Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa
File: 04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa (raw, json)
Hash identifier: 3DpWiwKKeLjpCG22zzqedgSvTHhDhZWdO9Uy1oMhS3U=
Subject key identifier: A8:83:D2:C5:94:7E:39:4B:6F:35:C4:C6:F4:34:30:EC:3E:D7:D8:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79305E98880ED87EB90C9EDBC4E1B711FECDA2AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa
Signing time: Fri 10 Oct 2025 17:04:59 +0000
ROA not before: Fri 10 Oct 2025 17:04:59 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:30:5e:98:88:0e:d8:7e:b9:0c:9e:db:c4:e1:b7:11:fe:cd:a2:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:04:59 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=e794fc8c176db73189eeaed504f2ba80d12e724fa67de6053cfdeb666848b732, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fc:23:36:7d:54:b6:0a:26:d9:1f:fd:b0:bf:
b8:be:89:fd:d9:28:9e:56:fe:c1:fd:00:48:97:2e:
15:31:71:5f:5f:f2:3a:b8:56:63:e4:81:1c:3f:e2:
cf:14:37:50:7d:57:65:5d:82:87:b8:85:36:df:cf:
ec:67:7e:c5:ba:5e:4d:d9:b7:e0:0e:d2:00:e8:88:
19:be:2b:ea:9b:f8:2b:a3:61:97:3d:e3:8d:6f:2f:
43:dd:eb:41:d8:91:bd:67:6c:f9:16:bd:88:5c:a0:
88:85:4f:f6:4d:51:22:08:dd:b4:15:ff:84:6f:bc:
59:24:f6:a5:df:c3:09:a5:60:dd:e5:c1:49:1d:8e:
e6:b2:4c:b1:44:65:93:cd:01:33:c5:84:b7:63:b8:
a6:77:c2:74:83:e7:7a:04:b9:d6:57:c4:66:1a:3e:
90:8e:05:25:51:5e:aa:5e:a2:92:d4:1c:84:77:be:
fd:d1:b7:28:dc:e6:b2:2d:c0:f8:4e:32:f1:12:d7:
13:5c:0c:7b:55:fb:88:94:b6:0e:ab:66:be:8c:12:
58:62:0a:1c:b6:e5:28:b9:34:60:62:cf:6b:88:dd:
d0:7a:f8:cb:15:ed:bf:63:85:4c:10:55:ae:6d:a5:
cc:14:67:ec:36:40:36:76:0e:87:58:51:a9:bf:a1:
5a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:83:D2:C5:94:7E:39:4B:6F:35:C4:C6:F4:34:30:EC:3E:D7:D8:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:b000::/40
Signature Algorithm: sha256WithRSAEncryption
90:6e:ea:a6:67:73:bd:aa:2b:d2:83:4c:2b:aa:0f:ca:09:50:
c2:d2:48:3f:d4:1e:c5:49:0f:78:5a:7b:bf:00:81:83:03:1d:
02:75:91:09:e5:14:76:f4:9d:b4:dc:69:a5:a9:37:e3:1e:15:
ac:e7:e0:81:11:42:a3:55:1b:df:6b:de:c7:84:5d:56:43:d4:
0e:47:74:d1:a4:9f:c7:d9:94:c6:52:bc:f7:8b:fb:7a:23:9c:
26:1f:6b:2d:3b:63:96:25:54:45:6b:80:c4:1a:90:a5:8b:59:
72:3a:0a:9c:da:21:ac:f1:60:24:8a:e9:74:03:d7:04:6f:57:
72:7e:ef:42:c2:f7:aa:59:e1:40:04:3e:92:55:1f:ce:11:09:
39:c3:9f:42:2f:c7:c4:9b:e7:12:f0:66:8b:1e:41:aa:4e:a8:
24:83:67:7f:e9:51:2e:04:29:bf:cf:74:8b:7d:81:29:8f:33:
e0:18:27:23:d9:d8:b5:3a:cb:a5:3a:af:ca:64:0b:e6:8a:47:
71:c3:24:52:05:99:3e:fd:f9:0e:77:3e:81:31:99:a8:3f:bc:
ae:db:f9:a5:c8:90:e0:3f:76:10:fd:c2:2b:21:8e:83:24:e6:
18:a5:56:4a:13:51:1e:15:cb:99:ff:48:19:95:00:71:6e:d4:
bf:d4:20:a8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeTBemIgO2H65DJ7bxOG3Ef7NoqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzA0NTlaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3OTRmYzhjMTc2ZGI3MzE4OWVlYWVkNTA0ZjJiYTgwZDEyZTcyNGZhNjdk
ZTYwNTNjZmRlYjY2Njg0OGI3MzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL78IzZ9VLYKJtkf/bC/uL6J/dkonlb+wf0ASJcuFTFxX1/yOrhWY+SBHD/i
zxQ3UH1XZV2Ch7iFNt/P7Gd+xbpeTdm34A7SAOiIGb4r6pv4K6Nhlz3jjW8vQ93r
QdiRvWds+Ra9iFygiIVP9k1RIgjdtBX/hG+8WST2pd/DCaVg3eXBSR2O5rJMsURl
k80BM8WEt2O4pnfCdIPnegS51lfEZho+kI4FJVFeql6iktQchHe+/dG3KNzmsi3A
+E4y8RLXE1wMe1X7iJS2DqtmvowSWGIKHLblKLk0YGLPa4jd0Hr4yxXtv2OFTBBV
rm2lzBRn7DZANnYOh1hRqb+hWlUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSog9LF
lH45S281xMb0NDDsPtfYqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQwMzQzMDYtYWFhNC00MGM4LTljMWItYzNmMWNmYzIzZDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fmw
MA0GCSqGSIb3DQEBCwUAA4IBAQCQbuqmZ3O9qivSg0wrqg/KCVDC0kg/1B7FSQ94
Wnu/AIGDAx0CdZEJ5RR29J203GmlqTfjHhWs5+CBEUKjVRvfa97HhF1WQ9QOR3TR
pJ/H2ZTGUrz3i/t6I5wmH2stO2OWJVRFa4DEGpCli1lyOgqc2iGs8WAkiul0A9cE
b1dyfu9CwveqWeFABD6SVR/OEQk5w59CL8fEm+cS8GaLHkGqTqgkg2d/6VEuBCm/
z3SLfYEpjzPgGCcj2di1OsulOq/KZAvmikdxwyRSBZk+/fkOdz6BMZmoP7yu2/ml
yJDgP3YQ/cIrIY6DJOYYpVZKE1EeFcuZ/0gZlQBxbtS/1CCo
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:17 2025 by rpki-client