Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
File: 455182aa-6d74-4447-81a6-6be09732e55d.roa (raw, json)
Hash identifier: I7O7ZICpJ074g/HsLZLL4FzrWzQO5DrRYvGuWeUxSo0=
Subject key identifier: D7:7F:42:D4:69:BC:6C:F7:4F:5B:22:E1:DD:2D:38:B8:C7:9B:31:33
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58FF90414282AFE5A01C60ABA4591446ACC7F0B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
Signing time: Fri 26 Sep 2025 19:50:26 +0000
ROA not before: Fri 26 Sep 2025 19:50:26 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:ff:90:41:42:82:af:e5:a0:1c:60:ab:a4:59:14:46:ac:c7:f0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:50:26 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=58b2ead2e83955ac93af832ae7901c7c440749898ec6a96b078885f398997bb9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:97:8b:da:69:fb:85:7f:bf:32:32:af:e1:9d:
e0:a1:e2:10:c8:13:5c:7f:dc:a5:9c:dc:4b:e6:15:
7c:25:24:cb:cf:6d:66:65:91:cf:de:c0:78:34:02:
4b:48:07:fb:fc:7d:ec:c0:78:84:95:73:a3:04:84:
67:0f:81:24:c7:5b:f2:85:09:bd:f1:72:3b:ca:a4:
50:1b:32:e0:62:b7:d6:18:91:cb:cf:3a:29:dc:8c:
d3:5b:f3:44:96:d6:c7:37:39:35:9d:b6:fa:21:60:
47:81:45:00:64:0b:48:5f:36:dc:43:3d:1c:7b:a0:
95:73:80:be:95:14:15:d5:50:0f:15:87:5f:a8:59:
68:42:94:1d:e5:0f:fc:ec:77:9f:69:c9:6f:7f:5f:
22:c4:53:67:91:07:9b:12:c6:1a:3e:c7:17:e1:bf:
5d:97:87:e4:d1:4b:ba:54:66:52:6e:12:66:1e:9f:
8d:2e:8b:a1:65:33:01:34:87:c4:65:6a:4e:1e:d3:
ff:69:f5:bf:f8:28:41:f4:4e:db:00:b7:ad:8a:15:
87:ec:b3:e9:c5:b1:2d:8f:a6:5f:4a:f3:93:09:b0:
37:18:a6:11:a6:92:a3:1e:37:44:68:b9:a3:f9:26:
14:18:74:98:5c:cd:d0:24:79:7f:dc:63:a5:3e:86:
68:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:7F:42:D4:69:BC:6C:F7:4F:5B:22:E1:DD:2D:38:B8:C7:9B:31:33
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:c00::/38
Signature Algorithm: sha256WithRSAEncryption
78:c8:3e:27:a2:f3:c0:c1:56:0c:bc:12:e5:35:4a:b3:d1:56:
10:cf:a6:92:a1:30:4a:0e:ff:f6:b0:ee:e4:ab:47:04:a0:4a:
38:f8:c5:0a:65:7b:52:2d:48:f6:0c:3f:88:b1:7b:23:ae:8e:
db:2d:c9:22:bd:2d:1b:81:f5:16:44:53:25:f8:48:f7:75:bb:
1b:71:33:66:6f:82:de:00:85:8c:ee:9c:cd:d6:1d:3f:6b:6f:
45:9d:55:ef:89:3d:38:0f:de:59:c4:86:6c:b3:e4:7f:de:d0:
a7:63:14:24:59:13:55:76:a6:c6:cb:fc:45:3a:20:ec:8a:35:
a8:52:aa:98:95:fa:92:c2:54:6d:71:4c:3e:3b:9c:f1:4f:45:
29:53:20:a0:6b:7a:75:36:19:58:43:b8:d5:1e:68:bf:0e:dc:
0e:7c:b0:52:b1:51:c8:d5:90:69:5f:f9:19:29:4e:24:01:7e:
48:31:a9:29:3f:23:2d:95:42:c6:11:2b:47:8b:26:63:d4:f2:
6a:96:0b:f8:56:01:18:85:98:95:c2:77:a5:6a:18:48:4f:56:
67:aa:26:9d:01:36:84:28:62:fb:f8:e4:c2:57:43:25:60:b9:
00:61:6e:ab:d0:e0:d5:5c:a1:6e:c6:90:7d:8d:ee:99:65:de:
cf:01:0c:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWP+QQUKCr+WgHGCrpFkURqzH8LYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTUwMjZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4YjJlYWQyZTgzOTU1YWM5M2FmODMyYWU3OTAxYzdjNDQwNzQ5ODk4ZWM2
YTk2YjA3ODg4NWYzOTg5OTdiYjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6Xi9pp+4V/vzIyr+Gd4KHiEMgTXH/cpZzcS+YVfCUky89tZmWRz97AeDQC
S0gH+/x97MB4hJVzowSEZw+BJMdb8oUJvfFyO8qkUBsy4GK31hiRy886KdyM01vz
RJbWxzc5NZ22+iFgR4FFAGQLSF823EM9HHuglXOAvpUUFdVQDxWHX6hZaEKUHeUP
/Ox3n2nJb39fIsRTZ5EHmxLGGj7HF+G/XZeH5NFLulRmUm4SZh6fjS6LoWUzATSH
xGVqTh7T/2n1v/goQfRO2wC3rYoVh+yz6cWxLY+mX0rzkwmwNximEaaSox43RGi5
o/kmFBh0mFzN0CR5f9xjpT6GaPECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTXf0LU
abxs909bIuHdLTi4x5sxMzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1MTgyYWEtNmQ3NC00NDQ3LTgxYTYtNmJlMDk3MzJlNTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4M
MA0GCSqGSIb3DQEBCwUAA4IBAQB4yD4novPAwVYMvBLlNUqz0VYQz6aSoTBKDv/2
sO7kq0cEoEo4+MUKZXtSLUj2DD+IsXsjro7bLckivS0bgfUWRFMl+Ej3dbsbcTNm
b4LeAIWM7pzN1h0/a29FnVXviT04D95ZxIZss+R/3tCnYxQkWRNVdqbGy/xFOiDs
ijWoUqqYlfqSwlRtcUw+O5zxT0UpUyCga3p1NhlYQ7jVHmi/DtwOfLBSsVHI1ZBp
X/kZKU4kAX5IMakpPyMtlULGEStHiyZj1PJqlgv4VgEYhZiVwnelahhIT1Znqiad
ATaEKGL7+OTCV0MlYLkAYW6r0ODVXKFuxpB9je6ZZd7PAQxa
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:31 2025 by rpki-client