Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
File: e437969a-a36c-4417-88bd-c48ac88d9a5c.roa (raw, json)
Hash identifier: nrIrczG0sy9deWAp3jeYew/1a66OhGK/D0QENYJs1cI=
Subject key identifier: F1:24:B9:64:FC:3B:E5:15:3A:A2:F0:F0:72:0E:6F:71:DB:35:C2:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A96E9883DE22A3D98D41666E41FB41EC1FF56B3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
Signing time: Tue 21 Oct 2025 14:20:05 +0000
ROA not before: Tue 21 Oct 2025 14:20:05 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:96:e9:88:3d:e2:2a:3d:98:d4:16:66:e4:1f:b4:1e:c1:ff:56:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:20:05 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=732ef4b3f818b497b91d980d03cd92ba71f76d7136badd22b85bd68ccd430b0f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d4:2b:91:bc:ea:94:70:87:84:b6:ed:c2:a8:
4e:3f:32:c8:e5:6f:2b:bc:bb:40:a9:1f:69:90:ba:
9b:69:72:83:ca:fa:27:b5:97:b0:5e:5d:69:f3:eb:
69:df:2f:71:74:94:aa:4a:7d:67:f3:bb:ed:76:55:
a5:81:71:b3:e3:01:ee:62:79:ba:91:37:52:46:38:
aa:f5:8e:af:42:c0:37:bd:c1:22:90:39:ad:7a:31:
f0:fc:bc:d9:73:f3:c4:66:27:32:02:df:48:36:67:
1a:dc:73:86:66:e8:5d:5a:bf:51:b3:e1:56:bb:39:
11:f5:32:a2:dc:e5:e7:3f:82:d3:bd:c8:4a:80:74:
72:44:9b:6c:ca:19:e5:44:9c:86:4f:4d:50:03:3e:
e2:01:f7:6c:4a:e2:e8:d0:85:cc:9f:14:ef:60:dc:
e8:c8:5c:58:fd:6f:d7:a4:08:81:d3:52:df:6b:dc:
b9:4c:0d:88:71:5d:06:b4:ef:4f:2e:04:ba:51:76:
aa:77:b5:5e:65:f5:67:aa:58:36:80:fd:66:eb:e3:
e5:77:38:fa:23:a6:af:d4:db:b5:cf:6d:eb:1c:bf:
f0:37:f8:0b:f0:ad:83:90:30:6e:96:b5:22:b0:38:
57:6e:05:af:a2:4e:3a:85:20:05:ce:8b:7f:e6:15:
fc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:24:B9:64:FC:3B:E5:15:3A:A2:F0:F0:72:0E:6F:71:DB:35:C2:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:b080::/48
Signature Algorithm: sha256WithRSAEncryption
63:2f:54:50:16:b8:01:fd:a3:58:61:31:45:f6:3b:3f:09:ca:
7d:6a:18:9d:57:5d:2c:ad:f4:0a:60:88:02:59:f6:db:89:aa:
65:8a:79:57:19:2f:63:9b:dc:b3:66:02:50:b8:97:1e:16:0f:
6b:82:f0:b3:f7:de:4c:e8:6e:d9:3a:09:10:46:40:56:2f:2f:
b2:ea:f3:5c:54:9d:c3:a3:57:80:22:77:da:fe:e0:00:0d:58:
6b:05:b8:5e:e8:d9:42:f4:ef:15:d1:e3:0e:b7:30:e2:f0:8a:
01:3c:30:80:c2:e1:a8:20:68:b1:d6:06:30:42:f2:52:7b:ef:
06:07:2a:5e:dc:59:63:3f:9b:bf:b7:a3:89:25:1e:59:21:01:
56:fa:ef:9d:87:62:59:d8:c1:dc:2a:2e:7b:2f:03:0d:99:72:
1d:24:8a:5c:f7:80:d8:27:6b:49:1a:ac:ad:17:56:00:ae:a6:
5e:c2:0c:63:b2:ee:60:c8:e5:87:e8:26:b8:cc:55:4d:e8:db:
18:0d:d8:35:aa:20:b5:48:3f:3f:06:e6:84:de:bd:3c:4a:e9:
ab:24:5d:4c:53:ca:c8:f1:22:5f:ee:50:8b:49:18:3b:98:90:
29:d6:81:2b:24:bc:fb:68:9c:0a:7f:c9:b6:b0:90:cd:0d:d2:
f6:9a:b6:99
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWpbpiD3iKj2Y1BZm5B+0HsH/VrMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIwMDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDczMmVmNGIzZjgxOGI0OTdiOTFkOTgwZDAzY2Q5MmJhNzFmNzZkNzEzNmJh
ZGQyMmI4NWJkNjhjY2Q0MzBiMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjUK5G86pRwh4S27cKoTj8yyOVvK7y7QKkfaZC6m2lyg8r6J7WXsF5dafPr
ad8vcXSUqkp9Z/O77XZVpYFxs+MB7mJ5upE3UkY4qvWOr0LAN73BIpA5rXox8Py8
2XPzxGYnMgLfSDZnGtxzhmboXVq/UbPhVrs5EfUyotzl5z+C073ISoB0ckSbbMoZ
5USchk9NUAM+4gH3bEri6NCFzJ8U72Dc6MhcWP1v16QIgdNS32vcuUwNiHFdBrTv
Ty4EulF2qne1XmX1Z6pYNoD9Zuvj5Xc4+iOmr9Tbtc9t6xy/8Df4C/Ctg5Awbpa1
IrA4V24Fr6JOOoUgBc6Lf+YV/BsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTxJLlk
/DvlFTqi8PByDm9x2zXCITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTQzNzk2OWEtYTM2Yy00NDE3LTg4YmQtYzQ4YWM4OGQ5YTVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Diw
gDANBgkqhkiG9w0BAQsFAAOCAQEAYy9UUBa4Af2jWGExRfY7PwnKfWoYnVddLK30
CmCIAln224mqZYp5VxkvY5vcs2YCULiXHhYPa4Lws/feTOhu2ToJEEZAVi8vsurz
XFSdw6NXgCJ32v7gAA1YawW4XujZQvTvFdHjDrcw4vCKATwwgMLhqCBosdYGMELy
UnvvBgcqXtxZYz+bv7ejiSUeWSEBVvrvnYdiWdjB3Couey8DDZlyHSSKXPeA2Cdr
SRqsrRdWAK6mXsIMY7LuYMjlh+gmuMxVTejbGA3YNaogtUg/PwbmhN69PErpqyRd
TFPKyPEiX+5Qi0kYO5iQKdaBKyS8+2icCn/JtrCQzQ3S9pq2mQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:14 2025 by rpki-client