Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
File: 113e55fd-9531-4700-bcdc-5abe9a806b41.roa (raw, json)
Hash identifier: 834QZIWaLgGrEpcnbKlZMX+fwYkxXPe3lh9AbMrmdn0=
Subject key identifier: 15:B2:F3:0C:1D:6E:4E:5A:D3:14:3A:38:35:20:D5:22:12:B6:14:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 406570BA8FC010AA73D0463B3CE4638ACAE0BF98
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
Signing time: Sat 18 Oct 2025 04:30:21 +0000
ROA not before: Sat 18 Oct 2025 04:30:21 +0000
ROA not after: Sat 22 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:65:70:ba:8f:c0:10:aa:73:d0:46:3b:3c:e4:63:8a:ca:e0:bf:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 18 04:30:21 2025 GMT
Not After : Nov 22 23:59:59 2025 GMT
Subject: serialNumber=0b088ebf346522361ff312e37216c5838561bac4166e80a5da2c7045bd64c8f8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:25:2c:29:ec:ec:e1:b9:47:3d:59:1d:7e:58:
5c:ab:15:98:5c:61:75:61:80:ed:ca:f2:ed:6e:33:
16:dc:54:25:62:4e:64:45:ae:89:8c:d3:7e:5c:11:
68:27:59:7d:b0:d4:28:00:f8:80:17:05:24:6d:bf:
dc:4b:fc:91:b2:0f:a6:99:19:40:96:18:b7:5b:7e:
28:81:17:ae:99:c4:d1:47:da:eb:c5:dc:4b:28:c6:
04:8b:07:cd:58:2b:b4:ee:51:79:5f:92:03:63:88:
3a:52:87:94:eb:2d:17:de:f6:55:67:1b:cd:2d:26:
2f:0b:a2:1d:3e:c5:a8:c9:21:89:a3:b0:4d:0c:a5:
bd:8a:61:1e:48:dd:60:25:8c:45:99:17:ea:bb:33:
04:59:56:c3:36:7b:9b:ad:aa:8f:19:ff:cb:f9:21:
e3:d6:6d:b7:fc:ba:d4:88:fd:11:46:b2:88:55:5f:
6b:40:92:05:72:1b:d2:4e:d3:b5:52:bf:f7:41:84:
8a:b9:a0:cd:68:31:2f:d4:57:5b:45:9b:55:b8:80:
34:b3:3a:a6:f2:7d:b4:78:a1:29:b8:00:93:1a:98:
fb:35:03:ad:12:4e:02:33:c6:31:be:e5:44:08:14:
37:be:19:08:96:76:c1:1e:a2:00:ca:22:37:94:ed:
65:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B2:F3:0C:1D:6E:4E:5A:D3:14:3A:38:35:20:D5:22:12:B6:14:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:800::/40
Signature Algorithm: sha256WithRSAEncryption
90:54:94:ce:96:99:ae:ec:24:93:24:06:55:28:61:f8:87:c8:
b5:f5:2b:e3:16:5b:99:08:b3:ba:f9:24:df:60:e6:5b:eb:ee:
4e:20:4c:ad:03:34:54:f5:b6:b0:09:00:16:d4:bf:72:29:11:
a6:ad:6c:91:b8:16:ae:17:67:60:d5:17:bf:b7:2d:b7:02:86:
18:51:a0:89:41:3c:13:77:29:8e:71:bb:b3:ca:3b:1b:ad:32:
20:4a:0b:e8:90:06:46:e9:fa:be:ee:0e:db:88:b1:a1:ae:c6:
be:b7:1c:3f:4a:29:7c:9a:e7:19:fb:79:71:e3:cb:2d:e7:07:
c1:fc:16:37:ff:c4:a7:a7:15:a2:3e:b1:6f:84:aa:9a:07:10:
da:2d:61:7c:ff:ce:dd:3f:1d:18:ae:6f:49:01:19:81:0e:6d:
6a:ed:77:30:e4:2e:9a:08:87:bc:6a:97:00:c0:db:89:91:dd:
25:59:01:2e:09:95:af:e3:0b:88:6a:8b:7e:77:4c:33:d9:cd:
75:d7:2c:1e:d4:ae:f5:d0:4b:f6:e3:14:46:f2:4c:84:f1:ec:
b6:0f:f8:29:a2:c0:7c:54:b5:8f:2e:a8:03:11:3b:73:6a:87:
50:af:44:e6:dd:04:e3:e1:91:93:06:92:55:e2:13:e7:89:8c:
7a:fb:4d:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQGVwuo/AEKpz0EY7PORjisrgv5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTgwNDMwMjFaFw0yNTExMjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiMDg4ZWJmMzQ2NTIyMzYxZmYzMTJlMzcyMTZjNTgzODU2MWJhYzQxNjZl
ODBhNWRhMmM3MDQ1YmQ2NGM4ZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMglLCns7OG5Rz1ZHX5YXKsVmFxhdWGA7cry7W4zFtxUJWJOZEWuiYzTflwR
aCdZfbDUKAD4gBcFJG2/3Ev8kbIPppkZQJYYt1t+KIEXrpnE0Ufa68XcSyjGBIsH
zVgrtO5ReV+SA2OIOlKHlOstF972VWcbzS0mLwuiHT7FqMkhiaOwTQylvYphHkjd
YCWMRZkX6rszBFlWwzZ7m62qjxn/y/kh49Ztt/y61Ij9EUayiFVfa0CSBXIb0k7T
tVK/90GEirmgzWgxL9RXW0WbVbiANLM6pvJ9tHihKbgAkxqY+zUDrRJOAjPGMb7l
RAgUN74ZCJZ2wR6iAMoiN5TtZWcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQVsvMM
HW5OWtMUOjg1INUiErYUSTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTEzZTU1ZmQtOTUzMS00NzAwLWJjZGMtNWFiZTlhODA2YjQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYI
MA0GCSqGSIb3DQEBCwUAA4IBAQCQVJTOlpmu7CSTJAZVKGH4h8i19SvjFluZCLO6
+STfYOZb6+5OIEytAzRU9bawCQAW1L9yKRGmrWyRuBauF2dg1Re/ty23AoYYUaCJ
QTwTdymOcbuzyjsbrTIgSgvokAZG6fq+7g7biLGhrsa+txw/Sil8mucZ+3lx48st
5wfB/BY3/8SnpxWiPrFvhKqaBxDaLWF8/87dPx0Yrm9JARmBDm1q7Xcw5C6aCIe8
apcAwNuJkd0lWQEuCZWv4wuIaot+d0wz2c111ywe1K710Ev24xRG8kyE8ey2D/gp
osB8VLWPLqgDETtzaodQr0Tm3QTj4ZGTBpJV4hPniYx6+00/
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:16 2025 by rpki-client