Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1277c797-1181-445f-b798-ef72bbfc284c.roa
File: 1277c797-1181-445f-b798-ef72bbfc284c.roa (raw, json)
Hash identifier: aeahKq8jVnyvZIIKO0dsrxKAycgs80AL1eIQCHV4jmI=
Subject key identifier: DF:4A:79:8C:56:B9:DE:40:D8:F4:E4:41:4B:43:82:75:2F:54:D5:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 079B76C92AF6CB4F7A16B235BE14FC89573EEE40
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1277c797-1181-445f-b798-ef72bbfc284c.roa
Signing time: Fri 10 Oct 2025 17:04:58 +0000
ROA not before: Fri 10 Oct 2025 17:04:58 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:9b:76:c9:2a:f6:cb:4f:7a:16:b2:35:be:14:fc:89:57:3e:ee:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:04:58 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=c6af6dcfe4c87ab15fdff9c89a8ffdc00f497322ed2ffd8441b832cb544f3e63, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1e:58:d8:27:2a:09:ef:73:2c:1d:ab:92:8e:
de:c6:69:80:93:c7:c2:56:80:96:7b:63:77:57:6b:
7a:98:ee:1d:50:53:cd:67:86:a6:49:3f:9c:fc:b1:
9d:ac:44:cb:8c:1c:1a:ea:ba:f6:20:71:d2:e4:96:
e2:25:85:b2:60:37:28:fe:27:3c:6f:d3:93:63:fa:
3d:1e:e9:cf:4b:a0:c6:9e:23:e9:04:bb:a5:5b:e2:
e8:ce:e6:f0:1e:5c:e0:d6:54:5c:3c:8d:69:6a:96:
2a:50:54:b8:24:80:f8:14:a2:b6:5b:66:bd:55:e9:
6b:f5:ce:4d:60:d9:57:2f:6a:79:99:40:7c:eb:b2:
b2:17:29:83:cb:63:7b:4b:1a:69:d7:78:33:5b:1a:
a7:1a:b7:9b:e6:54:d6:43:1a:e7:ba:99:e8:61:41:
36:c7:ed:8c:dc:b0:37:6f:01:9c:01:dd:ee:1a:32:
c6:44:d0:4b:b4:3d:5a:f7:e6:85:95:29:f5:15:b0:
06:dd:f6:7e:88:ef:f3:d6:dc:56:d4:3d:62:e4:01:
c9:d5:de:03:3d:ab:49:28:12:6b:7b:b0:d5:92:b5:
3b:40:c7:e2:22:7b:29:1b:4c:0d:15:7c:c6:a0:44:
91:6d:e8:03:e2:38:96:3c:6a:d0:75:9c:44:50:fc:
83:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:4A:79:8C:56:B9:DE:40:D8:F4:E4:41:4B:43:82:75:2F:54:D5:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1277c797-1181-445f-b798-ef72bbfc284c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:e000::/40
Signature Algorithm: sha256WithRSAEncryption
04:59:4c:d9:93:27:ca:8b:6e:b2:79:0c:b5:af:8a:dd:a6:dc:
d0:b6:b5:2c:9b:d7:0a:1b:a2:e5:aa:9d:a6:53:d0:fc:3b:9e:
01:41:18:f8:ce:c9:2d:e0:65:3b:60:1f:20:6e:c7:2e:fd:08:
19:13:f3:00:20:b1:b9:63:1b:d7:21:f7:79:68:3f:cd:f6:05:
7a:b5:6f:de:44:86:54:01:22:da:92:47:b1:a5:cb:ed:fa:46:
71:80:ea:25:9c:5e:50:9c:c2:08:da:fe:03:2a:cf:79:00:99:
78:a7:fe:56:0a:1b:73:3e:aa:21:b7:0a:9b:64:f8:a1:39:e8:
a4:1a:13:df:55:aa:ff:2f:2d:6d:7e:e3:8d:a9:69:79:bd:55:
6d:22:d9:7d:2a:9b:01:1b:a8:22:4a:f2:f2:15:d1:e2:56:92:
a7:57:c5:a5:a6:72:b6:cb:8f:5b:7e:fe:61:e0:52:46:3b:d9:
d1:df:04:a7:cc:f9:31:4d:e9:11:a7:4f:c3:22:d2:00:61:31:
5e:46:10:ef:2c:48:b8:be:76:00:8d:7a:21:0b:d2:0a:94:42:
10:02:30:89:11:04:7b:73:80:32:57:2c:5d:94:c3:c7:d3:20:
73:a0:90:a0:10:6c:a1:87:6b:7b:6b:62:1b:22:04:06:d2:63:
b7:5a:dc:58
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB5t2ySr2y096FrI1vhT8iVc+7kAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzA0NThaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2YWY2ZGNmZTRjODdhYjE1ZmRmZjljODlhOGZmZGMwMGY0OTczMjJlZDJm
ZmQ4NDQxYjgzMmNiNTQ0ZjNlNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4eWNgnKgnvcywdq5KO3sZpgJPHwlaAlntjd1drepjuHVBTzWeGpkk/nPyx
naxEy4wcGuq69iBx0uSW4iWFsmA3KP4nPG/Tk2P6PR7pz0ugxp4j6QS7pVvi6M7m
8B5c4NZUXDyNaWqWKlBUuCSA+BSitltmvVXpa/XOTWDZVy9qeZlAfOuyshcpg8tj
e0saadd4M1sapxq3m+ZU1kMa57qZ6GFBNsftjNywN28BnAHd7hoyxkTQS7Q9Wvfm
hZUp9RWwBt32fojv89bcVtQ9YuQBydXeAz2rSSgSa3uw1ZK1O0DH4iJ7KRtMDRV8
xqBEkW3oA+I4ljxq0HWcRFD8g5sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfSnmM
VrneQNj05EFLQ4J1L1TVJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTI3N2M3OTctMTE4MS00NDVmLWI3OTgtZWY3MmJiZmMyODRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTg
MA0GCSqGSIb3DQEBCwUAA4IBAQAEWUzZkyfKi26yeQy1r4rdptzQtrUsm9cKG6Ll
qp2mU9D8O54BQRj4zskt4GU7YB8gbscu/QgZE/MAILG5YxvXIfd5aD/N9gV6tW/e
RIZUASLakkexpcvt+kZxgOolnF5QnMII2v4DKs95AJl4p/5WChtzPqohtwqbZPih
OeikGhPfVar/Ly1tfuONqWl5vVVtItl9KpsBG6giSvLyFdHiVpKnV8WlpnK2y49b
fv5h4FJGO9nR3wSnzPkxTekRp0/DItIAYTFeRhDvLEi4vnYAjXohC9IKlEIQAjCJ
EQR7c4AyVyxdlMPH0yBzoJCgEGyhh2t7a2IbIgQG0mO3WtxY
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:00:38 2025 by rpki-client