Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa
File: 5836d090-8999-43ab-a38c-f63a0e829c0b.roa (raw, json)
Hash identifier: bWAN8k8Hxvx96Py2ibmpnr16Sn7iuFLCCDM7VyfFnCk=
Subject key identifier: 32:40:BF:92:06:DF:34:D6:6E:4E:A5:71:8C:F4:60:88:65:49:95:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 188D3D8B89A9E66966ED4E28992E0DC303E8188D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa
Signing time: Fri 26 Sep 2025 18:41:22 +0000
ROA not before: Fri 26 Sep 2025 18:41:22 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:8d:3d:8b:89:a9:e6:69:66:ed:4e:28:99:2e:0d:c3:03:e8:18:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:41:22 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a1017376680e5409a6733e6b4097305529217162ff78628970daf358d02fc313, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ec:62:79:7d:3d:db:09:7c:8b:6b:37:a8:f8:
4a:72:62:04:5c:da:ab:44:fc:49:ac:9b:b9:ec:6e:
3e:27:dc:2d:71:95:46:49:fe:b8:7e:f5:5b:10:6e:
8d:b2:20:24:57:85:0c:30:26:0f:e5:78:77:99:5e:
3f:77:c8:e9:7a:8e:25:bc:f6:98:50:27:b0:c7:5e:
0a:9e:ab:2d:ef:77:1b:b3:c1:28:86:58:ef:1e:b4:
f6:51:6b:e0:03:10:51:a7:fa:37:4a:c9:2a:78:ab:
e1:73:5b:e0:9b:5f:a0:68:9d:a2:9c:b9:99:5b:b4:
16:59:25:f1:40:05:2f:76:30:40:79:61:9e:7d:2c:
17:77:2a:31:e9:f4:2b:cc:5b:c3:99:3d:7f:df:c8:
08:17:36:d6:f8:f8:cd:05:5c:76:65:81:88:30:e5:
5c:fe:bc:9c:45:8c:88:95:68:92:cb:21:98:e3:93:
b8:7e:c7:79:f8:65:a6:11:1f:9f:1f:71:2e:19:6b:
37:53:25:1b:65:0c:d0:d1:b1:1b:6e:c9:0d:09:0a:
fb:f7:dc:6f:c9:a7:ce:2c:71:88:ba:85:67:f8:84:
9b:9c:04:a1:39:b4:d3:25:14:34:06:48:bd:5d:7d:
f5:ad:d6:38:20:2e:5f:65:02:5a:6b:e0:7b:d5:1e:
71:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:40:BF:92:06:DF:34:D6:6E:4E:A5:71:8C:F4:60:88:65:49:95:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:45:9f:c2:53:44:82:31:4a:11:c1:44:3f:0d:36:df:cf:a3:
0e:7a:0d:81:df:d5:d3:72:8e:43:e1:db:ce:51:f0:aa:30:4c:
8e:d3:ee:64:c1:45:fe:9e:cc:34:3e:5f:e4:26:d0:fd:96:f1:
76:59:e5:1e:a1:3b:20:b9:04:7e:3d:df:25:e7:9e:53:5e:81:
ee:13:8b:12:04:9d:32:db:90:aa:1f:78:d1:ee:18:10:8b:59:
e3:50:4a:9d:ef:15:b4:5e:e4:65:38:a2:5d:1e:79:76:9a:3e:
01:a2:65:e1:1a:65:a1:47:48:99:9c:b2:c4:54:f1:21:d5:9b:
7e:db:0f:51:3d:ba:fe:7e:d5:5f:44:b6:c8:cd:ba:5b:85:9c:
ee:ba:30:f2:5a:51:3b:0a:30:5d:87:ba:da:4e:e1:5f:fd:57:
9c:ef:22:b7:be:a4:f0:41:cf:05:fd:88:de:39:4d:f9:ab:00:
34:fc:24:b0:86:0d:aa:fc:4b:0e:2f:e6:dc:a7:4b:1d:82:04:
25:64:0c:61:4c:3e:39:d3:af:02:3c:52:92:9d:84:02:c8:60:
9c:44:24:b2:f6:02:45:49:35:60:53:ba:08:f2:20:94:45:3c:
78:c4:06:9e:a9:6e:74:e9:f3:4b:ee:a4:79:6f:56:f3:e4:a0:
8d:2f:eb:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGI09i4mp5mlm7U4omS4NwwPoGI0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQxMjJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGExMDE3Mzc2NjgwZTU0MDlhNjczM2U2YjQwOTczMDU1MjkyMTcxNjJmZjc4
NjI4OTcwZGFmMzU4ZDAyZmMzMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANPsYnl9PdsJfItrN6j4SnJiBFzaq0T8SaybuexuPifcLXGVRkn+uH71WxBu
jbIgJFeFDDAmD+V4d5leP3fI6XqOJbz2mFAnsMdeCp6rLe93G7PBKIZY7x609lFr
4AMQUaf6N0rJKnir4XNb4JtfoGidopy5mVu0Flkl8UAFL3YwQHlhnn0sF3cqMen0
K8xbw5k9f9/ICBc21vj4zQVcdmWBiDDlXP68nEWMiJVoksshmOOTuH7HefhlphEf
nx9xLhlrN1MlG2UM0NGxG27JDQkK+/fcb8mnzixxiLqFZ/iEm5wEoTm00yUUNAZI
vV199a3WOCAuX2UCWmvge9UecacCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyQL+S
Bt801m5OpXGM9GCIZUmVnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTgzNmQwOTAtODk5OS00M2FiLWEzOGMtZjYzYTBlODI5YzBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQB7RZ/CU0SCMUoRwUQ/DTbfz6MOeg2B39XTco5D
4dvOUfCqMEyO0+5kwUX+nsw0Pl/kJtD9lvF2WeUeoTsguQR+Pd8l555TXoHuE4sS
BJ0y25CqH3jR7hgQi1njUEqd7xW0XuRlOKJdHnl2mj4BomXhGmWhR0iZnLLEVPEh
1Zt+2w9RPbr+ftVfRLbIzbpbhZzuujDyWlE7CjBdh7raTuFf/Vec7yK3vqTwQc8F
/YjeOU35qwA0/CSwhg2q/EsOL+bcp0sdggQlZAxhTD45068CPFKSnYQCyGCcRCSy
9gJFSTVgU7oI8iCURTx4xAaeqW506fNL7qR5b1bz5KCNL+uC
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:29 2025 by rpki-client