Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
File: e84166dd-4497-414d-9864-983017c7c326.roa (raw, json)
Hash identifier: dts/IJ6YjgyC5ITyCBas8KiQqmrDCZonlIY3k0/pNno=
Subject key identifier: 37:C4:31:3B:A9:21:1C:34:89:2F:09:8C:62:67:58:66:DC:15:84:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78538759B260D9E396EE1D94D0FCA2947B724317
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
Signing time: Tue 21 Oct 2025 14:20:05 +0000
ROA not before: Tue 21 Oct 2025 14:20:05 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:53:87:59:b2:60:d9:e3:96:ee:1d:94:d0:fc:a2:94:7b:72:43:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:20:05 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=9f4ee2e6959aa9f202e0a5ebf8f428c5587743e58f02e330ef9fd781b8f022a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cc:f7:31:4e:29:b2:a9:95:b1:d2:af:1f:f7:
5f:06:32:1d:9a:7e:4a:fb:35:bd:7c:5e:57:63:24:
53:2d:c3:4a:8d:4e:30:0d:3e:bc:c5:57:4e:61:c5:
dc:40:36:cb:84:ca:b3:9d:b7:a8:c8:8d:a9:4e:35:
15:7a:88:5b:ba:5e:f2:b0:a5:13:67:7c:1c:6c:61:
ff:01:cd:91:ed:6c:c8:fc:1a:98:e2:f1:db:b1:f4:
69:0a:f2:cb:39:a1:ef:d6:0c:70:d5:eb:5f:fa:43:
89:a8:17:99:c0:f8:79:df:42:41:a5:b7:d9:52:33:
1a:0a:57:ae:70:47:50:f0:90:ff:fb:d9:05:b2:5d:
85:8b:83:2f:60:0f:70:ed:29:9d:2b:3f:d7:3f:36:
27:9a:71:68:68:59:a1:82:63:10:0a:50:51:1f:fc:
22:18:47:90:ce:39:27:9f:70:e6:fd:63:ef:d9:44:
0e:11:81:38:2b:93:07:4c:bd:95:6b:69:cf:28:18:
9e:32:24:31:98:25:24:8b:f0:bb:c2:c9:b5:2b:77:
d6:31:4c:d4:45:d7:5c:23:75:1a:f2:e1:b8:8f:8a:
4b:8c:f0:82:9f:09:68:2f:f5:4b:53:b3:bf:cc:70:
bb:23:f3:45:f9:3e:5c:4f:ca:b2:46:d2:b0:c7:99:
99:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C4:31:3B:A9:21:1C:34:89:2F:09:8C:62:67:58:66:DC:15:84:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:5000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:32:99:1c:15:d0:35:c1:35:25:8e:fd:56:5a:ec:48:c3:8f:
7f:7e:f5:80:b2:fb:40:a4:6d:16:e5:bb:5f:fc:22:00:ea:a6:
8c:ac:6c:ef:29:52:2a:ad:a2:b3:7d:cc:97:56:0a:31:53:15:
a6:13:09:df:d9:bf:aa:f2:70:93:df:f7:9a:36:a8:9a:07:30:
dc:5a:52:15:af:07:f3:b4:be:9a:8e:c4:0b:78:22:d1:96:4e:
80:60:49:cc:d9:7f:32:06:d1:ce:44:90:bd:d3:f3:f8:62:78:
08:dc:ec:3b:00:09:38:a8:a3:19:b5:7e:44:95:2e:8c:c8:89:
3c:73:d4:e5:c5:78:61:67:32:f2:27:54:90:cb:2a:3b:37:be:
f0:8d:66:01:49:f2:2b:dd:f0:f9:1d:43:3d:e5:26:d1:6f:c0:
48:ae:e1:3e:82:78:5b:8d:93:c4:d5:cc:2d:9d:a8:11:90:d7:
99:fb:d9:bf:e8:74:ab:dc:5e:02:a1:99:82:71:94:d3:3e:d2:
c5:73:e5:40:83:f6:4a:a1:82:08:99:bb:3a:39:b6:13:94:98:
7b:e4:35:3e:f1:27:da:e9:ba:d1:3e:83:54:8f:4f:fd:52:dd:
c5:9c:c0:91:cb:39:bd:a9:03:c1:ec:4a:69:45:43:98:a8:be:
19:15:87:f9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeFOHWbJg2eOW7h2U0PyilHtyQxcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIwMDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmNGVlMmU2OTU5YWE5ZjIwMmUwYTVlYmY4ZjQyOGM1NTg3NzQzZTU4ZjAy
ZTMzMGVmOWZkNzgxYjhmMDIyYTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/M9zFOKbKplbHSrx/3XwYyHZp+Svs1vXxeV2MkUy3DSo1OMA0+vMVXTmHF
3EA2y4TKs523qMiNqU41FXqIW7pe8rClE2d8HGxh/wHNke1syPwamOLx27H0aQry
yzmh79YMcNXrX/pDiagXmcD4ed9CQaW32VIzGgpXrnBHUPCQ//vZBbJdhYuDL2AP
cO0pnSs/1z82J5pxaGhZoYJjEApQUR/8IhhHkM45J59w5v1j79lEDhGBOCuTB0y9
lWtpzygYnjIkMZglJIvwu8LJtSt31jFM1EXXXCN1GvLhuI+KS4zwgp8JaC/1S1Oz
v8xwuyPzRfk+XE/KskbSsMeZmRMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3xDE7
qSEcNIkvCYxiZ1hm3BWEJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg0MTY2ZGQtNDQ5Ny00MTRkLTk4NjQtOTgzMDE3YzdjMzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCoMpkcFdA1wTUljv1WWuxIw49/fvWAsvtApG0W
5btf/CIA6qaMrGzvKVIqraKzfcyXVgoxUxWmEwnf2b+q8nCT3/eaNqiaBzDcWlIV
rwfztL6ajsQLeCLRlk6AYEnM2X8yBtHORJC90/P4YngI3Ow7AAk4qKMZtX5ElS6M
yIk8c9TlxXhhZzLyJ1SQyyo7N77wjWYBSfIr3fD5HUM95SbRb8BIruE+gnhbjZPE
1cwtnagRkNeZ+9m/6HSr3F4CoZmCcZTTPtLFc+VAg/ZKoYIImbs6ObYTlJh75DU+
8Sfa6brRPoNUj0/9Ut3FnMCRyzm9qQPB7EppRUOYqL4ZFYf5
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:21:12 2025 by rpki-client