Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8879b2f7-4d09-4d91-a498-ecd91c6183c8.roa
File: 8879b2f7-4d09-4d91-a498-ecd91c6183c8.roa (raw, json)
Hash identifier: 4GKzYxjOYKItxeTDMvmYO6PrBtwzj2laEDPCNuABLHw=
Subject key identifier: D8:B8:F4:CA:54:05:0F:8F:FD:E0:7F:62:D2:2C:89:63:16:69:5C:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C12D3072D1BE1A4483BFA67799CE40AA4076911
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8879b2f7-4d09-4d91-a498-ecd91c6183c8.roa
Signing time: Mon 06 Oct 2025 17:50:51 +0000
ROA not before: Mon 06 Oct 2025 17:50:51 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:12:d3:07:2d:1b:e1:a4:48:3b:fa:67:79:9c:e4:0a:a4:07:69:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:51 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=f95fb02811cf30060de5bbcfd8631b9de7a6f818812e8feafdc3fa22c0274d6a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:35:5b:88:ac:4f:74:13:b6:d8:0c:6e:25:63:
c5:31:98:89:4a:d8:84:62:73:10:95:2f:34:cf:60:
d2:66:c3:d8:b7:15:03:ed:49:54:52:02:42:4e:ae:
12:c8:25:de:8d:01:4a:e1:96:e8:eb:35:fb:1d:07:
f6:b8:7d:2b:96:dd:a4:96:04:c5:f0:44:9c:7e:5b:
aa:47:65:1c:58:7c:cb:18:fd:26:a6:4e:d9:d4:bc:
0f:1d:49:08:1b:a9:dd:47:56:e5:d2:96:1b:0d:35:
3a:de:5b:f8:89:2b:74:99:1a:57:e7:ac:65:dc:1e:
6c:c9:4a:72:c2:80:8e:fe:e7:53:d6:5c:fe:e2:16:
2f:9b:4e:3e:1a:1b:a0:0d:c2:99:77:ba:dd:a1:0d:
d9:bd:6c:cd:26:f5:9f:7a:7a:ad:a3:ba:fb:90:18:
88:9e:a5:60:4c:03:ab:2b:c0:7a:38:ca:d9:67:6f:
dd:05:50:9f:e0:c6:b9:7c:bb:3d:70:31:ef:7d:61:
5a:75:26:15:99:73:3b:5e:e1:5d:01:ba:f8:a6:cc:
66:de:ca:21:1d:fe:b0:81:d6:68:63:e5:f4:98:41:
5d:a9:ff:17:c1:d7:e2:3c:f3:92:fa:e8:86:9a:02:
52:35:95:3c:7a:f1:b6:a1:9a:78:03:31:e7:d0:d2:
86:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B8:F4:CA:54:05:0F:8F:FD:E0:7F:62:D2:2C:89:63:16:69:5C:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8879b2f7-4d09-4d91-a498-ecd91c6183c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:e080::/48
Signature Algorithm: sha256WithRSAEncryption
06:98:f7:72:ec:2c:01:e5:c2:98:22:60:dd:12:e7:ba:b4:04:
c5:46:8c:b2:f0:12:10:93:86:70:73:ba:1f:85:b5:c9:db:b9:
be:75:38:8e:50:e4:53:eb:92:45:12:39:8d:ef:a1:ee:6b:29:
9a:b2:0b:2a:7f:29:f4:6a:88:d4:42:a1:5f:45:63:8f:8b:16:
9e:9a:f8:e5:fd:10:c5:0a:9b:0e:b7:77:1d:a6:d2:b4:32:53:
50:8e:a1:0b:6f:eb:41:6f:fd:a8:6e:56:9a:53:8f:56:9b:d7:
a9:2f:98:37:84:3b:7f:b3:af:a8:1e:ca:fc:5e:0a:38:9c:48:
52:86:66:af:a4:bb:19:85:7c:b7:6a:94:56:ec:e5:d1:7b:0f:
4b:28:5f:82:2d:2c:04:9c:e6:86:2c:de:6f:3c:85:5a:4d:87:
10:54:e1:45:bc:45:a5:2a:62:b9:59:59:d6:1e:fe:be:fd:3c:
54:e7:e7:2e:92:a1:7c:f5:c9:98:a3:b7:eb:a5:bc:f6:05:6b:
7d:65:cb:b2:ad:2c:ae:bf:b0:7d:43:a8:c8:17:0a:3a:7a:5f:
92:3b:8a:12:2b:f5:f7:dc:1c:7c:08:b8:f6:d2:06:40:cc:09:
14:90:21:24:46:9b:2e:be:ea:b8:36:f7:94:96:bb:d2:4c:9b:
9e:7a:29:1b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTBLTBy0b4aRIO/pneZzkCqQHaREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwNTFaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5NWZiMDI4MTFjZjMwMDYwZGU1YmJjZmQ4NjMxYjlkZTdhNmY4MTg4MTJl
OGZlYWZkYzNmYTIyYzAyNzRkNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKE1W4isT3QTttgMbiVjxTGYiUrYhGJzEJUvNM9g0mbD2LcVA+1JVFICQk6u
Esgl3o0BSuGW6Os1+x0H9rh9K5bdpJYExfBEnH5bqkdlHFh8yxj9JqZO2dS8Dx1J
CBup3UdW5dKWGw01Ot5b+IkrdJkaV+esZdwebMlKcsKAjv7nU9Zc/uIWL5tOPhob
oA3CmXe63aEN2b1szSb1n3p6raO6+5AYiJ6lYEwDqyvAejjK2Wdv3QVQn+DGuXy7
PXAx731hWnUmFZlzO17hXQG6+KbMZt7KIR3+sIHWaGPl9JhBXan/F8HX4jzzkvro
hpoCUjWVPHrxtqGaeAMx59DShn0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTYuPTK
VAUPj/3gf2LSLIljFmlcODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg3OWIyZjctNGQwOS00ZDkxLWE0OTgtZWNkOTFjNjE4M2M4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H3g
gDANBgkqhkiG9w0BAQsFAAOCAQEABpj3cuwsAeXCmCJg3RLnurQExUaMsvASEJOG
cHO6H4W1ydu5vnU4jlDkU+uSRRI5je+h7mspmrILKn8p9GqI1EKhX0Vjj4sWnpr4
5f0QxQqbDrd3HabStDJTUI6hC2/rQW/9qG5WmlOPVpvXqS+YN4Q7f7OvqB7K/F4K
OJxIUoZmr6S7GYV8t2qUVuzl0XsPSyhfgi0sBJzmhizebzyFWk2HEFThRbxFpSpi
uVlZ1h7+vv08VOfnLpKhfPXJmKO366W89gVrfWXLsq0srr+wfUOoyBcKOnpfkjuK
Eiv199wcfAi49tIGQMwJFJAhJEabLr7quDb3lJa70kybnnopGw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:32 2025 by rpki-client