Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
File: 1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa (raw, json)
Hash identifier: xJm/0YgxfLYaCjWIEMQhkiP9Y8IZtYggc3PgSUQIGxU=
Subject key identifier: DE:C3:C8:E5:42:99:03:3C:93:C6:74:13:0E:8B:82:60:C0:80:6E:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38E171C6066110960438A07BAA1BD7F2D8927376
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
Signing time: Fri 26 Sep 2025 20:11:17 +0000
ROA not before: Fri 26 Sep 2025 20:11:17 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:e1:71:c6:06:61:10:96:04:38:a0:7b:aa:1b:d7:f2:d8:92:73:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:11:17 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=2f177dc1047ebce627d037681762c6e0f9def5045a269cfa31a2c2b6e3fe746f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:71:89:da:27:9b:64:3b:2e:cc:86:19:8c:33:
09:49:27:d1:3c:5f:62:a9:bc:ab:81:1c:66:0d:90:
97:68:3d:1d:4a:a5:08:d7:df:24:62:fa:cf:8e:53:
2b:b3:1f:c0:8f:88:82:3c:64:21:13:5d:db:5c:09:
16:56:40:6e:f5:c2:5d:37:58:36:68:f8:f7:e3:c1:
6f:61:7d:82:66:43:3b:93:0a:64:50:f7:e8:b9:ce:
c8:71:55:c4:b4:bd:23:24:db:3b:c5:5a:aa:d3:12:
eb:42:5e:06:ff:ae:f0:41:bd:26:3a:e3:79:27:f0:
d0:b2:94:c4:45:1d:ba:1a:f7:64:ad:51:4c:eb:48:
ac:2e:7d:cb:4a:ca:f9:e9:0f:b0:53:12:16:d6:ed:
b1:44:ef:3c:ac:95:0a:a4:23:bc:a8:23:5d:04:5e:
15:77:d0:bb:dd:f1:d8:18:77:52:45:71:64:fc:88:
01:03:d6:ea:25:16:76:42:c2:f4:d2:bf:8c:07:04:
b1:d3:8f:ce:05:df:d2:b6:73:de:79:ab:9e:09:31:
76:8e:38:b7:a2:0d:81:4f:3c:be:dd:57:85:2a:79:
df:b3:a9:e1:13:77:98:d2:26:ca:da:76:96:d6:cd:
1b:d2:b2:d0:c9:fa:b2:de:98:d2:ca:20:47:73:88:
86:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C3:C8:E5:42:99:03:3C:93:C6:74:13:0E:8B:82:60:C0:80:6E:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d:800::/37
Signature Algorithm: sha256WithRSAEncryption
c4:7c:fd:ea:ab:02:12:bb:e5:9a:ea:62:6c:6d:89:cb:3b:e8:
80:b6:9c:fe:42:1f:d4:90:ae:ef:8e:5d:e1:3e:6c:e5:c1:d6:
30:4a:ee:20:55:b2:da:44:e0:79:c1:fc:02:5c:37:14:ce:a4:
f9:bb:52:30:46:ef:45:b0:4b:27:a3:b1:f0:97:00:50:98:ca:
83:72:70:90:5f:b5:94:2c:05:cf:b6:fc:4d:59:7e:e4:1c:ed:
dd:64:57:eb:e6:77:fa:5c:09:4a:1c:f5:8c:63:bb:ad:8e:3f:
47:5c:ef:e0:a3:72:6d:6a:2b:bf:fb:79:ec:08:c0:b9:d8:bb:
1f:e7:7f:c1:a1:a9:14:63:8a:51:1f:f9:c3:b7:7b:97:aa:91:
7a:a9:18:20:a6:46:d8:1b:8f:81:65:95:9c:67:ec:ce:e4:b5:
12:5f:bf:bb:14:73:9b:5f:3d:8a:5b:da:e2:51:5e:df:e9:ee:
f9:28:4a:fe:f1:14:04:c4:f7:f3:c1:e5:d8:f5:e3:9c:4f:77:
42:fd:55:da:a7:b3:11:87:e3:a4:e2:42:33:55:f6:e8:ad:05:
46:1a:a3:3d:7d:d5:14:99:72:fb:29:24:ff:fe:94:2e:3b:4b:
a4:95:54:ad:73:0b:fc:8b:96:34:75:7a:b5:b5:4f:55:d2:59:
1d:9f:8b:70
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOOFxxgZhEJYEOKB7qhvX8tiSc3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDExMTdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmMTc3ZGMxMDQ3ZWJjZTYyN2QwMzc2ODE3NjJjNmUwZjlkZWY1MDQ1YTI2
OWNmYTMxYTJjMmI2ZTNmZTc0NmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRxidonm2Q7LsyGGYwzCUkn0TxfYqm8q4EcZg2Ql2g9HUqlCNffJGL6z45T
K7MfwI+IgjxkIRNd21wJFlZAbvXCXTdYNmj49+PBb2F9gmZDO5MKZFD36LnOyHFV
xLS9IyTbO8VaqtMS60JeBv+u8EG9JjrjeSfw0LKUxEUduhr3ZK1RTOtIrC59y0rK
+ekPsFMSFtbtsUTvPKyVCqQjvKgjXQReFXfQu93x2Bh3UkVxZPyIAQPW6iUWdkLC
9NK/jAcEsdOPzgXf0rZz3nmrngkxdo44t6INgU88vt1XhSp537Op4RN3mNImytp2
ltbNG9Ky0Mn6st6Y0sogR3OIhoECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTew8jl
QpkDPJPGdBMOi4JgwIBuxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ0ODBiNmQtMjVmYy00ZjM3LWIxMjUtZjQ1Y2UyMzZmNGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0I
MA0GCSqGSIb3DQEBCwUAA4IBAQDEfP3qqwISu+Wa6mJsbYnLO+iAtpz+Qh/UkK7v
jl3hPmzlwdYwSu4gVbLaROB5wfwCXDcUzqT5u1IwRu9FsEsno7HwlwBQmMqDcnCQ
X7WULAXPtvxNWX7kHO3dZFfr5nf6XAlKHPWMY7utjj9HXO/go3Jtaiu/+3nsCMC5
2Lsf53/BoakUY4pRH/nDt3uXqpF6qRggpkbYG4+BZZWcZ+zO5LUSX7+7FHObXz2K
W9riUV7f6e75KEr+8RQExPfzweXY9eOcT3dC/VXap7MRh+Ok4kIzVfborQVGGqM9
fdUUmXL7KST//pQuO0uklVStcwv8i5Y0dXq1tU9V0lkdn4tw
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:49 2025 by rpki-client