Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
File: 78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa (raw, json)
Hash identifier: UFi/WFBCWiL/0jqofHpnxrQybCsbKuZd3KHVy+GZVnQ=
Subject key identifier: 3A:7C:5D:0C:F9:A2:43:98:94:AF:9A:4E:2F:43:AB:99:46:E2:60:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F8464D1D9E76ECE904B51A6341816BEF01BDFB8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
Signing time: Mon 13 Oct 2025 18:00:06 +0000
ROA not before: Mon 13 Oct 2025 18:00:06 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:84:64:d1:d9:e7:6e:ce:90:4b:51:a6:34:18:16:be:f0:1b:df:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 18:00:06 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=337e7c05618a68e01ccc7cf0d89ce25ee88db3d5a9c165f9f08f925eeb679cfb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6c:bf:8f:5e:3f:65:5f:28:1c:2f:4a:87:c2:
11:2b:00:51:b8:eb:7c:9a:00:06:57:94:2c:bd:a0:
ca:76:f4:40:d4:6f:f4:bc:72:2e:a0:de:1d:9e:7d:
50:e1:cd:a9:76:a8:3d:2a:51:89:b6:ce:c9:c3:9e:
f2:b7:ea:ea:b2:55:35:f6:f7:76:7e:06:5e:2a:76:
19:d8:60:86:09:b7:47:8b:e7:02:43:94:95:02:b0:
9b:81:05:8b:2e:12:bd:fa:bb:06:9f:fc:d9:26:87:
8e:34:bb:9d:4e:cc:c1:68:28:d3:e2:04:62:48:d1:
04:3f:e6:8f:55:75:c9:2e:4d:8d:d2:3d:e9:7f:50:
4f:5d:e4:51:9c:31:40:f9:ca:73:a0:95:a9:06:a7:
32:d6:3f:e8:1f:a2:d7:fd:3e:f5:4b:67:66:2d:a8:
02:fd:f6:26:1b:65:45:84:a8:b5:46:33:13:86:51:
47:a4:44:40:b7:9a:ae:d7:07:41:62:f7:94:82:ff:
27:e8:f7:fc:2a:88:55:f4:ee:8c:1a:60:ff:6e:f7:
ad:b0:41:ad:10:f6:1c:3b:55:e0:be:5a:34:2d:26:
c3:7c:a4:36:39:15:dc:eb:f2:2b:f7:76:36:07:05:
7c:cb:7b:c9:d1:11:55:04:15:1e:73:0e:14:ee:e1:
b5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7C:5D:0C:F9:A2:43:98:94:AF:9A:4E:2F:43:AB:99:46:E2:60:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
75:12:3f:2c:cd:09:72:cb:c4:80:21:8b:39:d4:15:1e:d1:ad:
bf:4b:a0:43:7f:49:d8:c1:9b:9e:d5:17:fd:7c:62:26:2f:7b:
67:39:da:79:f0:95:31:3b:d4:07:a3:81:4a:a3:3f:70:1f:42:
ad:d9:69:0a:22:0f:4b:12:78:3d:b7:bc:33:db:d5:3f:53:ac:
1b:84:7d:5c:be:42:0e:84:56:19:f6:73:7d:5d:6e:64:1a:3e:
99:6f:86:ea:93:5c:a9:10:b6:81:e2:c4:00:cd:cf:ac:d5:77:
32:88:13:08:c2:99:28:df:66:d3:33:f0:11:6a:b4:b0:ca:9a:
10:84:36:45:3f:1d:fb:80:47:a3:b9:49:f4:8c:49:b0:58:fd:
f6:19:df:48:72:38:36:b8:52:63:d9:e7:ee:55:f7:a1:b4:82:
13:1c:f1:24:1d:42:7e:d7:13:45:e4:8d:6b:54:03:23:d4:9d:
09:38:11:97:ca:e8:36:85:b9:69:a1:e8:0b:2c:00:0d:7d:0b:
20:04:b6:11:43:20:be:56:49:c7:35:fc:9f:1b:93:aa:d3:83:
8f:b2:8b:da:85:a4:b8:45:37:9d:98:c0:da:b7:ee:2c:f4:ee:
74:d3:39:08:ae:92:5f:d9:30:02:e2:83:09:8e:ab:36:0d:8e:
39:5d:41:00
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT4Rk0dnnbs6QS1GmNBgWvvAb37gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxODAwMDZaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzN2U3YzA1NjE4YTY4ZTAxY2NjN2NmMGQ4OWNlMjVlZTg4ZGIzZDVhOWMx
NjVmOWYwOGY5MjVlZWI2NzljZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRsv49eP2VfKBwvSofCESsAUbjrfJoABleULL2gynb0QNRv9LxyLqDeHZ59
UOHNqXaoPSpRibbOycOe8rfq6rJVNfb3dn4GXip2Gdhghgm3R4vnAkOUlQKwm4EF
iy4Svfq7Bp/82SaHjjS7nU7MwWgo0+IEYkjRBD/mj1V1yS5NjdI96X9QT13kUZwx
QPnKc6CVqQanMtY/6B+i1/0+9UtnZi2oAv32JhtlRYSotUYzE4ZRR6REQLeartcH
QWL3lIL/J+j3/CqIVfTujBpg/273rbBBrRD2HDtV4L5aNC0mw3ykNjkV3OvyK/d2
NgcFfMt7ydERVQQVHnMOFO7htfcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6fF0M
+aJDmJSvmk4vQ6uZRuJgljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwODVkMGEtZjFhYy00M2I3LWFjNmItYThhZmNmOTc4MmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQB1Ej8szQlyy8SAIYs51BUe0a2/S6BDf0nYwZue
1Rf9fGImL3tnOdp58JUxO9QHo4FKoz9wH0Kt2WkKIg9LEng9t7wz29U/U6wbhH1c
vkIOhFYZ9nN9XW5kGj6Zb4bqk1ypELaB4sQAzc+s1XcyiBMIwpko32bTM/ARarSw
ypoQhDZFPx37gEejuUn0jEmwWP32Gd9Icjg2uFJj2efuVfehtIITHPEkHUJ+1xNF
5I1rVAMj1J0JOBGXyug2hblpoegLLAANfQsgBLYRQyC+VknHNfyfG5Oq04OPsova
haS4RTedmMDat+4s9O500zkIrpJf2TAC4oMJjqs2DY45XUEA
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:27 2025 by rpki-client