Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/880d0334-daaa-445a-9c06-7402ba023a86.roa
File: 880d0334-daaa-445a-9c06-7402ba023a86.roa (raw, json)
Hash identifier: ns8/yW3f1abDyAKji2gWvfdtaINk9Xoip8KGM+D4Uc0=
Subject key identifier: 3A:26:87:50:59:B8:C8:CA:CA:D3:7D:CC:74:60:74:EA:98:6E:76:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08F879FB9627FC10F79E14A416E113B5808646B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/880d0334-daaa-445a-9c06-7402ba023a86.roa
Signing time: Mon 06 Oct 2025 18:00:08 +0000
ROA not before: Mon 06 Oct 2025 18:00:08 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:f8:79:fb:96:27:fc:10:f7:9e:14:a4:16:e1:13:b5:80:86:46:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:00:08 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=5821a73b74f0de653e6ddf1f941d4ee521fcbba99c8a2966bb0e187bc6d821e2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5d:cf:ba:5a:2c:34:07:4c:c3:64:25:2c:46:
5c:ce:7e:e6:17:df:a4:3a:72:9b:a9:fc:a0:98:4e:
55:5f:4f:8d:77:4f:dc:85:ae:85:d7:55:80:1d:b8:
a0:46:23:71:d0:32:45:5c:47:0b:82:ec:35:2f:a6:
08:6f:56:31:56:a4:a4:b3:31:c7:9e:73:f7:9a:3e:
9b:70:fa:43:f5:3b:0d:ee:36:1c:74:1d:66:63:f1:
a5:14:73:88:1f:1f:16:54:c6:b5:97:d6:c7:b9:5b:
d5:fc:0b:6e:f2:d5:b9:db:b7:c2:0f:ec:7d:d2:ef:
5c:bc:2e:a2:5e:41:b8:cf:45:7e:fb:82:b6:1c:c7:
86:12:8d:cb:59:67:8d:04:0a:b3:ce:4d:8c:10:b2:
93:56:c2:74:44:96:9c:de:36:62:fd:b6:2e:9e:57:
43:12:30:7b:85:da:bf:50:70:e3:07:63:9f:9e:24:
fb:c5:a7:d2:bc:a2:a9:0b:12:8c:45:81:98:d4:3f:
32:c1:d3:86:5a:04:e1:4d:e8:18:13:e3:1e:2a:12:
59:21:68:bc:60:7b:0a:9f:bd:5c:60:36:18:ab:a2:
59:15:55:ed:ae:32:2f:b3:35:0a:1e:06:89:ca:a6:
c7:28:f1:3e:62:6a:40:2a:94:11:a8:ad:da:bc:13:
bf:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:26:87:50:59:B8:C8:CA:CA:D3:7D:CC:74:60:74:EA:98:6E:76:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/880d0334-daaa-445a-9c06-7402ba023a86.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:6040::/46
Signature Algorithm: sha256WithRSAEncryption
b8:95:2b:23:b0:89:7c:53:b8:b3:49:3f:3e:52:3e:63:4f:cc:
75:b5:9d:1a:17:0a:ef:3e:20:bd:1a:90:10:1c:5c:b3:45:30:
d7:d6:c3:fe:b3:4f:9a:31:7e:45:29:cf:b0:cd:3d:3c:83:70:
52:55:c1:66:f4:51:bf:d3:d9:d8:28:50:a5:49:05:37:ac:00:
23:0d:6a:ef:59:25:44:c7:26:92:e1:99:8c:13:72:9d:c3:de:
dd:c4:b2:0d:96:17:bf:20:89:a9:1c:b4:2f:c9:75:cd:6f:3a:
9b:42:f8:43:a0:67:34:3e:db:97:a8:f2:34:b7:80:d0:48:8a:
ba:e2:4f:e3:01:46:a3:14:aa:ed:34:1f:f2:9c:8a:56:eb:63:
66:e3:e4:98:75:00:a5:d0:9d:ba:bb:ac:db:1c:7b:cb:09:5a:
f4:1d:1e:4a:02:a9:08:14:2a:ee:06:09:bb:7e:37:48:1d:06:
1a:07:cf:2a:31:db:c0:5f:1c:fa:87:13:4e:b9:75:8d:3b:01:
b2:97:70:bc:eb:b9:56:8b:92:a5:22:1b:01:83:df:08:c2:04:
4a:3f:a9:7a:b8:97:3f:cf:62:8d:4d:27:1a:1b:0e:1e:9e:9f:
45:94:aa:c9:61:2e:3d:03:c1:33:9e:32:23:08:c0:3f:59:3b:
b3:33:c6:f8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCPh5+5Yn/BD3nhSkFuETtYCGRrYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAwMDhaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4MjFhNzNiNzRmMGRlNjUzZTZkZGYxZjk0MWQ0ZWU1MjFmY2JiYTk5Yzhh
Mjk2NmJiMGUxODdiYzZkODIxZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtdz7paLDQHTMNkJSxGXM5+5hffpDpym6n8oJhOVV9PjXdP3IWuhddVgB24
oEYjcdAyRVxHC4LsNS+mCG9WMVakpLMxx55z95o+m3D6Q/U7De42HHQdZmPxpRRz
iB8fFlTGtZfWx7lb1fwLbvLVudu3wg/sfdLvXLwuol5BuM9FfvuCthzHhhKNy1ln
jQQKs85NjBCyk1bCdESWnN42Yv22Lp5XQxIwe4Xav1Bw4wdjn54k+8Wn0ryiqQsS
jEWBmNQ/MsHThloE4U3oGBPjHioSWSFovGB7Cp+9XGA2GKuiWRVV7a4yL7M1Ch4G
icqmxyjxPmJqQCqUEait2rwTv/sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ6JodQ
WbjIysrTfcx0YHTqmG52ijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODgwZDAzMzQtZGFhYS00NDVhLTljMDYtNzQwMmJhMDIzYTg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNg
QDANBgkqhkiG9w0BAQsFAAOCAQEAuJUrI7CJfFO4s0k/PlI+Y0/MdbWdGhcK7z4g
vRqQEBxcs0Uw19bD/rNPmjF+RSnPsM09PINwUlXBZvRRv9PZ2ChQpUkFN6wAIw1q
71klRMcmkuGZjBNyncPe3cSyDZYXvyCJqRy0L8l1zW86m0L4Q6BnND7bl6jyNLeA
0EiKuuJP4wFGoxSq7TQf8pyKVutjZuPkmHUApdCdurus2xx7ywla9B0eSgKpCBQq
7gYJu343SB0GGgfPKjHbwF8c+ocTTrl1jTsBspdwvOu5VouSpSIbAYPfCMIESj+p
eriXP89ijU0nGhsOHp6fRZSqyWEuPQPBM54yIwjAP1k7szPG+A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:21 2025 by rpki-client