Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
File: d84b5798-b167-465e-8272-054986363200.roa (raw, json)
Hash identifier: AdIXl+D667Wl0jdOEjFjjAAbwx551t/G4e9Bsne/M4s=
Subject key identifier: EE:02:90:22:F5:33:F1:64:BD:DF:33:57:25:04:46:59:61:D9:48:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63C3999DE27FD6CB04FFEF5060BFD9DC66BEA608
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
Signing time: Tue 21 Oct 2025 14:30:55 +0000
ROA not before: Tue 21 Oct 2025 14:30:55 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:c3:99:9d:e2:7f:d6:cb:04:ff:ef:50:60:bf:d9:dc:66:be:a6:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:30:55 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=364a697aa6655af5e37c15ea4ca8a786eb6a44f6f381a0a0725a6e999367a85f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0a:41:4e:b7:3a:83:e7:e1:60:4f:1d:b4:0f:
14:c2:96:ff:dc:0b:1b:b9:e7:6b:b8:4b:47:b4:4a:
5d:b0:61:91:98:19:f3:69:ee:7c:6f:bf:9b:a6:e3:
54:7c:58:19:89:bd:c1:7b:ae:11:86:43:9a:4f:3f:
13:5f:f8:74:41:0c:c1:e3:e4:bc:af:af:83:fe:96:
09:6b:21:59:6e:ff:47:01:3a:3b:35:3f:53:9f:a0:
c5:2b:d4:e5:26:be:3e:de:17:59:58:15:5d:29:c9:
68:13:41:49:8a:93:29:45:e5:f9:b4:24:67:58:2d:
92:7f:4c:d0:76:2b:e8:47:a3:c6:e0:e7:57:e3:38:
fe:3e:2f:06:a2:08:9b:70:88:eb:c3:f4:50:7f:07:
b3:bc:db:11:ce:93:60:70:ee:21:43:5c:7d:36:66:
17:54:a2:d9:f2:61:22:44:93:7c:5c:f5:e9:cd:9e:
45:a2:e7:b8:df:de:d0:b7:f6:80:7a:e3:11:0e:02:
27:df:92:a1:02:60:51:02:89:5e:21:b9:51:22:85:
34:63:6d:85:41:db:16:ce:1d:20:34:68:c5:de:4e:
a7:36:71:8a:11:b4:82:cf:e7:14:d7:f8:63:54:24:
58:b8:19:b2:71:f1:16:cd:86:86:39:7b:7b:c9:11:
81:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:02:90:22:F5:33:F1:64:BD:DF:33:57:25:04:46:59:61:D9:48:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
5f:a3:b1:bc:ea:9d:94:d4:11:a3:c8:5f:a2:bd:40:01:37:19:
c4:85:6d:90:17:38:a0:e6:2e:b1:94:41:5c:5a:1d:00:02:be:
45:05:ca:52:d2:65:20:3d:f2:9c:d8:0f:8b:14:bd:09:a1:22:
6c:b2:60:7b:4a:93:27:d9:12:24:18:68:3b:7a:ae:d8:3e:19:
22:f9:6e:24:94:56:ac:8b:0a:d4:5d:77:0e:1c:a5:46:23:09:
c2:86:dc:b7:4e:7b:92:a5:20:12:3e:88:40:b2:e7:1a:25:ac:
b2:8d:8c:66:a1:45:db:9d:82:13:9b:fa:48:47:15:94:85:e4:
64:b0:d8:eb:8b:08:f6:5d:0c:b6:10:0a:f2:1a:c5:b7:e2:bc:
e2:54:05:8f:fa:47:a6:86:99:9b:e6:e1:44:36:33:30:1c:f3:
c1:23:9e:54:d6:86:0e:9f:09:fc:f0:28:fc:7c:b7:d9:6b:ad:
86:d9:72:a1:a6:e5:2e:81:64:91:86:0a:c8:c5:26:21:91:93:
7c:46:cf:3a:11:a9:19:0c:72:a1:94:cc:6d:77:ec:91:b2:63:
92:39:c9:4c:8c:2f:1e:48:03:94:10:23:13:8a:de:37:bb:3c:
fd:ac:3b:89:07:70:69:7f:33:17:38:22:5e:00:bc:c2:82:9d:
c7:54:29:37
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUY8OZneJ/1ssE/+9QYL/Z3Ga+pggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMwNTVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2NGE2OTdhYTY2NTVhZjVlMzdjMTVlYTRjYThhNzg2ZWI2YTQ0ZjZmMzgx
YTBhMDcyNWE2ZTk5OTM2N2E4NWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYKQU63OoPn4WBPHbQPFMKW/9wLG7nna7hLR7RKXbBhkZgZ82nufG+/m6bj
VHxYGYm9wXuuEYZDmk8/E1/4dEEMwePkvK+vg/6WCWshWW7/RwE6OzU/U5+gxSvU
5Sa+Pt4XWVgVXSnJaBNBSYqTKUXl+bQkZ1gtkn9M0HYr6EejxuDnV+M4/j4vBqII
m3CI68P0UH8Hs7zbEc6TYHDuIUNcfTZmF1Si2fJhIkSTfFz16c2eRaLnuN/e0Lf2
gHrjEQ4CJ9+SoQJgUQKJXiG5USKFNGNthUHbFs4dIDRoxd5OpzZxihG0gs/nFNf4
Y1QkWLgZsnHxFs2Ghjl7e8kRgQ8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTuApAi
9TPxZL3fM1clBEZZYdlIvzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDg0YjU3OTgtYjE2Ny00NjVlLTgyNzItMDU0OTg2MzYzMjAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
wDANBgkqhkiG9w0BAQsFAAOCAQEAX6OxvOqdlNQRo8hfor1AATcZxIVtkBc4oOYu
sZRBXFodAAK+RQXKUtJlID3ynNgPixS9CaEibLJge0qTJ9kSJBhoO3qu2D4ZIvlu
JJRWrIsK1F13DhylRiMJwobct057kqUgEj6IQLLnGiWsso2MZqFF252CE5v6SEcV
lIXkZLDY64sI9l0MthAK8hrFt+K84lQFj/pHpoaZm+bhRDYzMBzzwSOeVNaGDp8J
/PAo/Hy32WuthtlyoablLoFkkYYKyMUmIZGTfEbPOhGpGQxyoZTMbXfskbJjkjnJ
TIwvHkgDlBAjE4reN7s8/aw7iQdwaX8zFzgiXgC8woKdx1QpNw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:21:13 2025 by rpki-client