Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa
File: ad017d4e-10ed-4706-a728-1b3d3feae80f.roa (raw, json)
Hash identifier: 667+fS0DvseghewiZa1bbphVb1EBpzxX0c537w3f6Jg=
Subject key identifier: 74:E8:FD:6D:9D:90:4A:AF:BD:C7:B6:C7:0F:3A:C4:16:B8:8E:99:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3402517D77847163E68935D2E0ED1263CC63B420
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa
Signing time: Tue 21 Oct 2025 13:20:54 +0000
ROA not before: Tue 21 Oct 2025 13:20:54 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:02:51:7d:77:84:71:63:e6:89:35:d2:e0:ed:12:63:cc:63:b4:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:54 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=5a11df6568f3f53cca8bb42e7715773b0e45419af0f49152a0ab064ec7e75399, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:bc:67:2e:36:2c:37:8c:ae:ce:2d:a6:d6:e2:
f1:02:e1:0f:56:80:3a:a3:65:34:c7:f0:3f:fe:d0:
b6:56:db:68:c5:4d:db:85:65:2e:14:aa:e5:02:6b:
61:ba:d1:5c:92:1a:f4:bd:ea:95:bc:e5:de:bb:98:
8b:68:eb:f1:8b:c8:21:98:cb:a5:6f:56:81:e5:ef:
38:a5:81:f1:15:da:9a:29:e0:c9:6a:9f:d4:b2:73:
4a:5a:ab:b5:97:b1:0f:31:50:fa:bb:a1:7d:d4:25:
5a:ca:a1:c1:50:11:e9:e9:d8:9d:3d:d8:48:57:98:
92:2d:d4:66:c0:d0:a8:44:3e:7f:32:ba:90:c9:5d:
50:17:14:bc:58:56:24:09:ea:44:7a:2e:42:ba:fc:
eb:3a:e8:31:cb:d3:4f:50:6a:37:4f:ac:8c:c4:6a:
34:99:0b:a0:8c:8a:8d:3c:fa:1a:00:d1:ba:32:9b:
02:55:27:65:46:d5:e2:e0:ab:bf:63:3f:e6:fd:cf:
50:c2:59:c3:fa:57:45:ce:9d:e6:b7:a6:a1:74:69:
be:45:58:bb:be:9a:3e:39:d1:d8:3f:7a:7a:5f:8a:
15:da:4f:e6:45:bb:b6:42:76:a0:6a:2f:7d:cd:1a:
3a:3f:92:43:8a:11:8b:68:01:0c:cc:f5:20:64:cf:
b3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E8:FD:6D:9D:90:4A:AF:BD:C7:B6:C7:0F:3A:C4:16:B8:8E:99:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
a4:0f:cd:36:91:91:44:0a:d1:6b:90:73:a1:75:b1:5c:5d:11:
e7:56:0e:1c:50:04:9a:0a:5d:db:7b:7a:d8:a8:15:92:fe:88:
0f:31:38:f4:95:ca:86:f0:fc:ad:3f:fa:ab:bd:9f:14:33:d0:
5b:40:99:31:6a:38:f7:89:b3:26:bf:d5:b5:63:5e:0d:cb:c6:
84:84:39:2d:14:c1:07:42:26:21:f4:ac:bc:aa:94:67:d6:b8:
27:2b:62:1b:2f:1c:e2:19:77:53:2e:d0:7d:59:7e:d5:ee:fb:
57:f3:58:11:af:0a:cc:4d:70:27:f5:c6:cb:4b:a1:87:eb:37:
13:85:93:8a:36:97:3b:2e:79:ee:04:f4:21:6f:c0:b6:df:f0:
ae:d4:c8:25:1c:6b:5c:9f:2c:f0:95:3a:5f:9e:21:66:97:e5:
c5:e4:9b:49:08:89:f0:f9:bc:eb:3d:c2:6e:5c:d1:e2:16:15:
d4:50:0c:c5:b6:b6:80:d4:8c:d4:36:73:cf:86:24:7a:52:c1:
9f:a4:3e:57:98:67:bf:a6:71:5c:4e:4e:6a:60:ff:43:69:da:
7c:ae:89:f5:d1:ae:b1:f8:47:a4:ac:3f:65:1c:1c:54:a2:f1:
8e:4e:4c:32:fe:48:45:2d:34:21:5c:66:db:c7:63:48:6a:84:
dc:a0:5b:2c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNAJRfXeEcWPmiTXS4O0SY8xjtCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwNTRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhMTFkZjY1NjhmM2Y1M2NjYThiYjQyZTc3MTU3NzNiMGU0NTQxOWFmMGY0
OTE1MmEwYWIwNjRlYzdlNzUzOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOe8Zy42LDeMrs4tptbi8QLhD1aAOqNlNMfwP/7QtlbbaMVN24VlLhSq5QJr
YbrRXJIa9L3qlbzl3ruYi2jr8YvIIZjLpW9WgeXvOKWB8RXamingyWqf1LJzSlqr
tZexDzFQ+ruhfdQlWsqhwVAR6enYnT3YSFeYki3UZsDQqEQ+fzK6kMldUBcUvFhW
JAnqRHouQrr86zroMcvTT1BqN0+sjMRqNJkLoIyKjTz6GgDRujKbAlUnZUbV4uCr
v2M/5v3PUMJZw/pXRc6d5remoXRpvkVYu76aPjnR2D96el+KFdpP5kW7tkJ2oGov
fc0aOj+SQ4oRi2gBDMz1IGTPsxsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR06P1t
nZBKr73HtscPOsQWuI6Z6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQwMTdkNGUtMTBlZC00NzA2LWE3MjgtMWIzZDNmZWFlODBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9A
MA0GCSqGSIb3DQEBCwUAA4IBAQCkD802kZFECtFrkHOhdbFcXRHnVg4cUASaCl3b
e3rYqBWS/ogPMTj0lcqG8PytP/qrvZ8UM9BbQJkxajj3ibMmv9W1Y14Ny8aEhDkt
FMEHQiYh9Ky8qpRn1rgnK2IbLxziGXdTLtB9WX7V7vtX81gRrwrMTXAn9cbLS6GH
6zcThZOKNpc7LnnuBPQhb8C23/Cu1MglHGtcnyzwlTpfniFml+XF5JtJCInw+bzr
PcJuXNHiFhXUUAzFtraA1IzUNnPPhiR6UsGfpD5XmGe/pnFcTk5qYP9Dadp8ron1
0a6x+EekrD9lHBxUovGOTkwy/khFLTQhXGbbx2NIaoTcoFss
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:17 2025 by rpki-client