Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
File: 8e492412-994d-4c48-a29e-9082ebce3349.roa (raw, json)
Hash identifier: Oj4vYLrd1FE8NiywMuDl+hOzrOMW7jnE+4a8LzIpJLw=
Subject key identifier: DB:AA:E8:DF:24:21:9E:63:02:AC:55:62:AA:48:E8:5B:D5:E0:F7:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44556DC783647911181E618D1A5E7DF7E0A3A118
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
Signing time: Tue 21 Oct 2025 13:10:43 +0000
ROA not before: Tue 21 Oct 2025 13:10:43 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:55:6d:c7:83:64:79:11:18:1e:61:8d:1a:5e:7d:f7:e0:a3:a1:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:10:43 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=d36b0d401843551e6ede1cf188ef8c02f403184409b005f4214ad4fb92f80911, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:72:6b:b6:df:01:77:92:23:46:ea:9f:24:67:
68:6e:73:5a:d9:c0:b3:f3:45:0b:c0:ca:fb:b4:89:
fd:a1:a0:28:9c:03:70:d0:1b:5b:51:3d:46:99:4e:
8d:cf:a1:97:63:40:4d:39:1c:30:e6:c4:38:16:41:
88:1a:92:47:38:87:35:a1:0e:f1:3c:7f:5c:3a:5e:
02:e0:dc:68:0c:53:04:d9:05:5a:46:90:a6:72:b1:
4f:9d:9a:7e:5f:97:77:d6:56:1f:7f:34:c1:46:39:
4f:99:b5:6d:4d:0d:05:51:6f:dd:e1:37:be:50:05:
5e:9f:c6:65:cc:b4:64:04:0b:d2:e8:e2:f3:29:8e:
50:db:d2:53:7d:60:5a:4c:d3:7f:85:e6:d0:c7:48:
6d:b2:82:88:93:1e:9e:85:9e:97:06:69:cb:99:e9:
21:db:6a:45:38:90:bf:4b:aa:86:8b:b0:44:ad:4c:
43:62:21:aa:9b:c7:66:d3:79:ac:a5:7a:3c:bb:3f:
ab:50:17:c1:04:44:73:37:42:2f:93:d7:e4:6b:68:
41:82:30:ab:76:80:51:80:72:41:06:50:58:87:2a:
40:21:1a:7e:84:17:61:b8:e4:13:77:d8:25:aa:0f:
4b:81:f2:7f:a4:69:4c:82:bf:80:f5:82:55:08:5e:
cb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:AA:E8:DF:24:21:9E:63:02:AC:55:62:AA:48:E8:5B:D5:E0:F7:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
01:15:d6:c3:cc:23:e0:ca:f0:ea:03:c8:01:9c:91:85:44:02:
90:89:ba:57:43:96:20:5d:8e:90:15:40:ee:10:ec:33:c2:06:
58:bc:a9:ba:1e:4d:1d:9a:8e:06:5e:c8:11:5f:c2:ea:d3:45:
ef:d4:b3:44:d2:28:9e:f9:54:09:5c:34:12:7c:c6:ef:2a:91:
1a:47:50:5f:66:b8:47:67:8d:69:b3:24:30:1e:df:b6:95:0b:
42:96:5d:31:71:00:a8:e1:12:0d:ed:62:be:f0:f4:c4:b2:f8:
81:a5:d1:cd:32:a7:95:8d:68:6c:da:89:e0:ae:fb:5e:2d:5b:
95:28:6f:65:f7:0d:d7:6c:52:71:ca:68:cb:5f:dd:27:06:55:
d0:1e:80:53:2e:70:ee:87:63:7a:67:9f:4a:d4:de:eb:41:e7:
85:a6:f4:4f:08:cd:1e:fe:68:dc:8f:60:b3:37:ba:53:4c:9f:
4c:8c:39:a5:11:97:b1:0a:ea:bf:74:1b:76:25:cd:5f:87:33:
83:c2:17:82:15:9f:9e:4c:e0:46:a4:53:e7:4e:4a:fd:de:ee:
15:bc:7b:7b:d9:1f:ad:4d:db:ea:04:9a:c2:35:d3:b9:25:47:
ba:60:9d:3f:0e:dd:38:a7:aa:ad:07:89:44:81:4a:90:45:fb:
9a:94:9a:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURFVtx4NkeREYHmGNGl599+CjoRgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzEwNDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzNmIwZDQwMTg0MzU1MWU2ZWRlMWNmMTg4ZWY4YzAyZjQwMzE4NDQwOWIw
MDVmNDIxNGFkNGZiOTJmODA5MTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNya7bfAXeSI0bqnyRnaG5zWtnAs/NFC8DK+7SJ/aGgKJwDcNAbW1E9RplO
jc+hl2NATTkcMObEOBZBiBqSRziHNaEO8Tx/XDpeAuDcaAxTBNkFWkaQpnKxT52a
fl+Xd9ZWH380wUY5T5m1bU0NBVFv3eE3vlAFXp/GZcy0ZAQL0uji8ymOUNvSU31g
WkzTf4Xm0MdIbbKCiJMenoWelwZpy5npIdtqRTiQv0uqhouwRK1MQ2IhqpvHZtN5
rKV6PLs/q1AXwQREczdCL5PX5GtoQYIwq3aAUYByQQZQWIcqQCEafoQXYbjkE3fY
JaoPS4Hyf6RpTIK/gPWCVQhey4kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTbqujf
JCGeYwKsVWKqSOhb1eD30TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0OTI0MTItOTk0ZC00YzQ4LWEyOWUtOTA4MmViY2UzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HqA
MA0GCSqGSIb3DQEBCwUAA4IBAQABFdbDzCPgyvDqA8gBnJGFRAKQibpXQ5YgXY6Q
FUDuEOwzwgZYvKm6Hk0dmo4GXsgRX8Lq00Xv1LNE0iie+VQJXDQSfMbvKpEaR1Bf
ZrhHZ41psyQwHt+2lQtCll0xcQCo4RIN7WK+8PTEsviBpdHNMqeVjWhs2ongrvte
LVuVKG9l9w3XbFJxymjLX90nBlXQHoBTLnDuh2N6Z59K1N7rQeeFpvRPCM0e/mjc
j2CzN7pTTJ9MjDmlEZexCuq/dBt2Jc1fhzODwheCFZ+eTOBGpFPnTkr93u4VvHt7
2R+tTdvqBJrCNdO5JUe6YJ0/Dt04p6qtB4lEgUqQRfualJps
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:21:08 2025 by rpki-client