Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
File: 99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa (raw, json)
Hash identifier: 0rGlP+7oNsZST5PIQhl+FOIIEEJy1mRAqj9+N5AlmFY=
Subject key identifier: E9:A6:7E:32:54:29:20:EF:DF:64:B6:35:C2:32:7F:E6:37:0B:0F:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74D71CF57638B8F408D3CC59439AAED172B91C41
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
Signing time: Wed 22 Oct 2025 00:20:04 +0000
ROA not before: Wed 22 Oct 2025 00:20:04 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:d7:1c:f5:76:38:b8:f4:08:d3:cc:59:43:9a:ae:d1:72:b9:1c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 22 00:20:04 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=8914f82a359991626cbe2987394b725057d108a680ddceeaadd04705f426540b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3e:f0:ff:2d:a2:fe:dd:aa:d5:38:86:58:68:
70:88:bf:3e:11:af:46:50:d9:e1:60:72:9c:61:43:
5d:b4:cb:1b:7a:56:2d:04:c1:e2:b2:c3:7d:95:9b:
6d:a5:44:dd:e1:3a:e7:4c:2c:53:d5:99:e0:f8:f1:
00:74:af:16:0e:ac:21:dd:d6:4e:72:a2:2c:2d:18:
9f:75:f9:91:2d:de:41:e6:08:5f:ca:a4:04:b4:17:
d8:7a:d8:5b:96:fe:f7:1a:41:4b:71:3a:08:f5:85:
7d:8c:b6:60:c7:6b:34:61:c2:8a:55:3d:93:31:ba:
e3:56:94:6b:66:af:17:cc:ee:96:6f:5b:50:7b:a0:
e3:1a:13:31:80:27:8b:cd:d8:44:a8:a9:a6:1c:c0:
d8:c9:f1:07:06:03:ee:a9:cb:4c:1c:00:fd:11:96:
cd:d8:01:17:3e:26:46:2d:f6:a8:28:6d:1b:d2:e3:
be:19:b8:47:6e:05:0f:b4:08:42:30:ce:b7:d5:39:
00:28:1e:94:2c:42:5e:80:62:c4:0c:5e:c2:b3:83:
cd:e2:2f:7c:97:2e:52:82:75:93:0d:2c:2e:7d:cd:
91:ae:c3:05:c1:73:2a:81:e5:75:e0:f8:03:78:b9:
e3:64:81:7a:e5:f7:ff:8f:df:65:a2:0a:56:78:b1:
89:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A6:7E:32:54:29:20:EF:DF:64:B6:35:C2:32:7F:E6:37:0B:0F:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1000::/38
Signature Algorithm: sha256WithRSAEncryption
02:52:92:83:a4:e9:93:53:8e:3f:1e:ab:85:db:a9:f4:60:a8:
54:36:97:c1:a7:df:c3:51:e1:8a:bb:23:0a:f6:53:df:d6:0c:
73:f1:5f:7a:7c:9b:93:23:a8:a7:d2:6f:c6:d2:a9:3e:cf:06:
ef:77:26:49:26:85:f5:5d:b5:1f:42:f2:f4:a4:05:59:f5:0c:
41:d6:a1:bd:67:92:2d:53:1b:54:17:f4:e4:a3:a9:1f:14:c2:
bf:67:d7:02:6a:14:93:ba:5c:4c:24:63:a0:1d:ff:2a:42:c5:
fd:4e:c1:d8:49:ac:57:89:05:47:3c:17:93:99:2d:f9:63:d9:
e5:91:4a:97:93:49:77:30:44:6b:3a:ea:7b:86:ea:ae:f8:e2:
8f:d1:a7:28:b6:53:04:62:ad:fa:cb:7a:a3:9f:77:3b:be:c0:
5d:a7:8a:6d:1d:81:73:30:3b:43:2d:de:58:f1:2b:ad:01:a7:
29:70:0a:f0:b2:1d:5b:3c:c1:70:5b:b0:e0:1a:cf:5f:66:41:
55:88:03:84:8a:4b:12:14:67:07:53:f9:ee:7d:c3:d5:79:a4:
8b:88:3f:7b:c7:3c:82:ce:2a:36:2c:97:c4:ea:2d:f9:76:7d:
e3:fc:4a:55:25:0a:9d:3a:55:5e:b2:0f:26:6d:ea:0d:90:7d:
72:d0:c5:25
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdNcc9XY4uPQI08xZQ5qu0XK5HEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjIwMDIwMDRaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5MTRmODJhMzU5OTkxNjI2Y2JlMjk4NzM5NGI3MjUwNTdkMTA4YTY4MGRk
Y2VlYWFkZDA0NzA1ZjQyNjU0MGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMw+8P8tov7dqtU4hlhocIi/PhGvRlDZ4WBynGFDXbTLG3pWLQTB4rLDfZWb
baVE3eE650wsU9WZ4PjxAHSvFg6sId3WTnKiLC0Yn3X5kS3eQeYIX8qkBLQX2HrY
W5b+9xpBS3E6CPWFfYy2YMdrNGHCilU9kzG641aUa2avF8zulm9bUHug4xoTMYAn
i83YRKipphzA2MnxBwYD7qnLTBwA/RGWzdgBFz4mRi32qChtG9Ljvhm4R24FD7QI
QjDOt9U5ACgelCxCXoBixAxewrODzeIvfJcuUoJ1kw0sLn3Nka7DBcFzKoHldeD4
A3i542SBeuX3/4/fZaIKVnixiQECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTppn4y
VCkg799ktjXCMn/mNwsPQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTliYzUyZjMtYjRmNS00NGViLTlhNTMtYzc0ZGEzZTk3MTNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQACUpKDpOmTU44/HquF26n0YKhUNpfBp9/DUeGK
uyMK9lPf1gxz8V96fJuTI6in0m/G0qk+zwbvdyZJJoX1XbUfQvL0pAVZ9QxB1qG9
Z5ItUxtUF/Tko6kfFMK/Z9cCahSTulxMJGOgHf8qQsX9TsHYSaxXiQVHPBeTmS35
Y9nlkUqXk0l3MERrOup7huqu+OKP0acotlMEYq36y3qjn3c7vsBdp4ptHYFzMDtD
Ld5Y8SutAacpcArwsh1bPMFwW7DgGs9fZkFViAOEiksSFGcHU/nufcPVeaSLiD97
xzyCzio2LJfE6i35dn3j/EpVJQqdOlVesg8mbeoNkH1y0MUl
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:17 2025 by rpki-client