Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
File: cda3712d-34a6-428d-a694-19bab377c44e.roa (raw, json)
Hash identifier: 3gtzdoy2mIKm04EX/qLgMqAxFM9TX+fusJvf0bbnNMM=
Subject key identifier: 6E:28:BC:49:EF:AA:22:30:2A:A2:7D:02:EF:5B:BC:40:62:11:B6:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4309A688C2582A13C4BFCE1E50B91762A3363AF4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
Signing time: Tue 21 Oct 2025 14:10:24 +0000
ROA not before: Tue 21 Oct 2025 14:10:24 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:09:a6:88:c2:58:2a:13:c4:bf:ce:1e:50:b9:17:62:a3:36:3a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:10:24 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=8495f2eeb5ceb54398cb43c60e56cdf67366e268f2e7b5b9537776937cde3f0f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:24:d3:af:1b:25:63:1b:66:ad:78:03:08:80:
82:d4:66:87:84:ca:f7:e5:8b:92:bd:68:ca:66:6d:
75:90:c9:be:c3:bf:64:6a:39:8d:f9:35:e1:3d:59:
a9:29:60:79:e5:cf:5b:83:78:2d:23:d3:90:5b:01:
b6:f5:a6:38:9b:2b:30:8f:52:92:25:28:9d:91:8b:
45:47:9b:20:89:20:bf:34:3b:d7:d3:24:eb:d2:7e:
8b:83:cf:bc:ca:41:2c:83:04:f7:3d:8e:b6:85:09:
a3:fc:a4:0d:a0:ff:7e:6e:b8:3f:1c:94:60:9f:14:
b9:25:57:95:3c:a1:c3:08:e4:66:13:7f:5d:6a:8f:
69:ba:28:46:1e:d5:10:8a:6b:8f:bb:37:56:0b:27:
52:a3:27:7d:97:4c:c2:c1:e1:30:bc:0f:50:9d:9c:
a3:0d:f1:a1:27:25:c6:17:41:c8:0a:09:50:b6:c8:
05:33:99:9c:04:e9:d8:48:cb:1c:fe:20:32:3a:e0:
1a:c3:19:22:6e:55:1f:3a:d2:2b:30:38:d2:ec:01:
6f:48:88:17:9b:c0:d1:b5:3d:70:20:36:95:c8:12:
13:e2:6e:18:4d:92:d8:e3:cb:d0:d6:c8:1a:52:d3:
38:8e:53:3c:4e:30:e6:c1:ee:ca:ae:4d:c0:21:02:
51:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:28:BC:49:EF:AA:22:30:2A:A2:7D:02:EF:5B:BC:40:62:11:B6:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/38
Signature Algorithm: sha256WithRSAEncryption
71:e2:ce:0a:78:18:7a:3d:12:08:2c:09:50:ef:d2:70:13:3d:
07:b4:6b:1c:77:ea:47:cb:15:26:bf:66:6d:8d:ef:f5:4f:4c:
67:91:17:62:d4:20:94:43:67:4b:93:0e:8a:4a:ea:cc:38:bf:
c1:1b:92:db:af:87:4f:4e:41:c8:ef:9a:5d:aa:cc:83:92:f2:
26:40:5c:bf:14:bc:20:4d:9a:d5:eb:f0:4c:ef:40:24:4a:fa:
1e:49:fe:41:e1:19:37:79:81:b3:13:74:0c:07:40:ed:c8:7f:
64:5c:79:d4:e1:5a:43:24:a8:a4:99:76:28:11:8b:25:9e:90:
35:54:c9:59:16:c0:5e:db:69:6b:3c:06:0f:e8:07:32:a6:ce:
48:21:ba:8c:34:45:ff:eb:fc:74:52:c0:e0:6f:e5:10:f8:e8:
16:f5:df:54:1c:5e:39:29:fb:df:90:b1:a1:a9:fc:ff:2d:af:
ac:dc:c6:03:43:6f:89:cf:95:a9:f5:ec:de:59:c9:28:07:88:
82:cf:fd:cb:6d:18:46:91:d7:62:b6:6d:89:f8:af:d8:ea:65:
93:e5:df:b2:f0:05:63:9e:6d:48:4f:9a:34:a0:33:05:8d:f4:
5b:72:d8:85:15:ec:cd:01:be:74:5a:bc:1b:e2:b5:6b:6b:c9:
a8:82:04:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQwmmiMJYKhPEv84eULkXYqM2OvQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDEwMjRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0OTVmMmVlYjVjZWI1NDM5OGNiNDNjNjBlNTZjZGY2NzM2NmUyNjhmMmU3
YjViOTUzNzc3NjkzN2NkZTNmMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQk068bJWMbZq14AwiAgtRmh4TK9+WLkr1oymZtdZDJvsO/ZGo5jfk14T1Z
qSlgeeXPW4N4LSPTkFsBtvWmOJsrMI9SkiUonZGLRUebIIkgvzQ719Mk69J+i4PP
vMpBLIME9z2OtoUJo/ykDaD/fm64PxyUYJ8UuSVXlTyhwwjkZhN/XWqPabooRh7V
EIprj7s3VgsnUqMnfZdMwsHhMLwPUJ2cow3xoSclxhdByAoJULbIBTOZnATp2EjL
HP4gMjrgGsMZIm5VHzrSKzA40uwBb0iIF5vA0bU9cCA2lcgSE+JuGE2S2OPL0NbI
GlLTOI5TPE4w5sHuyq5NwCECUTkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRuKLxJ
76oiMCqifQLvW7xAYhG2bDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhMzcxMmQtMzRhNi00MjhkLWE2OTQtMTliYWIzNzdjNDRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQBx4s4KeBh6PRIILAlQ79JwEz0HtGscd+pHyxUm
v2Ztje/1T0xnkRdi1CCUQ2dLkw6KSurMOL/BG5Lbr4dPTkHI75pdqsyDkvImQFy/
FLwgTZrV6/BM70AkSvoeSf5B4Rk3eYGzE3QMB0DtyH9kXHnU4VpDJKikmXYoEYsl
npA1VMlZFsBe22lrPAYP6Acyps5IIbqMNEX/6/x0UsDgb+UQ+OgW9d9UHF45Kfvf
kLGhqfz/La+s3MYDQ2+Jz5Wp9ezeWckoB4iCz/3LbRhGkdditm2J+K/Y6mWT5d+y
8AVjnm1IT5o0oDMFjfRbctiFFezNAb50Wrwb4rVra8moggRa
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:57 2025 by rpki-client