Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
File: dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa (raw, json)
Hash identifier: v4QmTwPLXNFYmKAyUczys75f6lVyq1jSf+AEvvlQQSM=
Subject key identifier: 55:4B:64:AA:58:D3:8F:DB:A7:C1:DE:6C:27:5C:B2:69:DC:CB:F8:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 424AABF30CDC0B1A6EB06B642E62A50E39AEBE53
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
Signing time: Tue 21 Oct 2025 13:50:57 +0000
ROA not before: Tue 21 Oct 2025 13:50:57 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:4a:ab:f3:0c:dc:0b:1a:6e:b0:6b:64:2e:62:a5:0e:39:ae:be:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:57 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=6186787b478d60a8329e2f06c1fa2a1dd050267626766a181b5d4990c562626f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2f:fa:79:7a:18:ee:7c:9a:5c:f1:50:13:bf:
ce:d0:ea:63:e7:e5:9a:4e:94:ac:4c:3b:be:a0:52:
be:a9:df:30:f4:30:d9:d3:62:14:3e:7b:e4:12:15:
20:8f:87:c6:be:23:92:32:a8:f3:9c:55:32:32:36:
51:f9:eb:cd:00:63:18:49:d0:b2:23:f5:b1:92:1f:
5c:3b:86:5a:99:77:96:51:7e:67:cb:0e:0d:29:63:
d8:81:22:18:82:11:18:b5:da:53:ce:9d:03:b7:e8:
b4:d7:26:8c:03:96:4c:8e:65:cb:df:69:21:26:18:
10:3e:6c:8e:73:d8:27:33:88:be:32:5d:31:37:ae:
f4:65:1a:8a:35:9b:10:4a:a1:2e:36:36:8a:bf:13:
11:94:70:34:d9:33:bb:cc:fe:e4:f8:0a:8a:ad:21:
c5:32:23:42:72:70:23:05:ea:21:18:35:d3:30:74:
89:a2:0b:5f:25:1e:77:06:47:4c:57:19:60:23:0c:
e3:11:3f:ee:19:c3:83:98:2a:45:6b:fa:29:8a:76:
37:a2:55:f3:87:7e:8a:a9:64:61:08:2f:f3:9a:2c:
96:76:b6:3c:7e:94:b2:66:fa:24:c4:55:bc:94:3d:
21:0d:1d:2a:2e:e2:d9:9f:1b:88:f5:df:de:f4:cd:
79:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:4B:64:AA:58:D3:8F:DB:A7:C1:DE:6C:27:5C:B2:69:DC:CB:F8:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4000::/40
Signature Algorithm: sha256WithRSAEncryption
8d:99:92:0c:79:de:41:47:1e:a1:f9:f9:95:c1:7c:b9:25:31:
2e:2b:f5:59:b3:61:32:84:1e:fc:c8:aa:b6:a2:67:ed:19:8f:
a2:d5:b4:ee:61:9c:19:c0:e8:57:1f:91:49:89:52:a1:d7:eb:
f0:40:61:5c:9c:7e:0d:6d:b7:a9:b2:d5:76:59:3b:f4:cb:04:
c0:54:ee:4b:cd:cd:04:df:75:84:f9:5c:89:06:38:1a:38:5d:
9b:9b:f7:fe:e8:f8:a7:0f:83:18:3f:0a:61:27:81:91:a8:25:
d8:4a:b8:cb:c0:f1:d1:e5:9f:2f:49:6e:41:f1:95:53:93:8e:
30:ec:46:e2:e4:b9:24:d9:b0:fc:54:22:e6:d0:7a:87:8b:47:
38:bb:fe:40:25:67:7e:07:a8:c1:b9:04:cb:00:ae:e5:1f:94:
ff:f9:07:b3:60:9a:bc:d8:ed:d2:c3:bc:74:5c:df:66:55:06:
a5:9e:38:fa:07:ef:75:72:38:0e:e6:28:95:5e:42:88:bf:bf:
49:5d:7d:4c:a0:69:55:39:2f:fa:18:d6:68:0f:54:5f:4a:16:
3a:05:be:5d:72:01:7f:54:93:ec:67:33:db:d0:6e:60:3b:91:
4d:53:95:ff:9e:4b:c0:5d:26:76:7e:a1:c2:d9:1a:e0:5c:23:
fc:ac:40:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQkqr8wzcCxpusGtkLmKlDjmuvlMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwNTdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxODY3ODdiNDc4ZDYwYTgzMjllMmYwNmMxZmEyYTFkZDA1MDI2NzYyNjc2
NmExODFiNWQ0OTkwYzU2MjYyNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgv+nl6GO58mlzxUBO/ztDqY+flmk6UrEw7vqBSvqnfMPQw2dNiFD575BIV
II+Hxr4jkjKo85xVMjI2UfnrzQBjGEnQsiP1sZIfXDuGWpl3llF+Z8sODSlj2IEi
GIIRGLXaU86dA7fotNcmjAOWTI5ly99pISYYED5sjnPYJzOIvjJdMTeu9GUaijWb
EEqhLjY2ir8TEZRwNNkzu8z+5PgKiq0hxTIjQnJwIwXqIRg10zB0iaILXyUedwZH
TFcZYCMM4xE/7hnDg5gqRWv6KYp2N6JV84d+iqlkYQgv85oslna2PH6Usmb6JMRV
vJQ9IQ0dKi7i2Z8biPXf3vTNefECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRVS2Sq
WNOP26fB3mwnXLJp3Mv4+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJkMmQ1NmEtYjY5OS00YjMzLWExNTMtZmE4MjZiNmI4MGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABA
MA0GCSqGSIb3DQEBCwUAA4IBAQCNmZIMed5BRx6h+fmVwXy5JTEuK/VZs2EyhB78
yKq2omftGY+i1bTuYZwZwOhXH5FJiVKh1+vwQGFcnH4NbbepstV2WTv0ywTAVO5L
zc0E33WE+VyJBjgaOF2bm/f+6PinD4MYPwphJ4GRqCXYSrjLwPHR5Z8vSW5B8ZVT
k44w7Ebi5Lkk2bD8VCLm0HqHi0c4u/5AJWd+B6jBuQTLAK7lH5T/+QezYJq82O3S
w7x0XN9mVQalnjj6B+91cjgO5iiVXkKIv79JXX1MoGlVOS/6GNZoD1RfShY6Bb5d
cgF/VJPsZzPb0G5gO5FNU5X/nkvAXSZ2fqHC2RrgXCP8rEA9
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:13 2025 by rpki-client