Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
File: e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa (raw, json)
Hash identifier: h5A22EP5UgC+eES5rhqghF5gtDFa5ejskoJbOCI2TZI=
Subject key identifier: E7:E6:25:50:03:F8:58:4D:F4:35:7F:8C:3B:A1:A5:73:CD:53:FF:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 027E6840F789ABF05477EE5C1A443A78EC4392F4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
Signing time: Tue 21 Oct 2025 13:20:55 +0000
ROA not before: Tue 21 Oct 2025 13:20:55 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:7e:68:40:f7:89:ab:f0:54:77:ee:5c:1a:44:3a:78:ec:43:92:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:55 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=2942abbaec28613dd9a6985e0903e8e48e32659557df3b8d33b111bc3c66d419, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e3:d5:2b:8f:e1:24:27:92:67:ee:4c:74:11:
49:3c:e6:dc:80:9e:7c:10:af:3c:e3:6e:d4:b6:b9:
94:92:20:92:39:45:71:99:72:04:a6:bb:ad:2f:12:
b7:63:0f:28:65:02:89:95:9b:cc:00:c4:40:37:c7:
7f:c6:0e:4b:7c:58:02:94:1d:43:74:9e:73:0b:59:
45:81:fc:6b:53:eb:3c:22:60:20:1d:ff:3d:27:80:
b7:60:47:e1:9c:49:e3:ec:15:4b:a1:d6:45:86:fe:
83:8f:94:63:d7:fd:3e:d9:81:a7:76:ef:24:e9:a5:
0b:fd:ab:d2:e2:2d:4f:00:6b:b2:2b:7a:a1:18:2f:
89:75:fd:0a:2a:aa:c1:2b:50:92:e5:48:81:e7:91:
db:d5:5f:f5:9c:55:5d:45:e8:1a:09:c2:8d:f2:70:
a1:25:40:02:0e:6d:95:9a:4c:f4:3c:30:05:7e:ce:
89:36:c5:5b:87:c0:8d:96:77:64:9f:45:c8:14:90:
36:cd:12:d3:8a:5c:ad:94:7a:ae:e9:c5:a9:86:62:
92:73:2f:73:28:46:c1:ea:d3:55:23:e4:c4:93:da:
d7:6f:b9:8d:ee:c7:cd:91:0f:7e:94:0b:bb:8a:2b:
5c:b9:e2:8e:46:68:bf:df:5e:88:9e:b1:05:84:80:
7f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E6:25:50:03:F8:58:4D:F4:35:7F:8C:3B:A1:A5:73:CD:53:FF:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
1e:95:ca:e6:c2:14:1c:fe:1e:7f:6c:d1:47:81:b7:d5:5e:be:
f3:d7:be:7a:80:0d:f5:17:66:a7:9d:68:1e:31:7b:34:e0:c4:
bb:4a:43:90:17:53:8a:24:a4:15:ba:b2:2e:c6:0b:8e:cc:4f:
83:3d:e4:6b:b2:22:8e:a4:91:49:0b:5d:f3:a7:49:71:cc:d5:
be:c1:e8:1e:0f:c5:c3:0c:b3:75:2d:42:0f:e2:5e:b7:3c:8e:
72:67:87:fe:0b:ce:24:cd:17:59:b5:0e:99:9c:52:a1:76:1b:
55:aa:5f:84:db:59:b2:71:e1:bb:39:ef:31:88:62:38:ab:b0:
b9:34:5c:5b:85:98:8d:e8:cc:a1:04:a4:95:99:80:66:0f:a0:
1a:c6:54:bf:a1:11:b2:4f:9b:b1:df:2e:ed:70:04:b9:4a:29:
ab:14:62:3e:ff:c6:9a:6c:bf:f5:ac:6a:e0:b4:d9:f6:9e:00:
b8:61:88:2a:35:2f:d6:c9:52:b0:0c:7c:26:b6:08:65:ee:6e:
90:99:75:a0:94:16:a9:5e:59:40:eb:1e:0d:7a:24:8b:d1:0f:
ae:cc:4a:3f:03:27:7d:7b:3e:58:3f:b8:f6:01:f1:ae:3e:c8:
20:af:81:b5:c9:2c:4f:67:80:85:90:90:12:7d:a0:1d:4f:40:
99:eb:e5:d0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAn5oQPeJq/BUd+5cGkQ6eOxDkvQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwNTVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5NDJhYmJhZWMyODYxM2RkOWE2OTg1ZTA5MDNlOGU0OGUzMjY1OTU1N2Rm
M2I4ZDMzYjExMWJjM2M2NmQ0MTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIfj1SuP4SQnkmfuTHQRSTzm3ICefBCvPONu1La5lJIgkjlFcZlyBKa7rS8S
t2MPKGUCiZWbzADEQDfHf8YOS3xYApQdQ3SecwtZRYH8a1PrPCJgIB3/PSeAt2BH
4ZxJ4+wVS6HWRYb+g4+UY9f9PtmBp3bvJOmlC/2r0uItTwBrsit6oRgviXX9Ciqq
wStQkuVIgeeR29Vf9ZxVXUXoGgnCjfJwoSVAAg5tlZpM9DwwBX7OiTbFW4fAjZZ3
ZJ9FyBSQNs0S04pcrZR6runFqYZiknMvcyhGwerTVSPkxJPa12+5je7HzZEPfpQL
u4orXLnijkZov99eiJ6xBYSAf8cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTn5iVQ
A/hYTfQ1f4w7oaVzzVP/PDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg3YTk3MWMtOWJhZC00NGQ0LWJhNjMtOWMwOWYwMjk5ZmEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg
wDANBgkqhkiG9w0BAQsFAAOCAQEAHpXK5sIUHP4ef2zRR4G31V6+89e+eoAN9Rdm
p51oHjF7NODEu0pDkBdTiiSkFbqyLsYLjsxPgz3ka7IijqSRSQtd86dJcczVvsHo
Hg/FwwyzdS1CD+JetzyOcmeH/gvOJM0XWbUOmZxSoXYbVapfhNtZsnHhuznvMYhi
OKuwuTRcW4WYjejMoQSklZmAZg+gGsZUv6ERsk+bsd8u7XAEuUopqxRiPv/Gmmy/
9axq4LTZ9p4AuGGIKjUv1slSsAx8JrYIZe5ukJl1oJQWqV5ZQOseDXoki9EPrsxK
PwMnfXs+WD+49gHxrj7IIK+BtcksT2eAhZCQEn2gHU9Amevl0A==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:38 2025 by rpki-client