Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: diyKEV1TMexYeOiwleXwiyPhLP6CDhoY6R4FwJU9X1Q=
Subject key identifier: BB:B6:DD:40:E9:E3:10:A9:F5:0C:BB:D4:08:7E:5A:6D:91:0C:78:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CD8583C265897ADA49BF12E67CB1131025D78B0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Fri 26 Sep 2025 19:40:12 +0000
ROA not before: Fri 26 Sep 2025 19:40:12 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:d8:58:3c:26:58:97:ad:a4:9b:f1:2e:67:cb:11:31:02:5d:78:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:40:12 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=0ebb2a5b24068277691ef06715317658d15a5487b9366b229cbc920bcc7f2a5c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a3:5d:72:53:00:a5:29:6f:5a:46:80:d9:25:
79:7f:54:12:cf:1b:7f:f4:6b:b7:11:36:5c:5a:bd:
a0:e0:d0:4a:9b:fc:5c:ea:75:83:5a:0c:1d:48:36:
b1:da:40:4b:38:b3:c4:07:e2:89:69:45:f0:d6:ee:
42:2b:b1:71:73:89:9e:d8:f2:65:88:c8:71:fa:9b:
77:25:86:5b:1a:ea:99:b2:3a:ec:78:06:62:5e:80:
fa:cf:94:82:f4:c0:05:06:b0:aa:3c:2a:ea:5d:f3:
27:07:8d:c1:6f:31:11:59:40:d1:8e:e4:80:88:5d:
10:1b:73:de:ae:f2:83:15:72:5c:0a:50:35:08:c1:
01:c3:64:50:20:19:db:46:1c:40:d1:66:59:3c:86:
3f:6b:e3:b9:00:f4:df:5d:11:f5:30:35:39:ff:71:
77:0c:3a:c9:e4:b8:6b:58:a6:27:fe:3d:63:5d:6b:
fc:cc:1d:41:78:50:40:87:d9:7b:de:7b:b0:fe:49:
f3:6d:4a:75:23:3c:05:5c:19:06:ca:41:60:0e:13:
a6:3e:35:20:1a:ed:64:98:93:5f:ee:02:67:31:20:
2a:00:7c:23:af:b5:68:12:b5:56:b9:f2:9b:d9:9a:
bc:51:cf:ef:4d:10:19:6f:6a:ae:99:a7:81:0f:26:
a8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B6:DD:40:E9:E3:10:A9:F5:0C:BB:D4:08:7E:5A:6D:91:0C:78:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
80:a1:70:7b:5b:3b:47:d5:c2:76:5e:d6:43:75:78:63:8c:4c:
21:61:82:03:e1:be:48:11:ea:1a:1e:ce:55:cc:8d:68:47:99:
d8:2e:85:a0:74:f8:65:0c:ad:fb:56:a2:57:18:f5:01:e5:24:
52:1f:d9:50:05:8b:9d:ca:31:0c:f1:cc:63:b1:2e:98:5d:e1:
f8:60:8b:ed:a2:7f:2e:98:58:b8:d7:f8:ab:41:15:e7:ad:71:
50:8d:eb:77:1f:41:90:c2:69:2a:b0:66:6b:8d:ea:25:8d:08:
83:ce:d2:8f:4e:b0:82:bb:04:64:e6:80:33:bd:67:f6:23:45:
c3:18:49:a8:6c:5b:7d:b1:6a:d4:21:87:43:4a:f8:ea:6e:df:
6f:a4:7b:a5:09:d6:a5:66:09:b8:6d:f4:58:fc:cc:98:0c:7a:
74:a9:c3:1d:10:a8:83:77:53:56:53:31:d8:6c:4e:20:71:1f:
b3:b2:96:87:1a:08:3b:31:17:42:8f:be:bb:f7:8b:a9:f4:a5:
8c:57:ee:26:8c:44:e6:e5:df:d9:b7:7f:97:2e:d2:9f:7a:b9:
1b:44:6b:70:ce:4f:da:56:75:46:4a:a5:53:42:3b:75:2f:a3:
f0:3a:d6:58:c3:37:59:7d:d8:70:16:bd:c2:9b:14:4e:e0:6a:
e9:7f:41:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfNhYPCZYl62km/EuZ8sRMQJdeLAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQwMTJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlYmIyYTViMjQwNjgyNzc2OTFlZjA2NzE1MzE3NjU4ZDE1YTU0ODdiOTM2
NmIyMjljYmM5MjBiY2M3ZjJhNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqjXXJTAKUpb1pGgNkleX9UEs8bf/RrtxE2XFq9oODQSpv8XOp1g1oMHUg2
sdpASzizxAfiiWlF8NbuQiuxcXOJntjyZYjIcfqbdyWGWxrqmbI67HgGYl6A+s+U
gvTABQawqjwq6l3zJweNwW8xEVlA0Y7kgIhdEBtz3q7ygxVyXApQNQjBAcNkUCAZ
20YcQNFmWTyGP2vjuQD0310R9TA1Of9xdww6yeS4a1imJ/49Y11r/MwdQXhQQIfZ
e957sP5J821KdSM8BVwZBspBYA4Tpj41IBrtZJiTX+4CZzEgKgB8I6+1aBK1Vrny
m9mavFHP700QGW9qrpmngQ8mqGsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS7tt1A
6eMQqfUMu9QIflptkQx4szAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQCAoXB7WztH1cJ2XtZDdXhjjEwhYYID4b5IEeoa
Hs5VzI1oR5nYLoWgdPhlDK37VqJXGPUB5SRSH9lQBYudyjEM8cxjsS6YXeH4YIvt
on8umFi41/irQRXnrXFQjet3H0GQwmkqsGZrjeoljQiDztKPTrCCuwRk5oAzvWf2
I0XDGEmobFt9sWrUIYdDSvjqbt9vpHulCdalZgm4bfRY/MyYDHp0qcMdEKiDd1NW
UzHYbE4gcR+zspaHGgg7MRdCj76794up9KWMV+4mjETm5d/Zt3+XLtKferkbRGtw
zk/aVnVGSqVTQjt1L6PwOtZYwzdZfdhwFr3CmxRO4Grpf0Hf
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:45 2025 by rpki-client