Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
File: 84822380-4084-4c46-8745-4e82faaddd84.roa (raw, json)
Hash identifier: 7qXCE4gOF1PtJKkmJIk3BppQxKkyFvjQUx7WW8Pb3bw=
Subject key identifier: 23:54:4D:D1:20:9B:95:F2:77:05:88:62:B5:8B:96:BF:73:E0:8D:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 498441049401BD3BA8DDF7E05AB0F8339E74AFB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
Signing time: Fri 26 Sep 2025 20:01:33 +0000
ROA not before: Fri 26 Sep 2025 20:01:33 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:84:41:04:94:01:bd:3b:a8:dd:f7:e0:5a:b0:f8:33:9e:74:af:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:01:33 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=45fbc87a3001f3693a182f62b997929731388eaaaa55411e4c4f83b3880efd8e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0f:cc:1f:a1:aa:42:38:ac:d7:d0:b8:63:de:
5f:b5:5d:df:54:1a:7d:71:d2:fb:d3:94:ee:ca:4b:
58:00:45:99:aa:40:ad:28:0f:de:56:56:dc:ee:32:
c4:1e:5d:1e:0e:ae:c5:3a:c2:ec:80:d1:07:ca:ec:
51:38:fa:c8:40:0a:ac:c5:c9:d9:7c:c5:6b:18:ae:
25:5d:52:e1:5a:4e:a7:0f:08:af:22:a0:a8:46:c6:
bf:92:e0:78:f9:06:bb:35:6f:f9:2f:52:21:b3:de:
29:74:48:e7:e9:20:97:5e:03:bc:65:ef:3b:40:a8:
67:01:bc:9c:44:74:35:7b:c9:d6:c4:c7:af:9b:24:
71:fd:0c:b7:08:60:f7:e9:f2:4c:e5:63:01:34:60:
23:8a:1a:8f:6d:1f:4f:a2:9d:fb:1c:1f:c9:3c:98:
d1:7f:d0:4b:ac:30:88:06:53:95:68:01:b6:71:e3:
fb:dc:77:0b:4b:e9:81:5f:c0:70:21:6c:d3:c0:a7:
8c:b1:89:af:7f:02:f6:38:79:60:b0:df:3c:05:bc:
0d:33:b2:26:1d:b7:7e:69:fc:77:ed:59:3e:31:c1:
90:dd:6a:3b:c6:53:1a:91:76:bb:b1:14:85:0f:74:
24:c2:6a:b7:6e:f3:6d:49:5d:a2:af:17:5d:42:d2:
ec:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:54:4D:D1:20:9B:95:F2:77:05:88:62:B5:8B:96:BF:73:E0:8D:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:800::/38
Signature Algorithm: sha256WithRSAEncryption
5d:cb:30:b3:fb:17:e0:0c:f6:62:1e:b7:e6:d9:f1:bb:6f:25:
87:03:60:0d:b5:79:75:e6:13:e9:8a:f2:96:a5:ae:6e:ff:04:
3d:ba:bf:57:d1:4a:0c:d7:4f:df:5b:a5:bb:94:9e:79:17:bc:
a9:be:3e:af:fc:39:cd:c8:92:98:85:dc:ba:13:f3:f6:08:71:
ee:8c:66:f2:69:89:5e:3f:03:1a:d7:ad:76:70:77:62:dd:c2:
95:95:39:5d:bb:28:cc:46:2b:04:a3:2a:2d:19:c4:e1:dd:c9:
c7:25:39:d2:66:52:80:d7:c4:45:10:a2:f0:46:4a:4d:4a:ca:
fc:25:49:c3:78:6f:88:1f:ad:76:c3:19:64:ce:bd:15:6c:13:
8b:c5:49:04:fb:1c:e6:8d:de:f5:88:9c:c1:7e:57:de:82:d6:
8f:49:8c:90:9d:58:5b:04:96:09:3f:b6:7f:5f:1b:38:f5:88:
94:b3:69:3c:b2:e0:52:e7:2d:f3:e0:d1:14:1e:08:53:1a:70:
cb:27:80:0d:7d:8b:5c:be:58:61:e2:4e:47:f9:e1:eb:70:4d:
5f:cc:f4:0a:ce:a7:1e:29:4b:3c:48:09:fd:c4:f3:5e:71:c6:
f9:5b:db:bf:d6:ef:25:9b:84:9c:ce:42:81:fd:de:0b:f2:1f:
4a:cf:fd:49
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSYRBBJQBvTuo3ffgWrD4M550r7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAxMzNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1ZmJjODdhMzAwMWYzNjkzYTE4MmY2MmI5OTc5Mjk3MzEzODhlYWFhYTU1
NDExZTRjNGY4M2IzODgwZWZkOGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUPzB+hqkI4rNfQuGPeX7Vd31QafXHS+9OU7spLWABFmapArSgP3lZW3O4y
xB5dHg6uxTrC7IDRB8rsUTj6yEAKrMXJ2XzFaxiuJV1S4VpOpw8IryKgqEbGv5Lg
ePkGuzVv+S9SIbPeKXRI5+kgl14DvGXvO0CoZwG8nER0NXvJ1sTHr5skcf0Mtwhg
9+nyTOVjATRgI4oaj20fT6Kd+xwfyTyY0X/QS6wwiAZTlWgBtnHj+9x3C0vpgV/A
cCFs08CnjLGJr38C9jh5YLDfPAW8DTOyJh23fmn8d+1ZPjHBkN1qO8ZTGpF2u7EU
hQ90JMJqt27zbUldoq8XXULS7M8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQjVE3R
IJuV8ncFiGK1i5a/c+CNATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQ4MjIzODAtNDA4NC00YzQ2LTg3NDUtNGU4MmZhYWRkZDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQI
MA0GCSqGSIb3DQEBCwUAA4IBAQBdyzCz+xfgDPZiHrfm2fG7byWHA2ANtXl15hPp
ivKWpa5u/wQ9ur9X0UoM10/fW6W7lJ55F7ypvj6v/DnNyJKYhdy6E/P2CHHujGby
aYlePwMa1612cHdi3cKVlTlduyjMRisEoyotGcTh3cnHJTnSZlKA18RFEKLwRkpN
Ssr8JUnDeG+IH612wxlkzr0VbBOLxUkE+xzmjd71iJzBflfegtaPSYyQnVhbBJYJ
P7Z/Xxs49YiUs2k8suBS5y3z4NEUHghTGnDLJ4ANfYtcvlhh4k5H+eHrcE1fzPQK
zqceKUs8SAn9xPNeccb5W9u/1u8lm4SczkKB/d4L8h9Kz/1J
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:38:27 2025 by rpki-client