Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
File: 02484022-c79f-4464-827b-2127faff0b06.roa (raw, json)
Hash identifier: 25/AVD4maiZQsqWiY/HpcAY+lIqqxNl7U9keAUwds58=
Subject key identifier: 98:38:67:91:C6:25:F8:1E:6B:32:90:64:7E:42:69:45:AA:92:ED:7E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27C59CD7FF84F60287902A326ECAB33C28D89175
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
Signing time: Mon 13 Oct 2025 18:00:02 +0000
ROA not before: Mon 13 Oct 2025 18:00:02 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:c5:9c:d7:ff:84:f6:02:87:90:2a:32:6e:ca:b3:3c:28:d8:91:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 18:00:02 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=3b7c94c7397788aafcad8f7eafdaa9b01dc14c0994b468f5f2cef4f1cd505b7a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6b:11:30:59:a2:44:ec:d2:73:96:6c:23:d5:
b8:60:7a:a7:64:ca:c2:f4:41:70:c9:2d:c3:aa:15:
17:49:bc:33:ec:84:12:9b:81:71:4a:ce:4f:ad:d7:
60:87:14:e0:f4:d2:ba:43:da:77:b7:82:c4:c9:09:
09:ef:75:c3:01:a5:b0:84:ba:a3:0e:0f:c6:be:85:
fd:a2:08:43:61:21:b5:b8:be:31:df:67:4f:3d:4a:
26:52:c8:98:ff:70:d4:3e:32:fd:10:bd:08:57:b4:
4f:01:a7:08:6b:57:43:38:44:f5:a6:8b:e2:c4:60:
52:3f:8c:3e:08:d1:e6:90:a4:08:a8:2d:13:9b:a8:
42:47:51:22:b5:6c:d1:39:db:ff:d5:af:06:ff:d7:
3a:ad:aa:01:ea:e9:80:ed:26:60:66:a6:c7:f6:e1:
d8:8a:e7:99:06:11:f7:94:7c:34:23:7e:ee:c8:c1:
a3:f0:a8:d3:9b:48:ff:bf:b2:08:23:03:06:bc:53:
d3:04:d9:cd:ff:9d:48:a0:8d:8e:b9:9c:0e:4b:23:
ed:26:f8:52:5d:60:24:36:f6:b3:9b:35:65:b6:4e:
58:b0:6c:a8:af:34:12:e1:8a:a8:68:90:bd:1a:89:
c2:cc:a0:c9:7e:61:73:0f:b1:cc:3f:e8:c9:9c:0f:
3a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:38:67:91:C6:25:F8:1E:6B:32:90:64:7E:42:69:45:AA:92:ED:7E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030::/32
Signature Algorithm: sha256WithRSAEncryption
42:1a:ed:4c:cf:4d:82:99:3a:f0:4f:ee:28:bb:81:67:3f:ca:
1e:31:a4:83:a2:b1:d1:8f:08:bf:3f:4a:1b:0a:85:f5:23:65:
ab:11:af:02:9f:49:b5:59:f7:68:6e:1a:bc:0c:4b:ab:3e:e4:
b0:36:0b:b2:dd:28:21:f8:cb:b0:07:03:cc:67:9e:2f:e8:58:
82:f9:dd:b0:49:04:c9:63:1c:26:3e:93:fa:f2:09:ea:c2:00:
05:6f:fb:d3:27:ab:6b:a8:a4:89:bf:5d:7d:19:94:34:a2:83:
f5:74:5b:fd:90:31:ab:d3:64:b8:ea:eb:6b:11:db:1f:3a:fc:
3e:f7:98:d5:89:e5:d9:dd:98:8d:e7:64:2a:5c:d3:be:90:c2:
c5:85:96:fa:0b:51:47:f8:f0:70:85:0b:ad:9a:5b:dc:ff:c6:
7a:6e:90:1e:2e:0a:d9:f4:9a:61:ca:b4:9c:e9:b6:6e:27:14:
e1:14:23:d3:9a:13:c1:d9:1a:a5:3d:90:e3:c0:2e:5f:21:b8:
8b:e7:8e:f9:ee:be:51:5b:84:e4:a6:d6:41:2e:75:f3:ad:90:
6e:91:d0:ab:02:48:ca:4c:8a:a2:8a:4a:d7:42:d6:50:ea:88:
90:ed:cb:d3:c4:3e:ee:c7:0f:a7:32:1d:43:83:b2:70:ff:84:
b9:54:1c:21
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUJ8Wc1/+E9gKHkCoybsqzPCjYkXUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxODAwMDJaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiN2M5NGM3Mzk3Nzg4YWFmY2FkOGY3ZWFmZGFhOWIwMWRjMTRjMDk5NGI0
NjhmNWYyY2VmNGYxY2Q1MDViN2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBrETBZokTs0nOWbCPVuGB6p2TKwvRBcMktw6oVF0m8M+yEEpuBcUrOT63X
YIcU4PTSukPad7eCxMkJCe91wwGlsIS6ow4Pxr6F/aIIQ2Ehtbi+Md9nTz1KJlLI
mP9w1D4y/RC9CFe0TwGnCGtXQzhE9aaL4sRgUj+MPgjR5pCkCKgtE5uoQkdRIrVs
0Tnb/9WvBv/XOq2qAerpgO0mYGamx/bh2IrnmQYR95R8NCN+7sjBo/Co05tI/7+y
CCMDBrxT0wTZzf+dSKCNjrmcDksj7Sb4Ul1gJDb2s5s1ZbZOWLBsqK80EuGKqGiQ
vRqJwsygyX5hcw+xzD/oyZwPOq8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSYOGeR
xiX4HmsykGR+QmlFqpLtfjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDI0ODQwMjItYzc5Zi00NDY0LTgyN2ItMjEyN2ZhZmYwYjA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DAw
DQYJKoZIhvcNAQELBQADggEBAEIa7UzPTYKZOvBP7ii7gWc/yh4xpIOisdGPCL8/
ShsKhfUjZasRrwKfSbVZ92huGrwMS6s+5LA2C7LdKCH4y7AHA8xnni/oWIL53bBJ
BMljHCY+k/ryCerCAAVv+9Mnq2uopIm/XX0ZlDSig/V0W/2QMavTZLjq62sR2x86
/D73mNWJ5dndmI3nZCpc076QwsWFlvoLUUf48HCFC62aW9z/xnpukB4uCtn0mmHK
tJzptm4nFOEUI9OaE8HZGqU9kOPALl8huIvnjvnuvlFbhOSm1kEudfOtkG6R0KsC
SMpMiqKKStdC1lDqiJDty9PEPu7HD6cyHUODsnD/hLlUHCE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:44 2025 by rpki-client