Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/63af811a-6e40-455f-b7a8-223951036a11.roa
File: 63af811a-6e40-455f-b7a8-223951036a11.roa (raw, json)
Hash identifier: wAY7RFu8gvEvxhN0ougUxRjNSUiUFnX3Zil7lyMIMps=
Subject key identifier: C0:26:93:8C:90:18:34:77:E6:84:2C:8E:FC:07:CF:6A:62:1F:11:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E4F937F3F2F80AD48711DBDCA75A42BF60BA77B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/63af811a-6e40-455f-b7a8-223951036a11.roa
Signing time: Fri 26 Sep 2025 19:10:17 +0000
ROA not before: Fri 26 Sep 2025 19:10:17 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:4f:93:7f:3f:2f:80:ad:48:71:1d:bd:ca:75:a4:2b:f6:0b:a7:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:10:17 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=9bc043327f2e3766946fee575f00860406176947827925dde75d7a057c5cb92f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:46:0c:88:f0:75:61:60:8a:e0:9f:bc:39:af:
03:99:0b:4c:6b:7b:28:67:f8:39:81:92:76:56:9e:
e8:73:c8:f3:28:29:7d:f1:5b:15:57:e2:5b:cb:a3:
f0:f5:21:88:23:16:7c:15:bf:2f:dc:c3:11:70:bb:
19:3e:27:81:08:ea:6a:91:6d:10:65:dc:fb:2e:29:
8e:45:be:a6:5d:c5:16:d8:cc:54:65:67:dd:18:ec:
c3:b3:86:cb:7e:e9:ef:95:d2:06:40:f2:f2:0b:dd:
18:22:2b:eb:99:04:2d:c2:49:84:96:85:17:e0:74:
22:ea:43:f4:24:92:8b:3c:b9:64:a3:4c:f3:d9:ca:
64:17:17:1d:a6:a5:67:db:6f:b7:e3:24:b7:e1:41:
0e:03:b8:e8:1a:be:5e:ab:92:fb:db:2a:05:a0:10:
8e:ee:f8:84:44:eb:7e:ca:db:72:b1:6b:54:22:ae:
89:70:47:a3:b4:1a:97:3b:c5:29:1d:78:cd:61:ab:
68:d2:52:7a:4d:d7:6a:bc:c3:d8:12:b5:04:35:72:
62:66:fb:1e:2c:b1:3d:ce:b1:14:ea:63:0d:05:5a:
ad:1f:76:93:3f:ae:28:72:fc:20:f1:b8:09:b0:4b:
63:73:18:f5:0c:a4:5e:c9:09:eb:a5:f8:28:1d:35:
3a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:26:93:8C:90:18:34:77:E6:84:2C:8E:FC:07:CF:6A:62:1F:11:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/63af811a-6e40-455f-b7a8-223951036a11.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9000::/40
Signature Algorithm: sha256WithRSAEncryption
66:ed:da:ca:41:9f:b4:3d:50:4a:a6:70:0d:40:e0:e3:b5:3d:
11:a5:54:46:b4:fb:41:28:2c:99:2e:0e:cd:df:fc:10:b0:c1:
ef:1b:38:3e:a3:ce:84:af:8d:f5:4f:6d:d4:53:7b:33:17:ef:
e9:c2:bd:d3:b6:3e:a5:f7:c5:ed:36:d1:ba:10:28:32:d6:6c:
45:f2:b9:42:32:1c:65:28:96:6f:0e:c2:99:b1:9e:aa:cb:79:
1b:93:88:6c:41:fe:9e:9a:86:97:aa:b7:8d:e9:b8:0d:79:f5:
d8:05:eb:86:1b:07:65:97:cc:c6:55:ee:ca:3d:f1:37:4e:d3:
05:92:27:25:c8:27:3b:2e:04:05:59:4b:51:fe:30:06:f1:c8:
3f:1a:f8:3d:dc:e1:7a:17:53:4e:bf:35:e1:94:37:2e:6e:83:
a9:24:bf:31:1d:ae:1f:4c:69:2a:32:30:20:5e:79:81:f8:5d:
b3:28:ef:3d:e0:ba:23:ee:4c:7f:a9:57:0d:77:37:7f:6a:59:
16:73:eb:c2:f4:21:ff:94:0d:53:35:3f:d1:ae:45:fd:cc:2f:
d2:6d:ab:fe:37:fd:34:e8:45:dc:2c:92:a5:37:16:84:0c:4c:
6a:5f:4b:ad:a6:97:b1:dd:d6:94:e0:ca:d7:18:7d:94:ad:c5:
58:44:31:a0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHk+Tfz8vgK1IcR29ynWkK/YLp3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTEwMTdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDliYzA0MzMyN2YyZTM3NjY5NDZmZWU1NzVmMDA4NjA0MDYxNzY5NDc4Mjc5
MjVkZGU3NWQ3YTA1N2M1Y2I5MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIFGDIjwdWFgiuCfvDmvA5kLTGt7KGf4OYGSdlae6HPI8ygpffFbFVfiW8uj
8PUhiCMWfBW/L9zDEXC7GT4ngQjqapFtEGXc+y4pjkW+pl3FFtjMVGVn3Rjsw7OG
y37p75XSBkDy8gvdGCIr65kELcJJhJaFF+B0IupD9CSSizy5ZKNM89nKZBcXHaal
Z9tvt+Mkt+FBDgO46Bq+XquS+9sqBaAQju74hETrfsrbcrFrVCKuiXBHo7QalzvF
KR14zWGraNJSek3XarzD2BK1BDVyYmb7HiyxPc6xFOpjDQVarR92kz+uKHL8IPG4
CbBLY3MY9QykXskJ66X4KB01OtkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTAJpOM
kBg0d+aELI78B89qYh8RrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjNhZjgxMWEtNmU0MC00NTVmLWI3YTgtMjIzOTUxMDM2YTExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBm7drKQZ+0PVBKpnANQODjtT0RpVRGtPtBKCyZ
Lg7N3/wQsMHvGzg+o86Er431T23UU3szF+/pwr3Ttj6l98XtNtG6ECgy1mxF8rlC
MhxlKJZvDsKZsZ6qy3kbk4hsQf6emoaXqreN6bgNefXYBeuGGwdll8zGVe7KPfE3
TtMFkiclyCc7LgQFWUtR/jAG8cg/Gvg93OF6F1NOvzXhlDcuboOpJL8xHa4fTGkq
MjAgXnmB+F2zKO894Loj7kx/qVcNdzd/alkWc+vC9CH/lA1TNT/RrkX9zC/Sbav+
N/006EXcLJKlNxaEDExqX0utppex3daU4MrXGH2UrcVYRDGg
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:42 2025 by rpki-client