Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
File: 4498c2d2-5806-4a94-bd91-8de10249561d.roa (raw, json)
Hash identifier: s9ZwCHFhojYRg2N4g1sSP/gEt1tIMGssXfbo4E3AvMc=
Subject key identifier: 16:93:9B:F0:E8:85:65:29:8D:12:3B:A2:80:0F:B9:88:C0:5F:D2:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0617433D6E31F6914CF82A03495C3579F558A883
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
Signing time: Fri 26 Sep 2025 19:20:05 +0000
ROA not before: Fri 26 Sep 2025 19:20:05 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:17:43:3d:6e:31:f6:91:4c:f8:2a:03:49:5c:35:79:f5:58:a8:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:20:05 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=3f3762b7d10b605d28f885b62e4d4bfdaf00f21f7682cb512f645f6892e1024e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:94:67:67:19:c8:a5:72:fb:1a:c6:02:38:01:
00:a8:40:57:b6:10:9e:da:8e:4d:de:e7:5b:23:6f:
6f:a1:b8:45:87:9b:9c:bc:66:a9:51:44:2e:ad:0a:
67:a0:0b:e2:d0:db:de:0d:42:d2:5d:0d:99:d2:da:
b3:4e:f6:62:2a:c4:ee:f2:2d:40:7b:ff:22:0a:cd:
fd:73:b4:dc:c0:7a:0e:e6:e5:68:41:6a:28:35:95:
9f:ed:44:47:97:fa:78:6d:9a:46:ab:0a:24:61:91:
35:f6:f8:2c:e3:6d:d7:59:dc:7c:ba:f0:af:ba:f5:
09:54:91:3c:f4:57:f4:59:c5:07:4c:41:36:be:6f:
8f:dc:cb:a5:17:84:bf:fe:f8:25:c2:c2:fd:ca:d4:
60:ad:31:6f:18:4f:d3:e2:02:b9:76:d2:1a:27:62:
75:63:70:2b:43:13:6b:61:46:45:f8:5b:c7:71:34:
ac:44:74:36:7c:3e:f7:a0:de:14:6e:9f:c5:d3:cb:
2b:2b:78:4c:16:ae:49:ea:0a:1f:67:16:cc:c5:c4:
68:fd:1b:02:72:e2:f3:68:38:e4:94:d8:cd:d7:7f:
45:cb:42:1f:06:a6:01:f9:d2:27:26:7c:a4:b8:d1:
46:6d:e5:20:72:03:36:f5:8d:da:31:d9:e9:c9:59:
1b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:93:9B:F0:E8:85:65:29:8D:12:3B:A2:80:0F:B9:88:C0:5F:D2:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:e000::/40
Signature Algorithm: sha256WithRSAEncryption
83:41:ac:69:f3:6a:82:42:2e:c0:72:30:8e:4c:1e:a8:48:67:
f8:bf:53:5d:36:b0:17:d7:c3:11:06:38:27:ea:65:d0:eb:28:
7a:9f:fc:fd:de:74:3e:70:ea:6a:73:e9:8c:05:75:66:9a:79:
fd:ef:44:70:4b:1e:b1:f9:53:dd:56:80:20:f4:80:8f:68:c5:
13:78:e6:63:af:7d:46:43:42:f2:a8:a2:63:a6:eb:28:ce:57:
fb:11:bc:cb:66:d8:87:31:c5:ca:53:93:89:a6:fd:2b:42:2a:
82:22:a1:92:0a:f4:2e:ae:1d:7f:18:0d:07:1d:ed:47:7c:06:
b0:a6:bf:9b:ef:78:b7:f2:73:db:82:de:d3:1f:5a:02:b7:b3:
c7:fd:37:3c:30:04:bb:f7:cb:95:e0:c2:d0:ee:09:15:7e:9a:
80:50:6e:15:e9:2e:13:9b:72:05:81:e6:88:5b:50:6b:86:53:
10:67:c7:02:71:04:b4:a2:bc:c0:32:b6:1d:a6:11:7d:f0:f0:
c3:6b:a7:fc:8d:1d:30:f2:a6:2b:86:be:f1:9b:8d:6d:83:d8:
72:09:b5:42:a1:48:11:d4:ce:27:5a:17:0a:98:13:99:f3:4f:
11:7b:3d:b7:af:54:6d:6c:94:78:fb:66:bd:d2:1e:91:7c:27:
2e:ab:9c:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBhdDPW4x9pFM+CoDSVw1efVYqIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTIwMDVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmMzc2MmI3ZDEwYjYwNWQyOGY4ODViNjJlNGQ0YmZkYWYwMGYyMWY3Njgy
Y2I1MTJmNjQ1ZjY4OTJlMTAyNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+UZ2cZyKVy+xrGAjgBAKhAV7YQntqOTd7nWyNvb6G4RYebnLxmqVFELq0K
Z6AL4tDb3g1C0l0NmdLas072YirE7vItQHv/IgrN/XO03MB6DublaEFqKDWVn+1E
R5f6eG2aRqsKJGGRNfb4LONt11ncfLrwr7r1CVSRPPRX9FnFB0xBNr5vj9zLpReE
v/74JcLC/crUYK0xbxhP0+ICuXbSGididWNwK0MTa2FGRfhbx3E0rER0Nnw+96De
FG6fxdPLKyt4TBauSeoKH2cWzMXEaP0bAnLi82g45JTYzdd/RctCHwamAfnSJyZ8
pLjRRm3lIHIDNvWN2jHZ6clZG1sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWk5vw
6IVlKY0SO6KAD7mIwF/SQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQ5OGMyZDItNTgwNi00YTk0LWJkOTEtOGRlMTAyNDk1NjFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hjg
MA0GCSqGSIb3DQEBCwUAA4IBAQCDQaxp82qCQi7AcjCOTB6oSGf4v1NdNrAX18MR
Bjgn6mXQ6yh6n/z93nQ+cOpqc+mMBXVmmnn970RwSx6x+VPdVoAg9ICPaMUTeOZj
r31GQ0LyqKJjpusozlf7EbzLZtiHMcXKU5OJpv0rQiqCIqGSCvQurh1/GA0HHe1H
fAawpr+b73i38nPbgt7TH1oCt7PH/Tc8MAS798uV4MLQ7gkVfpqAUG4V6S4Tm3IF
geaIW1BrhlMQZ8cCcQS0orzAMrYdphF98PDDa6f8jR0w8qYrhr7xm41tg9hyCbVC
oUgR1M4nWhcKmBOZ808Rez23r1RtbJR4+2a90h6RfCcuq5xf
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:10 2025 by rpki-client