Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
File: 37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa (raw, json)
Hash identifier: HutkUz62emLL9fXp8R34yyyoQ+UKMno/KP9GrKZbbzE=
Subject key identifier: 8F:E5:A9:6E:3D:73:E9:F0:7E:33:42:09:CA:74:AA:4F:D8:A9:82:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1CB882AB4C5BB32384ACBEBCD368FAFD605E8BDE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
Signing time: Fri 26 Sep 2025 19:51:02 +0000
ROA not before: Fri 26 Sep 2025 19:51:02 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:b8:82:ab:4c:5b:b3:23:84:ac:be:bc:d3:68:fa:fd:60:5e:8b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:51:02 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=d9b3d1620ad7f934b47f8bdcabe7a3b2bf73b58beb1638b966cdc82cdb428c39, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:12:6c:c0:4c:23:29:4c:90:74:4d:1c:1a:ae:
81:3a:76:c5:7f:b4:30:6c:2c:b8:b3:5a:54:53:8e:
69:36:27:5e:f0:4b:7b:67:83:60:24:75:e0:84:d0:
fb:79:5d:78:c5:70:7e:6d:ed:53:42:2b:94:07:0a:
e4:26:33:9d:b5:75:6b:5f:06:49:9e:b2:59:51:a4:
3f:f2:cf:79:00:36:b5:10:c5:24:bf:03:16:fd:d7:
5a:8c:d0:98:ff:7c:d0:82:bd:bc:af:82:e9:a8:a1:
ff:d7:4a:8f:11:d8:85:a4:38:d9:4c:9b:be:1e:07:
96:de:ec:09:6c:8a:6f:b2:a6:e3:fd:6f:ef:f1:1e:
1d:43:7b:f3:ce:15:08:9f:d3:bb:90:97:d4:4f:e3:
d0:58:68:a3:f6:0e:ae:b8:d7:a9:16:fd:50:99:bf:
b8:74:7d:3a:ac:72:21:0d:8d:06:66:af:47:22:06:
a3:26:98:93:2c:cc:c5:fb:07:3a:4e:7e:f6:65:d3:
e3:ee:7f:0e:d6:c0:4e:52:b8:55:60:81:67:4e:0f:
af:51:1e:5f:90:5e:5e:72:80:87:6b:e9:42:84:16:
0f:27:a5:0d:8d:ed:2d:45:ca:9c:1d:fc:67:66:0d:
89:32:02:d2:c6:f6:56:35:83:4b:ee:4e:96:e8:2b:
75:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E5:A9:6E:3D:73:E9:F0:7E:33:42:09:CA:74:AA:4F:D8:A9:82:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:8000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:29:76:0d:3a:3a:33:66:21:54:65:4f:c9:af:02:2a:b0:86:
32:27:2f:2b:b0:6c:a0:99:1a:3f:e1:47:04:c4:86:04:34:98:
82:c3:5f:00:43:6e:d2:cd:71:55:95:17:a2:79:bf:91:24:ca:
a9:9d:60:d6:af:3d:f3:9e:4e:94:6e:2e:67:34:5c:7d:ec:a7:
18:ef:9b:72:fb:09:71:91:19:fe:d7:d8:bf:f1:82:1f:2c:71:
b3:7c:73:d4:08:7d:95:9a:16:ab:13:8c:53:2d:94:8f:bc:01:
5f:94:a8:3d:c0:97:fd:c7:21:09:f2:e6:d0:1c:df:5c:32:a9:
fd:40:4e:f8:1a:63:98:b7:1c:65:29:1b:74:37:c2:86:a1:3f:
fd:b7:2f:46:19:a9:76:f9:0d:d9:88:55:58:01:8a:2c:f9:0f:
2d:86:8c:24:61:c6:0f:c1:42:4f:1e:30:eb:5d:dc:10:ec:c8:
ce:30:24:0e:b0:91:a7:06:93:fa:59:5b:ff:2d:03:8a:88:bc:
d0:da:95:1d:82:a6:56:ee:40:9c:18:c8:55:f9:00:63:e3:a6:
ff:67:cd:4a:a0:6b:3c:8c:0b:e8:f6:92:6b:2f:20:30:c0:d5:
bc:1c:72:24:92:a2:6d:ee:09:8f:bc:3a:af:c0:5c:4b:41:86:
9b:17:7d:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHLiCq0xbsyOErL6802j6/WBei94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTUxMDJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5YjNkMTYyMGFkN2Y5MzRiNDdmOGJkY2FiZTdhM2IyYmY3M2I1OGJlYjE2
MzhiOTY2Y2RjODJjZGI0MjhjMzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMESbMBMIylMkHRNHBqugTp2xX+0MGwsuLNaVFOOaTYnXvBLe2eDYCR14ITQ
+3ldeMVwfm3tU0IrlAcK5CYznbV1a18GSZ6yWVGkP/LPeQA2tRDFJL8DFv3XWozQ
mP980IK9vK+C6aih/9dKjxHYhaQ42Uybvh4Hlt7sCWyKb7Km4/1v7/EeHUN7884V
CJ/Tu5CX1E/j0Fhoo/YOrrjXqRb9UJm/uHR9OqxyIQ2NBmavRyIGoyaYkyzMxfsH
Ok5+9mXT4+5/DtbATlK4VWCBZ04Pr1EeX5BeXnKAh2vpQoQWDyelDY3tLUXKnB38
Z2YNiTIC0sb2VjWDS+5OlugrddMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSP5alu
PXPp8H4zQgnKdKpP2KmCfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdmODQ3OGYtNWVmOC00ZmU1LWI5YTItMWJiZDYwNWE2YWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaA
MA0GCSqGSIb3DQEBCwUAA4IBAQA8KXYNOjozZiFUZU/JrwIqsIYyJy8rsGygmRo/
4UcExIYENJiCw18AQ27SzXFVlReieb+RJMqpnWDWrz3znk6Ubi5nNFx97KcY75ty
+wlxkRn+19i/8YIfLHGzfHPUCH2VmharE4xTLZSPvAFflKg9wJf9xyEJ8ubQHN9c
Mqn9QE74GmOYtxxlKRt0N8KGoT/9ty9GGal2+Q3ZiFVYAYos+Q8thowkYcYPwUJP
HjDrXdwQ7MjOMCQOsJGnBpP6WVv/LQOKiLzQ2pUdgqZW7kCcGMhV+QBj46b/Z81K
oGs8jAvo9pJrLyAwwNW8HHIkkqJt7gmPvDqvwFxLQYabF32i
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:29 2025 by rpki-client