Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
File: 41abc6c7-a6fb-4666-b503-a8a0784797a1.roa (raw, json)
Hash identifier: J6E0MxmJgP/RXR6/6jcVj5YhUc6/Fk8z9gyjiRF2NIE=
Subject key identifier: 63:C7:0F:BF:AE:D7:8E:B8:97:29:CA:FE:A3:F0:78:EE:E3:0E:58:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F7460E8D905E855F18DCACF4C9A98D5658DB93E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
Signing time: Fri 26 Sep 2025 19:00:58 +0000
ROA not before: Fri 26 Sep 2025 19:00:58 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:74:60:e8:d9:05:e8:55:f1:8d:ca:cf:4c:9a:98:d5:65:8d:b9:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:00:58 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=e9f34a8ebf66e0ada59f18ad4dbf125d0999950b1d84746f8ad759635782d0b1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:47:db:eb:71:d6:3a:69:2a:aa:79:89:ab:7e:
bc:9e:9d:12:a5:9c:7d:07:51:7a:b9:27:65:03:a7:
07:8c:c9:d4:22:ef:3b:0a:e1:be:cf:3c:39:9f:f3:
98:56:2a:9f:bb:22:a4:95:a5:ff:94:0d:76:a0:e1:
f4:79:fc:22:eb:16:2c:f6:42:3e:12:5c:2a:34:d2:
d5:31:08:e4:78:4d:11:dd:f5:5c:73:48:75:e6:a7:
a0:d2:53:ff:91:04:59:e6:2a:e1:6e:b3:ae:94:14:
b2:3d:ee:51:85:4f:da:b2:c5:2a:23:8d:96:42:bb:
da:ea:45:f1:c1:66:c5:57:84:ad:25:15:47:8a:89:
59:bc:27:a5:6b:20:74:7e:55:06:5e:f1:73:e6:56:
c4:18:c5:5b:4a:5e:7b:29:d1:4e:43:62:70:96:82:
45:37:c4:94:71:b6:4e:21:b6:9a:e4:d2:af:b7:65:
e7:c6:aa:c3:03:3c:23:ec:5c:ee:34:de:92:41:19:
6d:31:9a:4d:17:93:2f:9f:48:de:17:10:5a:63:a0:
ee:25:e6:2b:52:d8:24:27:ee:d4:be:6e:f1:89:23:
c2:11:4f:aa:f8:56:51:fa:04:4e:2b:09:1f:ee:fa:
9f:2d:92:25:e9:5d:72:92:df:87:96:18:45:27:00:
d2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C7:0F:BF:AE:D7:8E:B8:97:29:CA:FE:A3:F0:78:EE:E3:0E:58:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8000::/40
Signature Algorithm: sha256WithRSAEncryption
7c:52:10:8d:29:05:cd:1d:d0:a1:02:ba:f4:06:51:0e:cd:8a:
bd:8d:85:b9:b3:f3:86:01:d8:90:92:48:af:52:fc:d8:52:09:
8e:ce:ab:9f:cf:c5:66:16:9a:6d:4b:5d:bd:bf:08:7f:74:6d:
b3:e3:ad:87:d0:6d:69:31:c2:ad:90:1a:c6:16:6f:38:94:d1:
9c:38:54:bb:2c:dd:25:99:de:70:26:87:77:b7:b9:01:81:5c:
3c:0c:25:e8:a7:89:d3:3e:77:01:0a:e1:90:3f:4a:d6:90:3d:
f6:5c:9d:44:f5:5a:20:e5:9d:e0:77:50:1d:4a:4a:e3:2b:15:
8d:35:68:79:ab:f3:77:6f:4b:23:f1:13:98:47:48:fa:e9:c6:
9d:36:ff:1a:bc:1f:4e:51:55:03:38:03:f7:53:07:01:2b:ac:
65:ce:f8:a6:fa:38:21:97:52:8d:12:60:8d:0c:a8:11:bd:f3:
e0:33:53:b7:66:00:22:c3:9c:e9:6d:ed:a1:c6:ea:b4:d0:18:
b0:1f:2b:51:34:02:b5:67:51:a0:13:44:87:e6:92:00:d1:17:
6d:7f:ab:44:1c:a8:9f:e8:fa:31:21:3c:93:b6:79:c3:b8:5f:
88:aa:96:98:a6:b6:5f:b0:80:e9:85:f0:de:16:b5:86:2f:22:
32:81:35:e8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT3Rg6NkF6FXxjcrPTJqY1WWNuT4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTAwNThaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5ZjM0YThlYmY2NmUwYWRhNTlmMThhZDRkYmYxMjVkMDk5OTk1MGIxZDg0
NzQ2ZjhhZDc1OTYzNTc4MmQwYjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI1H2+tx1jppKqp5iat+vJ6dEqWcfQdRerknZQOnB4zJ1CLvOwrhvs88OZ/z
mFYqn7sipJWl/5QNdqDh9Hn8IusWLPZCPhJcKjTS1TEI5HhNEd31XHNIdeanoNJT
/5EEWeYq4W6zrpQUsj3uUYVP2rLFKiONlkK72upF8cFmxVeErSUVR4qJWbwnpWsg
dH5VBl7xc+ZWxBjFW0peeynRTkNicJaCRTfElHG2TiG2muTSr7dl58aqwwM8I+xc
7jTekkEZbTGaTReTL59I3hcQWmOg7iXmK1LYJCfu1L5u8YkjwhFPqvhWUfoETisJ
H+76ny2SJeldcpLfh5YYRScA0n8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRjxw+/
rteOuJcpyv6j8Hju4w5YfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDFhYmM2YzctYTZmYi00NjY2LWI1MDMtYThhMDc4NDc5N2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACA
MA0GCSqGSIb3DQEBCwUAA4IBAQB8UhCNKQXNHdChArr0BlEOzYq9jYW5s/OGAdiQ
kkivUvzYUgmOzqufz8VmFpptS129vwh/dG2z462H0G1pMcKtkBrGFm84lNGcOFS7
LN0lmd5wJod3t7kBgVw8DCXop4nTPncBCuGQP0rWkD32XJ1E9Vog5Z3gd1AdSkrj
KxWNNWh5q/N3b0sj8ROYR0j66cadNv8avB9OUVUDOAP3UwcBK6xlzvim+jghl1KN
EmCNDKgRvfPgM1O3ZgAiw5zpbe2hxuq00BiwHytRNAK1Z1GgE0SH5pIA0Rdtf6tE
HKif6PoxITyTtnnDuF+IqpaYprZfsIDphfDeFrWGLyIygTXo
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:39 2025 by rpki-client