Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
File: 99404275-57dd-4a36-8c29-529ab06d1d00.roa (raw, json)
Hash identifier: Tpxw40YJKWWXyyKTtrLx8Vvhfk0XwQuUXCrdYcsivao=
Subject key identifier: 09:E8:86:4A:5E:8A:B2:D2:58:D4:E9:B8:84:9A:23:89:25:F2:A8:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CC137FDCDE0D29CAA57AC6783DBD5F3926BCB5E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
Signing time: Tue 21 Oct 2025 14:20:06 +0000
ROA not before: Tue 21 Oct 2025 14:20:06 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:c1:37:fd:cd:e0:d2:9c:aa:57:ac:67:83:db:d5:f3:92:6b:cb:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:20:06 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=faab78a6b0b352e13c29f01ab17a4b7ad20b70acd4e0dfa7a1eb57711880b760, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:26:2e:d6:4c:6c:1d:fa:5e:08:7d:9e:f0:01:
bf:f6:57:e2:d7:8a:ab:de:e1:f0:86:ec:ff:c0:3b:
fc:a0:3b:81:86:55:d2:a7:4f:f8:b4:17:80:c8:eb:
84:df:eb:ce:d9:0f:6a:38:65:77:82:6b:57:3f:e2:
f7:4a:c5:b8:ed:a8:0c:7f:ee:8e:c0:e6:54:55:7b:
36:e7:10:e7:6a:bd:ea:c7:d9:2a:3f:6b:d3:ac:aa:
c2:31:fb:da:cb:d8:83:1f:f5:dd:cd:3b:3d:b1:8a:
7a:07:08:a2:70:ae:a9:ef:ff:50:4d:9b:1a:82:6c:
a7:2b:f2:3a:60:ee:a4:22:0f:36:90:0d:f0:37:80:
57:2e:a1:80:4b:a0:3e:5c:9d:6b:de:80:b0:95:fb:
6b:d3:df:e1:da:0b:ff:72:0c:21:5a:dd:d1:c4:da:
cc:2d:2c:e5:fa:6c:b6:6f:7c:f4:34:c6:d8:7d:68:
a3:be:5a:fe:57:21:67:2d:46:a5:b5:db:68:f4:c2:
52:e0:92:42:91:c8:da:ea:54:89:55:b9:3b:64:a4:
05:cb:6f:66:5b:cb:39:a8:dc:bd:0e:b6:51:ca:b5:
24:40:90:de:86:b0:75:4a:9e:0b:a3:fc:ef:7c:da:
40:4e:e4:e9:9e:b8:ec:48:cd:5a:7e:a4:24:f3:d8:
b9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E8:86:4A:5E:8A:B2:D2:58:D4:E9:B8:84:9A:23:89:25:F2:A8:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:b000::/40
Signature Algorithm: sha256WithRSAEncryption
0d:46:13:1a:ff:9b:b2:cb:22:30:ff:b8:6d:db:17:1f:27:c8:
ac:1a:2f:76:b7:59:67:85:99:ea:05:fa:67:4c:82:07:d2:0c:
5e:5d:ae:e1:ba:19:22:a2:3a:d7:71:99:b2:6d:5b:86:60:74:
13:d6:3b:45:9e:a9:dc:14:7f:8b:2d:8c:eb:50:d1:eb:9a:44:
73:e0:90:84:c4:a8:a1:d5:04:f9:e0:6a:b1:3b:16:18:5b:99:
d1:48:07:36:73:3c:95:92:4c:74:be:52:06:7a:94:05:04:0c:
9d:75:6e:f3:02:bc:0a:f7:3f:05:1a:51:de:db:bc:9f:aa:28:
ca:8e:99:c5:b6:ef:da:f6:72:a7:b7:a8:c1:20:9e:af:07:a3:
fd:15:aa:a2:8f:99:41:2d:01:dd:bb:a1:dc:b3:2a:4a:bc:1b:
a6:84:c5:2a:3a:29:58:46:90:9b:9f:9e:86:a5:dd:d8:4c:d4:
c3:ab:21:ad:ac:2c:3d:34:71:59:97:77:40:f3:14:06:52:a6:
a4:25:52:d6:f9:7b:03:ac:0f:7b:06:f6:b7:d7:8d:20:66:3d:
43:b4:29:2f:74:5a:a5:da:10:e8:ae:3a:ee:cb:5f:eb:d1:ad:
7d:4e:71:91:52:60:ec:cf:bf:3e:af:43:76:f0:cf:82:8f:68:
44:ad:b7:4a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfME3/c3g0pyqV6xng9vV85Jry14wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIwMDZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhYWI3OGE2YjBiMzUyZTEzYzI5ZjAxYWIxN2E0YjdhZDIwYjcwYWNkNGUw
ZGZhN2ExZWI1NzcxMTg4MGI3NjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0mLtZMbB36Xgh9nvABv/ZX4teKq97h8Ibs/8A7/KA7gYZV0qdP+LQXgMjr
hN/rztkPajhld4JrVz/i90rFuO2oDH/ujsDmVFV7NucQ52q96sfZKj9r06yqwjH7
2svYgx/13c07PbGKegcIonCuqe//UE2bGoJspyvyOmDupCIPNpAN8DeAVy6hgEug
Plyda96AsJX7a9Pf4doL/3IMIVrd0cTazC0s5fpstm989DTG2H1oo75a/lchZy1G
pbXbaPTCUuCSQpHI2upUiVW5O2SkBctvZlvLOajcvQ62Ucq1JECQ3oawdUqeC6P8
73zaQE7k6Z647EjNWn6kJPPYuSkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQJ6IZK
Xoqy0ljU6biEmiOJJfKoHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk0MDQyNzUtNTdkZC00YTM2LThjMjktNTI5YWIwNmQxZDAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dqw
MA0GCSqGSIb3DQEBCwUAA4IBAQANRhMa/5uyyyIw/7ht2xcfJ8isGi92t1lnhZnq
BfpnTIIH0gxeXa7huhkiojrXcZmybVuGYHQT1jtFnqncFH+LLYzrUNHrmkRz4JCE
xKih1QT54GqxOxYYW5nRSAc2czyVkkx0vlIGepQFBAyddW7zArwK9z8FGlHe27yf
qijKjpnFtu/a9nKnt6jBIJ6vB6P9Faqij5lBLQHdu6HcsypKvBumhMUqOilYRpCb
n56Gpd3YTNTDqyGtrCw9NHFZl3dA8xQGUqakJVLW+XsDrA97Bva3140gZj1DtCkv
dFql2hDorjruy1/r0a19TnGRUmDsz78+r0N28M+Cj2hErbdK
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:21:09 2025 by rpki-client