESDRRbbz8OmzB6uB0JlDs2G88H
q2Bu3CXJuLVlKsiIJEsHVm/V9uU9pQFaxMS3DiH58CGXPpUdCfsd+EJKOAW07MVJ
E4PAv8d+REKn35lfE7J7167S7xL1tDkxnBb5lYKw1bwWWXLuDtI6OASoFYRF0jZT
Epq8squkZQ0rE9iy1TEKy1MZ5nBuCnMyDtYS0skN92mYEF0d
-----END CERTIFICATE-----
Generated at Sun Nov 16 00:03:00 2025 by rpki-client