Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
File: 4304a130-e9d1-47a4-8ecf-5d755740a478.roa (raw, json)
Hash identifier: gjhjnortN5/v1BCySep1k3iFwuyX4K0Gu/qzHQVy51k=
Subject key identifier: 3E:E2:CD:63:5B:16:85:56:39:89:D6:22:49:EF:C3:9B:A3:97:72:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C8BBD04A24B37CEB9E169DF5EA34C3165273724
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
Signing time: Fri 26 Sep 2025 19:01:14 +0000
ROA not before: Fri 26 Sep 2025 19:01:14 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:8b:bd:04:a2:4b:37:ce:b9:e1:69:df:5e:a3:4c:31:65:27:37:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:01:14 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=332aa461eee79414ac75094da8df266cf8aabbb132523b557fa78de4f9615a16, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c2:41:33:5b:90:03:65:be:bf:94:65:6e:9b:
e8:e1:80:58:e8:42:06:a6:7e:c0:81:4a:4b:0b:46:
09:af:06:56:34:dd:c3:f1:f5:22:0c:d5:24:14:b1:
18:00:8e:35:cd:a2:31:5b:b8:73:56:a6:b9:9a:63:
7e:67:ea:43:4e:bd:05:cd:98:f3:a3:61:6b:ea:36:
76:48:31:ed:45:f0:2a:8f:bb:7a:66:b7:f0:76:3d:
10:80:03:65:9f:f2:b2:50:e1:5e:37:64:4a:ce:63:
48:62:0a:51:3e:9f:7d:f0:70:e0:9f:6f:2c:be:26:
39:b2:2e:1e:31:1c:78:1c:b9:ad:d5:d8:77:a6:ad:
a3:c6:d5:c6:82:b0:fe:b9:ef:60:eb:92:c3:01:57:
28:e9:fb:a1:8a:9e:45:df:55:75:cb:10:55:5e:d7:
8c:30:a5:36:13:f3:45:65:67:31:d6:39:73:76:a8:
78:6c:f0:43:13:03:61:8b:0f:f2:22:ce:cb:ce:e6:
c1:1e:45:86:42:02:fa:35:6d:66:8f:99:5c:96:d4:
d5:b2:3d:2c:90:18:56:22:88:67:02:df:7b:51:c5:
53:08:15:96:e5:85:70:4f:de:48:d4:57:8b:c7:76:
5e:67:a4:02:eb:02:6d:fc:78:5b:a2:72:11:29:19:
5e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E2:CD:63:5B:16:85:56:39:89:D6:22:49:EF:C3:9B:A3:97:72:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
1c:f3:60:b8:3e:6a:87:13:85:0c:fe:ec:fd:bd:70:10:8c:06:
4a:99:c2:3d:09:d0:57:13:88:ad:c2:60:c4:0f:40:03:8e:bb:
56:dd:49:3b:15:12:37:66:a8:42:ce:2d:12:67:0b:03:a1:56:
68:f9:2f:c8:4c:43:ff:61:dc:3b:97:04:56:71:ae:d3:a0:b5:
30:25:69:bb:b3:87:7f:7c:c6:48:67:41:d3:87:6a:9a:8f:56:
cf:34:9b:cd:5c:4f:f0:cf:62:41:61:25:8d:d7:d8:97:d3:a4:
7b:85:38:94:ec:54:e6:6e:e0:c2:04:de:13:e9:32:5f:ca:7d:
fb:6b:71:55:63:80:00:18:a2:96:8d:25:63:35:72:cf:5c:73:
81:fe:d4:60:2f:5d:d5:a5:d2:9b:0b:12:6d:18:7a:42:23:f9:
c7:91:d0:da:de:1a:87:8b:68:9f:21:ea:62:9b:d2:4b:da:80:
2f:04:a8:f2:0e:cf:37:4d:3e:c1:54:57:33:dc:29:35:2b:02:
49:a9:17:a3:76:75:af:1f:10:f9:d7:97:d0:ed:fb:cf:77:28:
83:30:ba:b7:be:51:30:66:5e:07:cd:4f:bc:49:32:fd:1d:62:
7d:9c:b2:cb:13:33:8d:a7:da:21:80:9c:ec:d6:ed:5e:f3:03:
75:b3:a7:2a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPIu9BKJLN8654WnfXqNMMWUnNyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTAxMTRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzMmFhNDYxZWVlNzk0MTRhYzc1MDk0ZGE4ZGYyNjZjZjhhYWJiYjEzMjUy
M2I1NTdmYTc4ZGU0Zjk2MTVhMTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/CQTNbkANlvr+UZW6b6OGAWOhCBqZ+wIFKSwtGCa8GVjTdw/H1IgzVJBSx
GACONc2iMVu4c1amuZpjfmfqQ069Bc2Y86Nha+o2dkgx7UXwKo+7ema38HY9EIAD
ZZ/yslDhXjdkSs5jSGIKUT6fffBw4J9vLL4mObIuHjEceBy5rdXYd6ato8bVxoKw
/rnvYOuSwwFXKOn7oYqeRd9VdcsQVV7XjDClNhPzRWVnMdY5c3aoeGzwQxMDYYsP
8iLOy87mwR5FhkIC+jVtZo+ZXJbU1bI9LJAYViKIZwLfe1HFUwgVluWFcE/eSNRX
i8d2XmekAusCbfx4W6JyESkZXgECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ+4s1j
WxaFVjmJ1iJJ78Obo5dyuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMwNGExMzAtZTlkMS00N2E0LThlY2YtNWQ3NTU3NDBhNDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
4DANBgkqhkiG9w0BAQsFAAOCAQEAHPNguD5qhxOFDP7s/b1wEIwGSpnCPQnQVxOI
rcJgxA9AA467Vt1JOxUSN2aoQs4tEmcLA6FWaPkvyExD/2HcO5cEVnGu06C1MCVp
u7OHf3zGSGdB04dqmo9WzzSbzVxP8M9iQWEljdfYl9Oke4U4lOxU5m7gwgTeE+ky
X8p9+2txVWOAABiilo0lYzVyz1xzgf7UYC9d1aXSmwsSbRh6QiP5x5HQ2t4ah4to
nyHqYpvSS9qALwSo8g7PN00+wVRXM9wpNSsCSakXo3Z1rx8Q+deX0O37z3cogzC6
t75RMGZeB81PvEky/R1ifZyyyxMzjafaIYCc7NbtXvMDdbOnKg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:32 2025 by rpki-client