Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
File: 9fb96617-2d2f-468d-b766-35c52d9f2681.roa (raw, json)
Hash identifier: M3JR8PmRk/DmXga7UuM9LS30VZqNDUsT9xOVzWhjNFw=
Subject key identifier: B1:15:A6:68:68:FD:C5:68:73:64:10:54:75:20:86:C6:0A:12:7E:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7357A7631D76C9772E6B60A905B5B0C71120BE75
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
Signing time: Tue 21 Oct 2025 13:20:49 +0000
ROA not before: Tue 21 Oct 2025 13:20:49 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:57:a7:63:1d:76:c9:77:2e:6b:60:a9:05:b5:b0:c7:11:20:be:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:49 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=e1e9fd1e5cb0e886b5ea872667f1b7c2d9b0eac91fa650ab3c4e01dbef764801, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:02:4b:f7:2e:0e:69:a7:23:c8:36:f4:dd:a0:
93:55:80:6a:3d:2f:31:61:53:59:8c:85:f6:5e:67:
8b:cf:55:49:e5:e6:59:56:90:0c:b9:56:27:5e:ba:
e9:24:a4:15:f7:b1:5e:1f:bf:a6:7b:4f:cc:49:2c:
6a:4b:bb:fa:77:07:20:4a:02:71:38:5d:b1:19:3e:
3f:2a:e6:0d:84:0e:a1:21:40:5a:68:20:63:01:c2:
aa:06:4c:59:8d:00:8d:9d:ac:22:c0:d1:da:c9:cc:
f2:09:13:b0:6a:eb:47:97:64:06:f4:17:16:b7:68:
00:61:86:58:d5:79:96:5d:2e:70:cf:89:dc:06:dc:
25:4d:a6:f7:b3:27:dd:f6:31:87:de:dd:84:74:86:
b4:25:26:d9:60:d9:9c:cf:c7:a0:da:84:05:7d:87:
44:17:fd:ac:52:f4:12:d2:8f:9f:60:5d:7b:4c:94:
dc:68:55:1a:26:98:4d:d8:72:aa:b0:54:6f:13:0d:
66:ab:7d:4d:06:12:b3:ce:0b:a9:49:7a:a1:7e:73:
77:e8:9e:63:49:e9:d0:f5:e9:43:6c:27:24:a6:52:
db:94:44:1c:70:7d:8c:04:65:eb:4a:e5:af:9b:5f:
0c:92:22:7b:e9:15:3f:01:d3:34:20:43:3f:33:0e:
db:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:15:A6:68:68:FD:C5:68:73:64:10:54:75:20:86:C6:0A:12:7E:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:800::/38
Signature Algorithm: sha256WithRSAEncryption
25:4a:e6:99:1f:89:a7:ad:d6:00:b4:16:25:ec:1e:90:bb:d5:
b8:a8:2b:49:47:97:49:53:71:08:d9:b3:13:f8:0d:72:51:ec:
ee:bf:b4:26:99:16:df:6e:0f:a9:44:06:8b:59:f1:98:97:57:
3c:d2:b3:42:86:10:55:d9:63:62:0f:35:c5:f7:a7:09:33:5a:
89:7a:51:cd:78:a7:b6:f1:a9:bf:fd:64:03:19:4a:e5:04:b9:
0d:34:82:64:3f:0d:df:35:8b:0f:9a:78:f6:b5:e3:be:ca:38:
fe:e9:54:e4:09:3e:25:67:4b:0b:fe:46:bb:a4:f5:ca:f6:6f:
e9:f5:c1:92:01:35:c5:7b:f8:d4:2a:33:47:a7:77:49:31:e5:
4c:55:32:d2:33:3a:11:f1:42:11:25:61:49:6d:48:52:8f:ca:
d0:30:68:56:58:78:f4:85:6e:c1:71:1d:6e:39:c4:04:f1:18:
2b:3b:86:59:77:f6:b9:2a:0d:2e:4d:58:29:3c:3b:10:5b:e5:
e4:28:ed:51:6a:0b:b6:c7:91:45:f6:f1:ab:b1:b4:56:ec:b4:
11:3b:97:cc:f6:06:aa:69:05:3e:1d:78:e6:9b:bc:61:f5:3e:
cf:c6:e8:c5:b3:2c:00:b2:50:20:13:50:d2:85:86:e5:a5:15:
8e:0d:16:f8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc1enYx12yXcua2CpBbWwxxEgvnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwNDlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxZTlmZDFlNWNiMGU4ODZiNWVhODcyNjY3ZjFiN2MyZDliMGVhYzkxZmE2
NTBhYjNjNGUwMWRiZWY3NjQ4MDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgCS/cuDmmnI8g29N2gk1WAaj0vMWFTWYyF9l5ni89VSeXmWVaQDLlWJ166
6SSkFfexXh+/pntPzEksaku7+ncHIEoCcThdsRk+PyrmDYQOoSFAWmggYwHCqgZM
WY0AjZ2sIsDR2snM8gkTsGrrR5dkBvQXFrdoAGGGWNV5ll0ucM+J3AbcJU2m97Mn
3fYxh97dhHSGtCUm2WDZnM/HoNqEBX2HRBf9rFL0EtKPn2Bde0yU3GhVGiaYTdhy
qrBUbxMNZqt9TQYSs84LqUl6oX5zd+ieY0np0PXpQ2wnJKZS25REHHB9jARl60rl
r5tfDJIie+kVPwHTNCBDPzMO230CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSxFaZo
aP3FaHNkEFR1IIbGChJ+xzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZiOTY2MTctMmQyZi00NjhkLWI3NjYtMzVjNTJkOWYyNjgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUI
MA0GCSqGSIb3DQEBCwUAA4IBAQAlSuaZH4mnrdYAtBYl7B6Qu9W4qCtJR5dJU3EI
2bMT+A1yUezuv7QmmRbfbg+pRAaLWfGYl1c80rNChhBV2WNiDzXF96cJM1qJelHN
eKe28am//WQDGUrlBLkNNIJkPw3fNYsPmnj2teO+yjj+6VTkCT4lZ0sL/ka7pPXK
9m/p9cGSATXFe/jUKjNHp3dJMeVMVTLSMzoR8UIRJWFJbUhSj8rQMGhWWHj0hW7B
cR1uOcQE8RgrO4ZZd/a5Kg0uTVgpPDsQW+XkKO1Ragu2x5FF9vGrsbRW7LQRO5fM
9gaqaQU+HXjmm7xh9T7PxujFsywAslAgE1DShYblpRWODRb4
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:52 2025 by rpki-client