Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa
File: a626735f-cb4b-4dff-992e-95390a4e2eea.roa (raw, json)
Hash identifier: tPhRpJSBgwFRub/+u87XqM8pxbS4yQ7ncI1lw4aSvZc=
Subject key identifier: AA:40:62:A0:A8:5E:28:C7:70:61:A3:63:C3:4A:B9:E7:F7:EC:08:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 348AD666A736442A2740288D621B6FEEEB4D13F1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa
Signing time: Tue 21 Oct 2025 13:10:09 +0000
ROA not before: Tue 21 Oct 2025 13:10:09 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:8a:d6:66:a7:36:44:2a:27:40:28:8d:62:1b:6f:ee:eb:4d:13:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:10:09 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=ef5dd93a52d8255325dcc7ccd7a8f5fe7f69cba5304080ee0de7630003af1935, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:db:6e:9b:a4:a9:5e:a3:f1:a5:12:05:6c:02:
ff:39:85:93:5a:13:fc:49:38:06:cf:d3:9e:4c:da:
29:31:ee:e1:5e:ba:77:24:b1:70:77:dc:44:83:fa:
52:09:ed:59:56:e8:db:12:ed:ce:8f:59:c2:89:63:
fc:86:a8:4d:94:54:45:97:eb:3d:b8:03:2c:16:d6:
a4:3f:cc:34:4e:6a:87:64:ec:8d:c1:51:6a:14:8d:
17:fb:28:5a:3b:dd:09:ad:09:2e:0e:79:f5:ea:d5:
a2:03:1b:01:26:ac:99:48:48:11:9a:64:57:ad:c0:
8e:2f:a1:0b:06:7e:01:56:21:aa:ee:4e:a7:02:5d:
71:1b:ce:62:1c:7e:dd:d0:0d:38:1a:3f:a4:44:9d:
5d:36:84:ae:c5:9f:5f:5a:59:76:f9:cc:88:be:83:
3d:52:5d:99:10:8e:1a:db:ce:c9:c3:32:f2:7c:9e:
14:81:1f:89:62:e1:df:c5:99:99:20:4f:ba:c5:b5:
e3:45:f5:5d:6d:95:3a:58:d9:fb:78:ce:5f:8b:50:
38:7d:c3:7a:cb:5c:23:c1:6f:c5:8e:83:0c:1e:7c:
f8:38:e5:da:16:7b:2d:ad:a8:f4:bb:d5:20:6a:c9:
ed:3a:bb:bb:8b:be:90:89:ba:f2:48:c8:90:28:d6:
29:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:40:62:A0:A8:5E:28:C7:70:61:A3:63:C3:4A:B9:E7:F7:EC:08:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:2000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:90:78:6a:94:d1:af:cf:0a:98:aa:75:70:57:5a:25:98:ba:
5e:63:6f:ca:c7:3a:15:a4:71:a8:c2:49:51:2c:02:64:f1:23:
53:74:13:aa:fd:2a:28:fe:82:b9:20:09:c2:6e:62:84:5b:ae:
3c:d6:e9:9c:29:4a:c4:d8:8d:55:15:96:c9:f5:5a:aa:5a:d3:
d8:a7:f2:8e:9f:48:48:19:e1:42:bc:e6:85:7d:cf:0e:5c:a6:
3e:f0:36:15:49:12:db:85:60:6a:a9:f7:f9:91:e3:62:a5:b1:
91:6d:dd:61:2f:17:f0:37:d4:63:0c:7c:a4:86:2a:1e:f6:f0:
aa:f2:ca:43:8a:3f:f9:91:8f:85:57:41:73:3d:d3:aa:f0:42:
e4:3d:5c:1f:16:dc:09:86:e3:6d:02:45:80:b3:10:ba:07:23:
e5:37:a0:74:53:c8:ee:e7:66:74:09:c4:fb:96:b9:14:27:5c:
97:26:8c:f4:fe:f9:ba:7b:0e:69:fe:52:f4:63:b9:6a:78:3e:
43:af:15:fe:5d:81:f3:d0:5e:4e:82:08:bf:71:14:6c:71:1b:
09:35:dd:17:57:e7:81:da:cd:76:56:74:a6:34:a7:ef:6c:df:
26:30:e1:53:4e:42:31:91:11:f2:fa:5f:f0:9e:b7:7c:e3:67:
b0:02:cc:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNIrWZqc2RConQCiNYhtv7utNE/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzEwMDlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmNWRkOTNhNTJkODI1NTMyNWRjYzdjY2Q3YThmNWZlN2Y2OWNiYTUzMDQw
ODBlZTBkZTc2MzAwMDNhZjE5MzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbbbpukqV6j8aUSBWwC/zmFk1oT/Ek4Bs/TnkzaKTHu4V66dySxcHfcRIP6
UgntWVbo2xLtzo9Zwolj/IaoTZRURZfrPbgDLBbWpD/MNE5qh2TsjcFRahSNF/so
WjvdCa0JLg559erVogMbASasmUhIEZpkV63Aji+hCwZ+AVYhqu5OpwJdcRvOYhx+
3dANOBo/pESdXTaErsWfX1pZdvnMiL6DPVJdmRCOGtvOycMy8nyeFIEfiWLh38WZ
mSBPusW140X1XW2VOljZ+3jOX4tQOH3DestcI8FvxY6DDB58+Djl2hZ7La2o9LvV
IGrJ7Tq7u4u+kIm68kjIkCjWKWMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqQGKg
qF4ox3Bho2PDSrnn9+wI5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTYyNjczNWYtY2I0Yi00ZGZmLTk5MmUtOTUzOTBhNGUyZWVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fkg
MA0GCSqGSIb3DQEBCwUAA4IBAQCgkHhqlNGvzwqYqnVwV1olmLpeY2/KxzoVpHGo
wklRLAJk8SNTdBOq/Soo/oK5IAnCbmKEW6481umcKUrE2I1VFZbJ9VqqWtPYp/KO
n0hIGeFCvOaFfc8OXKY+8DYVSRLbhWBqqff5keNipbGRbd1hLxfwN9RjDHykhioe
9vCq8spDij/5kY+FV0FzPdOq8ELkPVwfFtwJhuNtAkWAsxC6ByPlN6B0U8ju52Z0
CcT7lrkUJ1yXJoz0/vm6ew5p/lL0Y7lqeD5DrxX+XYHz0F5Oggi/cRRscRsJNd0X
V+eB2s12VnSmNKfvbN8mMOFTTkIxkRHy+l/wnrd842ewAsyO
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:26 2025 by rpki-client