Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
File: eb69b216-60d5-4f56-b2b8-3401f331f31e.roa (raw, json)
Hash identifier: Xik0wkqWg6f/kA+HMWG24Djv4rNnjfKtfryQzF0reQQ=
Subject key identifier: 03:B2:B4:7E:7A:77:F5:9C:B1:1C:FE:AA:00:68:F1:28:23:34:D7:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1079F0635E7756BC4619CFF2A6A67BDB0E2478E3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
Signing time: Tue 21 Oct 2025 14:10:43 +0000
ROA not before: Tue 21 Oct 2025 14:10:43 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:79:f0:63:5e:77:56:bc:46:19:cf:f2:a6:a6:7b:db:0e:24:78:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:10:43 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=f8de69df496db0fd377d5903a88b19a381f9f20608f5c70fcaa0231afc7f5deb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c7:92:74:96:b2:d9:94:78:cb:66:46:78:4f:
09:e4:07:f6:2d:96:7c:7a:14:1a:b7:d9:ff:cc:2c:
3b:1e:59:da:44:05:92:da:6e:e4:43:64:d1:82:6d:
2a:74:2a:5c:9e:d8:fe:2c:22:be:29:d0:03:2b:8f:
ca:c8:d7:49:e4:cf:6a:ee:d5:8d:62:0c:06:35:95:
39:cd:d7:2f:e6:ac:cd:31:cf:72:4e:bf:3d:92:38:
a4:16:56:99:c2:50:52:1d:f1:bc:97:7c:f1:4b:b8:
11:98:60:b9:c9:0c:52:21:8c:19:5c:90:c8:9b:2d:
89:7e:31:3c:ac:ed:86:14:55:52:fb:39:40:33:07:
6c:c4:5a:45:08:f0:8c:3c:46:73:4f:fc:2b:5f:42:
34:33:a5:0b:2a:e3:04:5b:57:6b:37:23:ad:f9:77:
0f:12:ba:7f:fa:23:47:d5:42:79:11:96:d5:ab:dd:
04:74:d6:2e:2a:a9:a3:28:5e:92:e5:11:c9:7e:de:
c6:db:94:ce:06:9b:60:c9:f3:ba:17:a6:26:8a:e9:
87:a2:77:ac:61:44:8f:39:9e:2d:00:11:0a:4f:68:
cd:06:8f:19:8c:17:f5:ae:29:75:42:08:33:0e:77:
94:08:b0:45:80:2a:c1:2a:b3:b7:25:47:66:77:4f:
0b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B2:B4:7E:7A:77:F5:9C:B1:1C:FE:AA:00:68:F1:28:23:34:D7:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
61:fc:9e:e2:86:45:ff:6e:a4:c8:74:9c:c5:c3:cf:d7:7c:a5:
7b:46:25:30:b0:8a:ce:66:93:9e:80:6e:73:88:91:f3:ee:65:
ca:41:b3:db:21:4e:84:b7:2e:86:83:40:77:d6:42:b7:27:9a:
39:91:93:02:c2:17:89:4e:36:c2:7e:47:12:19:a0:83:a2:68:
35:8b:f7:5f:d8:3d:99:0c:40:54:84:67:97:e5:04:3a:a3:fa:
5f:72:a4:f2:58:c6:99:b1:cb:8b:e1:76:f7:ec:71:1b:28:16:
2b:bb:c6:66:52:d5:5b:ab:29:1e:ca:72:67:99:a7:82:e1:1b:
f2:21:3f:32:c3:c6:5b:a4:fe:00:fb:67:50:67:1b:a1:74:61:
27:97:c3:2a:a8:db:10:ee:f2:21:f3:e0:7d:2e:53:12:80:99:
1e:c1:b6:97:06:4b:85:9a:dd:e4:cc:6e:1c:f1:3f:0c:7c:97:
08:67:bd:10:17:d0:0d:e3:65:fd:f1:cb:83:c5:bf:1d:66:f2:
bf:63:13:83:fc:de:54:87:34:3a:a8:f0:a7:20:af:20:d3:b6:
78:62:47:95:fb:b5:fc:8f:47:fc:e8:1d:1f:59:7f:29:7f:6f:
5e:3e:e2:20:b6:e2:9e:2d:a6:9f:34:9e:9f:b3:b5:68:18:d7:
58:94:19:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEHnwY153VrxGGc/ypqZ72w4keOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDEwNDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4ZGU2OWRmNDk2ZGIwZmQzNzdkNTkwM2E4OGIxOWEzODFmOWYyMDYwOGY1
YzcwZmNhYTAyMzFhZmM3ZjVkZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHHknSWstmUeMtmRnhPCeQH9i2WfHoUGrfZ/8wsOx5Z2kQFktpu5ENk0YJt
KnQqXJ7Y/iwivinQAyuPysjXSeTPau7VjWIMBjWVOc3XL+aszTHPck6/PZI4pBZW
mcJQUh3xvJd88Uu4EZhguckMUiGMGVyQyJstiX4xPKzthhRVUvs5QDMHbMRaRQjw
jDxGc0/8K19CNDOlCyrjBFtXazcjrfl3DxK6f/ojR9VCeRGW1avdBHTWLiqpoyhe
kuURyX7extuUzgabYMnzuhemJorph6J3rGFEjzmeLQARCk9ozQaPGYwX9a4pdUII
Mw53lAiwRYAqwSqztyVHZndPCzcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDsrR+
enf1nLEc/qoAaPEoIzTXjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWI2OWIyMTYtNjBkNS00ZjU2LWIyYjgtMzQwMWYzMzFmMzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HpA
MA0GCSqGSIb3DQEBCwUAA4IBAQBh/J7ihkX/bqTIdJzFw8/XfKV7RiUwsIrOZpOe
gG5ziJHz7mXKQbPbIU6Ety6Gg0B31kK3J5o5kZMCwheJTjbCfkcSGaCDomg1i/df
2D2ZDEBUhGeX5QQ6o/pfcqTyWMaZscuL4Xb37HEbKBYru8ZmUtVbqykeynJnmaeC
4RvyIT8yw8ZbpP4A+2dQZxuhdGEnl8MqqNsQ7vIh8+B9LlMSgJkewbaXBkuFmt3k
zG4c8T8MfJcIZ70QF9AN42X98cuDxb8dZvK/YxOD/N5UhzQ6qPCnIK8g07Z4YkeV
+7X8j0f86B0fWX8pf29ePuIgtuKeLaafNJ6fs7VoGNdYlBme
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:21 2025 by rpki-client