Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
File: ed0f44c7-c286-45c9-9156-5644f580ab41.roa (raw, json)
Hash identifier: 4DEXQDfwvhqi3vgL0w1d0/p29o5LUX5zUbVf6vqO0Pc=
Subject key identifier: E8:D5:6E:02:84:86:BE:F6:DC:DD:9E:DD:07:0F:55:9B:ED:E4:15:23
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52D319EC5BE0D1EB4486AD40E322F6A276737591
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
Signing time: Tue 21 Oct 2025 14:00:56 +0000
ROA not before: Tue 21 Oct 2025 14:00:56 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:d3:19:ec:5b:e0:d1:eb:44:86:ad:40:e3:22:f6:a2:76:73:75:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:00:56 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=6fb553c6a4462d12c3c154e46499118717c26e325c745fe9a7c1d3c5546c22c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:87:d8:6c:93:67:bc:0e:91:86:c6:d5:41:f1:
6b:c4:f2:d2:34:3e:0e:2b:8d:fd:48:80:3e:98:db:
11:a7:a0:74:8e:8e:24:c4:0d:d2:bf:fc:95:fd:bd:
c0:30:40:29:89:26:57:6c:00:83:fa:6b:e3:2f:c3:
fe:c3:24:06:80:0e:bc:96:70:99:39:77:c4:30:be:
8c:7f:ed:f3:be:00:1a:9e:5e:50:59:b8:b1:3b:e6:
02:88:a6:67:18:c4:29:d5:8a:e8:b6:d2:ad:68:b2:
c2:87:40:2a:67:ae:f7:d6:f5:b9:56:dd:b5:6b:24:
73:ea:76:2b:f8:93:37:13:ba:5a:03:01:0d:85:82:
48:32:ec:ac:e7:42:03:c0:e5:43:35:8c:a5:6e:5c:
59:42:48:49:21:18:48:1c:a2:03:03:f8:73:c4:81:
3f:9a:d5:d6:87:33:7b:99:ed:55:1a:69:a5:4b:c0:
33:c0:9f:71:32:20:0a:0b:5f:d4:23:df:e6:5f:b6:
88:1f:95:9d:5a:44:34:f3:62:30:c9:4d:8b:45:eb:
16:0c:c8:9e:4a:ce:ae:17:41:20:7b:0c:8d:ca:13:
98:47:1c:71:1c:3c:a1:c4:f8:19:18:32:22:a7:48:
3f:17:b0:e6:95:60:6b:f1:bb:8d:3c:bf:8a:fa:61:
3e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D5:6E:02:84:86:BE:F6:DC:DD:9E:DD:07:0F:55:9B:ED:E4:15:23
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:b000::/40
Signature Algorithm: sha256WithRSAEncryption
99:6b:a8:63:b1:b6:4f:4a:7c:2f:93:47:c4:df:89:1c:8d:dc:
39:dd:7f:df:b6:14:34:c6:03:c8:af:e0:e6:f0:d8:31:df:0d:
8c:fe:46:d0:8e:b1:5f:f0:c6:6b:a0:c8:d5:6a:01:cf:e9:e0:
e2:e8:b6:ba:95:fc:e6:55:f6:b6:f2:60:2d:68:30:60:c4:05:
b4:de:4f:4a:02:72:5d:c9:2b:d7:71:76:c3:2a:af:2d:fe:e4:
3c:a4:41:67:1e:4a:55:9a:33:03:0d:9e:f2:80:2f:1b:5e:1a:
b5:c8:20:8f:f5:8a:94:1c:62:41:fb:6b:dc:70:16:ab:dd:40:
5e:5e:a0:2f:19:9c:43:f8:de:68:37:3e:27:4f:60:ba:53:e3:
b4:24:2c:df:2a:22:4d:ed:6a:a7:01:ea:ad:22:5a:44:42:f1:
8a:84:9b:9f:e1:34:18:b3:98:3e:26:80:31:f1:aa:0d:e0:db:
c9:0d:be:23:b1:12:40:de:76:64:da:1c:f9:1d:b3:7b:3f:7f:
32:98:9c:77:7c:69:fe:96:c4:1d:85:44:f3:3f:88:0a:f6:af:
31:31:ef:7a:1a:ac:63:94:d8:84:99:9c:2e:43:58:3e:2c:f6:
df:98:10:9d:f4:10:0a:00:36:07:b3:2c:73:7b:55:8e:bf:1c:
93:da:ef:f9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUtMZ7Fvg0etEhq1A4yL2onZzdZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDAwNTZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmYjU1M2M2YTQ0NjJkMTJjM2MxNTRlNDY0OTkxMTg3MTdjMjZlMzI1Yzc0
NWZlOWE3YzFkM2M1NTQ2YzIyYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO6H2GyTZ7wOkYbG1UHxa8Ty0jQ+DiuN/UiAPpjbEaegdI6OJMQN0r/8lf29
wDBAKYkmV2wAg/pr4y/D/sMkBoAOvJZwmTl3xDC+jH/t874AGp5eUFm4sTvmAoim
ZxjEKdWK6LbSrWiywodAKmeu99b1uVbdtWskc+p2K/iTNxO6WgMBDYWCSDLsrOdC
A8DlQzWMpW5cWUJISSEYSByiAwP4c8SBP5rV1ocze5ntVRpppUvAM8CfcTIgCgtf
1CPf5l+2iB+VnVpENPNiMMlNi0XrFgzInkrOrhdBIHsMjcoTmEcccRw8ocT4GRgy
IqdIPxew5pVga/G7jTy/ivphPrUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTo1W4C
hIa+9tzdnt0HD1Wb7eQVIzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWQwZjQ0YzctYzI4Ni00NWM5LTkxNTYtNTY0NGY1ODBhYjQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fiw
MA0GCSqGSIb3DQEBCwUAA4IBAQCZa6hjsbZPSnwvk0fE34kcjdw53X/fthQ0xgPI
r+Dm8Ngx3w2M/kbQjrFf8MZroMjVagHP6eDi6La6lfzmVfa28mAtaDBgxAW03k9K
AnJdySvXcXbDKq8t/uQ8pEFnHkpVmjMDDZ7ygC8bXhq1yCCP9YqUHGJB+2vccBar
3UBeXqAvGZxD+N5oNz4nT2C6U+O0JCzfKiJN7WqnAeqtIlpEQvGKhJuf4TQYs5g+
JoAx8aoN4NvJDb4jsRJA3nZk2hz5HbN7P38ymJx3fGn+lsQdhUTzP4gK9q8xMe96
GqxjlNiEmZwuQ1g+LPbfmBCd9BAKADYHsyxze1WOvxyT2u/5
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:12 2025 by rpki-client