Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
File: 4408cd10-0fa6-407f-adbc-3a7a668523d6.roa (raw, json)
Hash identifier: A18O8uI0M34hbKu5jXodFIdZhCNRUu1ODtDG+0yTKrQ=
Subject key identifier: F9:7E:ED:6B:2A:EA:7F:E6:46:15:24:1D:11:6D:29:74:C5:59:E7:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3E0D67E20EFBF3520EF7BE1EA5683445F6222B35
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
Signing time: Fri 26 Sep 2025 18:20:24 +0000
ROA not before: Fri 26 Sep 2025 18:20:24 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:0d:67:e2:0e:fb:f3:52:0e:f7:be:1e:a5:68:34:45:f6:22:2b:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:20:24 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=14e3cb7ff48f0309068be07c833aec53c112a7acf5e342213b529797b9b5fa63, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:70:7e:ed:f1:c3:f8:30:fa:49:5a:96:eb:99:
eb:58:ef:c6:80:34:3d:22:05:95:e3:06:e8:12:f2:
90:6c:8c:e9:d1:db:40:f0:0c:c4:8a:ec:62:3f:6c:
03:78:0c:e6:85:67:4b:6e:7d:5b:df:16:4a:02:97:
53:b0:4a:53:fa:3d:4e:af:43:2c:0b:3a:e1:cc:c2:
5a:28:0b:b6:03:1a:d1:1c:e4:70:8a:f7:e3:73:c8:
fd:4d:c0:86:f3:be:8f:13:cd:dd:4f:b9:49:05:bd:
05:e4:55:5b:2f:32:cb:9b:ed:1d:a7:af:37:66:63:
2d:46:db:43:be:a4:22:56:30:39:ee:da:4a:6e:62:
a0:5f:b6:e0:97:6b:82:01:78:b9:e9:aa:4d:30:5c:
b1:b6:7e:cb:d9:6f:a4:d7:be:a1:a6:dc:63:87:de:
be:09:a8:ed:32:5a:30:0a:0f:d7:e1:10:69:89:f9:
86:c4:f5:23:e7:5b:f7:e7:35:66:13:95:34:0d:39:
39:fe:27:28:03:fd:70:41:d5:84:5d:f6:31:83:e3:
6d:8f:7c:6b:52:7a:a3:d1:5a:f9:94:e3:80:ca:67:
06:8c:1a:ae:fe:f9:f9:94:6f:58:cf:29:38:36:ad:
1f:9b:37:8b:1e:27:74:c9:7c:94:41:7b:10:9f:32:
85:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:7E:ED:6B:2A:EA:7F:E6:46:15:24:1D:11:6D:29:74:C5:59:E7:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1040::/48
Signature Algorithm: sha256WithRSAEncryption
c6:6a:af:03:85:4d:8c:f0:1e:7a:d1:10:02:c9:84:7c:68:67:
12:92:7c:84:25:5c:04:a8:a1:1f:e4:f5:1c:fb:e8:59:c9:f1:
ba:b7:f4:d4:4b:f5:ca:54:e6:1e:df:d8:7c:09:14:23:c6:32:
fd:d1:fa:9f:5d:36:6a:92:c3:bc:3a:ef:43:f8:56:35:73:52:
39:98:4e:1f:5f:7b:e5:32:14:77:73:bf:e2:2e:04:b5:08:c8:
6a:3b:d0:bd:71:f2:30:11:0c:1d:64:7c:1c:1c:ef:f2:ce:37:
ae:05:a1:62:6a:97:25:8c:a3:60:5d:4b:18:03:07:05:09:b5:
82:dc:5a:5e:c9:f4:fa:a7:b2:61:29:8e:c6:52:44:59:42:a6:
c8:91:70:d1:e1:c3:7c:fa:3e:51:e0:70:81:3e:87:e1:3f:29:
ab:79:be:4e:ca:fa:17:d2:f0:3f:49:cd:41:11:59:79:c3:ef:
0b:2a:39:93:41:86:6e:0e:17:a4:55:ce:6e:c3:86:dd:ef:a2:
33:fa:dd:7d:30:87:fd:f4:82:00:07:8e:65:b1:df:24:3e:0c:
b4:0d:a6:a6:6e:b3:0b:61:ba:6e:8b:ce:54:ea:55:42:ec:92:
8f:cc:56:05:f1:80:0a:24:a1:77:e2:12:ea:fe:99:b1:49:89:
2f:95:f2:bd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPg1n4g7781IO974epWg0RfYiKzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODIwMjRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0ZTNjYjdmZjQ4ZjAzMDkwNjhiZTA3YzgzM2FlYzUzYzExMmE3YWNmNWUz
NDIyMTNiNTI5Nzk3YjliNWZhNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBwfu3xw/gw+klaluuZ61jvxoA0PSIFleMG6BLykGyM6dHbQPAMxIrsYj9s
A3gM5oVnS259W98WSgKXU7BKU/o9Tq9DLAs64czCWigLtgMa0RzkcIr343PI/U3A
hvO+jxPN3U+5SQW9BeRVWy8yy5vtHaevN2ZjLUbbQ76kIlYwOe7aSm5ioF+24Jdr
ggF4uemqTTBcsbZ+y9lvpNe+oabcY4fevgmo7TJaMAoP1+EQaYn5hsT1I+db9+c1
ZhOVNA05Of4nKAP9cEHVhF32MYPjbY98a1J6o9Fa+ZTjgMpnBowarv75+ZRvWM8p
ODatH5s3ix4ndMl8lEF7EJ8yhQsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT5fu1r
Kup/5kYVJB0RbSl0xVnnnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQwOGNkMTAtMGZhNi00MDdmLWFkYmMtM2E3YTY2ODUyM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAxmqvA4VNjPAeetEQAsmEfGhnEpJ8hCVcBKih
H+T1HPvoWcnxurf01Ev1ylTmHt/YfAkUI8Yy/dH6n102apLDvDrvQ/hWNXNSOZhO
H1975TIUd3O/4i4EtQjIajvQvXHyMBEMHWR8HBzv8s43rgWhYmqXJYyjYF1LGAMH
BQm1gtxaXsn0+qeyYSmOxlJEWUKmyJFw0eHDfPo+UeBwgT6H4T8pq3m+Tsr6F9Lw
P0nNQRFZecPvCyo5k0GGbg4XpFXObsOG3e+iM/rdfTCH/fSCAAeOZbHfJD4MtA2m
pm6zC2G6bovOVOpVQuySj8xWBfGACiShd+IS6v6ZsUmJL5XyvQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:06 2025 by rpki-client