Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08d002fc-0859-45f4-8f60-c5af4e0eecee.roa
File: 08d002fc-0859-45f4-8f60-c5af4e0eecee.roa (raw, json)
Hash identifier: EjU39d4W4abMCh2pJJW2MsBnshlMLsA8l9DWR2nB1dE=
Subject key identifier: 01:75:95:48:F8:56:B5:5C:C5:F1:9F:5D:D1:0C:7D:B3:CD:9F:EE:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F12AA831A4CCAA14724769A944236081E4FF89E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08d002fc-0859-45f4-8f60-c5af4e0eecee.roa
Signing time: Mon 06 Oct 2025 17:50:59 +0000
ROA not before: Mon 06 Oct 2025 17:50:59 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:12:aa:83:1a:4c:ca:a1:47:24:76:9a:94:42:36:08:1e:4f:f8:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:59 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=a280dd18075ebc2dbed1cde1961689381ab48632a87de101d25c11fe2a7da8f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c7:17:1b:d9:c4:18:e5:76:e8:d1:60:52:1d:
b2:07:68:84:08:92:8c:15:27:8b:8b:13:cd:d3:52:
ce:52:7e:20:60:db:73:0e:36:e8:09:6b:ca:e2:c3:
05:b6:f1:c6:20:0d:b1:a6:be:5f:86:37:ba:88:8a:
b3:c2:c7:2c:b4:87:ee:5c:58:a0:e3:cb:4b:28:bd:
c8:0e:1c:07:8a:f1:ea:6f:25:bf:a8:57:4f:7f:70:
fb:15:f8:8b:38:95:02:89:4b:ed:76:34:81:8f:9c:
6f:0d:20:75:fb:07:44:29:c5:ce:41:fc:ae:57:5a:
43:8c:3b:eb:b5:8a:fa:94:67:1c:13:f2:69:80:fb:
60:9c:ff:0a:b0:d2:bb:d4:49:2e:44:2a:a2:9e:11:
e7:ab:ab:48:fb:06:33:1e:bf:9a:b8:15:99:f8:c0:
66:0c:b5:86:cb:c2:9a:5b:a1:60:1f:41:27:50:3d:
05:5e:6c:ed:82:d1:96:b7:bc:2d:b9:f9:71:66:c0:
62:4e:95:2e:95:0c:e4:0c:bf:72:8e:fd:e9:19:49:
0c:f4:53:98:6d:21:74:06:04:c6:64:84:fb:b4:e9:
f9:c8:53:78:74:40:07:91:8f:e3:ad:a5:cf:a4:12:
f9:23:a0:d2:72:fe:90:28:87:6c:36:c8:61:26:26:
85:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:75:95:48:F8:56:B5:5C:C5:F1:9F:5D:D1:0C:7D:B3:CD:9F:EE:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08d002fc-0859-45f4-8f60-c5af4e0eecee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:9000::/40
Signature Algorithm: sha256WithRSAEncryption
b8:f4:9d:97:19:63:ce:14:46:be:b4:73:cb:2f:20:f6:31:96:
86:4e:94:3d:4b:5b:3e:0b:1a:e5:2c:b1:a4:90:e1:06:2a:5c:
59:18:f4:46:eb:47:95:e2:99:bd:65:9c:09:74:77:45:b5:c5:
df:34:1b:cb:79:a5:e4:a9:a7:df:bc:e0:8d:88:06:8a:b1:ee:
90:4c:37:2e:f6:d5:bd:8f:76:a1:41:14:e0:71:40:19:8c:00:
1e:ab:bd:ae:f8:6f:20:ca:16:41:0b:3d:b4:df:fc:ce:ea:6c:
df:f2:37:f0:b0:bc:49:6d:9e:3e:5f:59:97:a8:7c:02:02:e6:
e2:f3:15:21:5b:23:96:3b:3c:98:ff:25:90:ef:ee:f9:e7:a2:
2b:e9:7e:b3:b6:62:20:3b:9a:1d:3a:eb:e5:bf:94:d1:76:e8:
ff:3e:72:67:6a:66:96:e9:2c:7c:57:2d:b8:13:2b:71:e5:4b:
f7:bb:b5:49:f8:52:f1:93:46:8e:de:a9:0b:5c:f1:1b:42:f8:
bf:79:10:73:68:72:ad:7d:48:57:34:47:48:0d:d5:b8:4d:93:
c4:f4:75:1e:55:f2:aa:c0:7e:66:9b:b5:ae:e8:88:75:9d:4a:
cf:6e:de:fd:a8:dd:7e:d7:38:82:af:c2:e5:00:ac:bc:c7:3c:
2c:8f:af:49
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXxKqgxpMyqFHJHaalEI2CB5P+J4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwNTlaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyODBkZDE4MDc1ZWJjMmRiZWQxY2RlMTk2MTY4OTM4MWFiNDg2MzJhODdk
ZTEwMWQyNWMxMWZlMmE3ZGE4ZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJHHFxvZxBjldujRYFIdsgdohAiSjBUni4sTzdNSzlJ+IGDbcw426AlryuLD
BbbxxiANsaa+X4Y3uoiKs8LHLLSH7lxYoOPLSyi9yA4cB4rx6m8lv6hXT39w+xX4
iziVAolL7XY0gY+cbw0gdfsHRCnFzkH8rldaQ4w767WK+pRnHBPyaYD7YJz/CrDS
u9RJLkQqop4R56urSPsGMx6/mrgVmfjAZgy1hsvCmluhYB9BJ1A9BV5s7YLRlre8
Lbn5cWbAYk6VLpUM5Ay/co796RlJDPRTmG0hdAYExmSE+7Tp+chTeHRAB5GP462l
z6QS+SOg0nL+kCiHbDbIYSYmhXsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQBdZVI
+Fa1XMXxn13RDH2zzZ/uuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDhkMDAyZmMtMDg1OS00NWY0LThmNjAtYzVhZjRlMGVlY2VlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H2Q
MA0GCSqGSIb3DQEBCwUAA4IBAQC49J2XGWPOFEa+tHPLLyD2MZaGTpQ9S1s+Cxrl
LLGkkOEGKlxZGPRG60eV4pm9ZZwJdHdFtcXfNBvLeaXkqaffvOCNiAaKse6QTDcu
9tW9j3ahQRTgcUAZjAAeq72u+G8gyhZBCz203/zO6mzf8jfwsLxJbZ4+X1mXqHwC
Aubi8xUhWyOWOzyY/yWQ7+7556Ir6X6ztmIgO5odOuvlv5TRduj/PnJnamaW6Sx8
Vy24Eytx5Uv3u7VJ+FLxk0aO3qkLXPEbQvi/eRBzaHKtfUhXNEdIDdW4TZPE9HUe
VfKqwH5mm7Wu6Ih1nUrPbt79qN1+1ziCr8LlAKy8xzwsj69J
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:30 2025 by rpki-client