Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
File: 9a732efb-e23f-49a4-ad51-1a43431e07c9.roa (raw, json)
Hash identifier: 8SIFFeCxT43uD5tk5i7Izc2Nbd9u/Y4lxd0rCWT9iSc=
Subject key identifier: 5F:59:F5:33:A9:E0:5A:A1:15:C5:A1:AE:16:BD:1C:5A:2A:F1:E3:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2241D6735750DF121639A4A6FFABD9C83439899B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
Signing time: Sat 15 Nov 2025 06:30:37 +0000
ROA not before: Sat 15 Nov 2025 06:30:37 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:41:d6:73:57:50:df:12:16:39:a4:a6:ff:ab:d9:c8:34:39:89:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 06:30:37 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=bca8a3de2cbb669c3c51a43ee9143f6b6c495d2005cab364bc73c3b7d919612a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e8:eb:86:fc:29:07:e0:f4:89:96:71:5b:25:
48:1e:18:65:6b:09:95:cd:51:52:6e:5b:90:f3:8f:
b5:1a:79:58:a5:90:fb:9e:25:bf:fd:c5:f5:d9:e1:
70:0a:94:00:24:7e:fc:27:c0:f1:a6:51:f2:b8:66:
49:83:ea:93:e5:b0:ed:1d:1b:75:8d:2d:6c:ce:84:
4a:92:9f:69:03:2d:65:34:5d:7c:a6:f0:e8:0c:25:
57:5e:83:51:7c:ae:dd:e4:1e:ef:69:96:88:ef:d6:
39:30:c5:0a:20:d4:dc:96:80:43:79:bf:1e:5f:3b:
9f:84:2c:17:db:63:00:00:17:95:55:bc:55:d7:14:
67:02:6a:ca:07:c5:c0:94:94:36:eb:be:a8:c7:d6:
98:15:cc:e0:56:76:a6:f1:67:19:09:09:50:c3:d4:
fd:5b:81:53:ca:da:69:fc:04:44:ac:ee:ad:af:14:
26:4a:48:2b:9e:13:0c:7a:36:fb:ea:a0:c9:d7:a1:
5f:be:0f:f2:34:35:b9:da:51:69:2b:d6:b5:58:88:
05:0b:b6:2a:f1:d0:eb:26:b7:ed:32:b1:b6:07:e8:
dd:6a:4c:7e:d2:c9:75:91:a1:39:c8:45:f5:f2:e7:
00:15:c6:59:b3:04:02:c7:5f:22:4e:b5:84:87:87:
fc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:59:F5:33:A9:E0:5A:A1:15:C5:A1:AE:16:BD:1C:5A:2A:F1:E3:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:9000::/40
Signature Algorithm: sha256WithRSAEncryption
98:6a:37:29:0e:80:02:ad:c8:4e:67:d8:c6:d8:e5:30:c2:cd:
35:de:4e:05:04:ef:12:7a:2a:f8:a4:c8:31:a2:d6:10:0f:48:
6e:30:68:c7:b0:77:f4:84:c8:3b:05:31:6f:6c:f3:0e:ed:c3:
f9:bc:25:c4:e2:63:c6:7b:b1:8a:88:91:5f:0f:13:30:14:16:
7f:b0:06:1e:5b:1a:f5:ab:a9:fd:10:3b:e9:05:bb:eb:01:cb:
dc:de:9a:a1:a3:31:f8:9d:18:41:7c:9d:73:8a:a6:68:fb:27:
f0:99:eb:ef:c3:f1:e6:23:db:ef:cd:7d:f9:11:94:72:38:47:
4e:22:ab:a2:9e:e6:68:de:66:35:45:4e:cd:98:60:41:0e:40:
8c:6d:65:7d:bd:a2:e2:cf:1a:6a:48:fe:90:7f:57:f7:39:54:
3a:9d:5c:3c:4c:85:15:94:9f:22:0a:9e:22:34:a5:26:e2:14:
36:47:25:81:30:af:7c:0d:76:57:83:4a:4e:89:60:4a:87:24:
d3:14:25:38:00:d5:0b:82:c5:61:cd:ba:8b:c7:f5:8d:f7:34:
75:c1:65:e5:c6:af:f0:17:3b:f5:41:21:35:22:6d:2a:e1:ee:
8f:80:14:fc:fe:bf:c6:55:f6:e9:51:91:44:25:78:52:8b:07:
45:99:ec:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIkHWc1dQ3xIWOaSm/6vZyDQ5iZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMTUwNjMwMzdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjYThhM2RlMmNiYjY2OWMzYzUxYTQzZWU5MTQzZjZiNmM0OTVkMjAwNWNh
YjM2NGJjNzNjM2I3ZDkxOTYxMmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3o64b8KQfg9ImWcVslSB4YZWsJlc1RUm5bkPOPtRp5WKWQ+54lv/3F9dnh
cAqUACR+/CfA8aZR8rhmSYPqk+Ww7R0bdY0tbM6ESpKfaQMtZTRdfKbw6AwlV16D
UXyu3eQe72mWiO/WOTDFCiDU3JaAQ3m/Hl87n4QsF9tjAAAXlVW8VdcUZwJqygfF
wJSUNuu+qMfWmBXM4FZ2pvFnGQkJUMPU/VuBU8raafwERKzura8UJkpIK54TDHo2
++qgydehX74P8jQ1udpRaSvWtViIBQu2KvHQ6ya37TKxtgfo3WpMftLJdZGhOchF
9fLnABXGWbMEAsdfIk61hIeH/LUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfWfUz
qeBaoRXFoa4WvRxaKvHjIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE3MzJlZmItZTIzZi00OWE0LWFkNTEtMWE0MzQzMWUwN2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCYajcpDoACrchOZ9jG2OUwws013k4FBO8Seir4
pMgxotYQD0huMGjHsHf0hMg7BTFvbPMO7cP5vCXE4mPGe7GKiJFfDxMwFBZ/sAYe
Wxr1q6n9EDvpBbvrAcvc3pqhozH4nRhBfJ1ziqZo+yfwmevvw/HmI9vvzX35EZRy
OEdOIquinuZo3mY1RU7NmGBBDkCMbWV9vaLizxpqSP6Qf1f3OVQ6nVw8TIUVlJ8i
Cp4iNKUm4hQ2RyWBMK98DXZXg0pOiWBKhyTTFCU4ANULgsVhzbqLx/WN9zR1wWXl
xq/wFzv1QSE1Im0q4e6PgBT8/r/GVfbpUZFEJXhSiwdFmezi
-----END CERTIFICATE-----
Generated at Sat Nov 15 19:57:42 2025 by rpki-client