Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b578938-3dca-4d72-8385-f8a93e508377.roa
File: 8b578938-3dca-4d72-8385-f8a93e508377.roa (raw, json)
Hash identifier: QTZfgF9ccVrT5PsorQ9jIXR0h9BFxYSqGCfQaSxvzgM=
Subject key identifier: BD:05:A4:46:56:29:34:7B:31:63:57:DA:98:ED:0C:A1:3F:FE:55:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1447B49A6C2FB3EBE04466137CF341D84CF9C7C2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b578938-3dca-4d72-8385-f8a93e508377.roa
Signing time: Fri 26 Sep 2025 20:00:17 +0000
ROA not before: Fri 26 Sep 2025 20:00:17 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:47:b4:9a:6c:2f:b3:eb:e0:44:66:13:7c:f3:41:d8:4c:f9:c7:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:00:17 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=320e71a6c235b94c952bbf61a70ae0f35ef4a5a2e11e849da179bf833a65833f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:92:40:e9:34:b2:49:77:ce:25:cd:61:e3:e8:
79:06:bc:c1:14:68:53:78:99:82:b7:2d:b8:4f:5e:
90:ca:da:55:7e:f7:bf:dd:3e:bc:52:75:79:66:71:
03:c8:19:bb:e5:c7:ea:58:af:19:4c:45:0a:05:44:
51:05:f6:ad:82:07:c5:aa:d1:50:ec:04:eb:81:d9:
d0:c3:5f:16:02:56:36:41:60:16:26:71:d8:27:f4:
5e:1b:88:47:ca:b8:ef:f6:3e:e6:9b:bb:c8:0f:01:
28:c6:6a:fe:db:24:5d:be:32:19:7b:1b:6d:3e:81:
cc:c0:d5:e3:9e:cd:05:d8:18:f7:79:27:d0:85:09:
90:d0:38:ea:d1:2a:85:c5:29:fe:f8:1c:cc:83:b4:
85:cd:00:6f:57:bb:93:ba:43:f2:48:76:a6:e0:bc:
1c:7c:ce:05:ed:9b:83:db:ec:df:95:4c:45:47:57:
c9:ac:66:5f:49:ea:27:27:20:25:a2:dd:46:b5:82:
1d:b8:64:52:8f:26:3e:7c:50:c8:bf:f5:2a:bd:0f:
d0:38:49:a2:cd:d7:03:a7:f4:28:02:fe:1a:6e:01:
9c:bc:48:2e:1f:f0:8f:08:bd:d0:6c:85:00:f1:c4:
6e:a3:45:24:fe:f3:8f:8b:e2:13:9e:96:bc:da:3a:
19:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:05:A4:46:56:29:34:7B:31:63:57:DA:98:ED:0C:A1:3F:FE:55:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b578938-3dca-4d72-8385-f8a93e508377.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019:400::/38
Signature Algorithm: sha256WithRSAEncryption
c4:e3:35:3b:42:df:25:f6:c0:a4:7a:75:52:cd:e5:f1:97:f3:
63:f0:96:f1:aa:dc:7e:d9:89:e6:ce:27:38:50:96:b6:29:6e:
b9:02:f2:e1:44:c3:bf:09:ba:79:4b:f0:14:e8:46:5a:f8:2b:
08:cd:d8:f2:c5:1c:fc:25:5a:fb:77:90:05:3a:69:2d:50:07:
3c:04:92:33:a3:ee:fa:3f:b7:6d:cf:57:ef:9e:73:6c:d6:d3:
fd:52:1f:e8:2a:bf:e2:c7:07:cf:9d:7f:fe:e9:2c:d1:13:5d:
d8:1d:35:d7:7a:28:53:1a:b3:ed:86:be:25:d3:5b:15:d0:dc:
bc:99:e2:33:e4:b1:2d:1c:cb:37:2c:d2:db:e9:3e:12:39:89:
5a:50:bc:07:e0:23:bb:92:2f:d5:cf:35:10:3c:96:86:00:b7:
f6:97:49:b9:fb:27:c3:02:9f:a4:d0:28:5e:71:c0:01:bf:5e:
66:4d:4b:65:56:a8:30:f9:ea:b2:61:e1:44:9e:a4:e5:ab:8b:
ca:35:51:4b:17:37:6b:6a:bd:c9:f8:68:98:e1:1b:1b:63:31:
33:8f:6c:1a:7f:2a:32:cd:28:e9:4f:65:d7:19:b5:b1:d2:68:
ec:3f:05:93:49:d1:38:52:e2:34:17:33:b8:1f:5f:51:4f:17:
a7:7f:cb:93
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFEe0mmwvs+vgRGYTfPNB2Ez5x8IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAwMTdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyMGU3MWE2YzIzNWI5NGM5NTJiYmY2MWE3MGFlMGYzNWVmNGE1YTJlMTFl
ODQ5ZGExNzliZjgzM2E2NTgzM2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANuSQOk0skl3ziXNYePoeQa8wRRoU3iZgrctuE9ekMraVX73v90+vFJ1eWZx
A8gZu+XH6livGUxFCgVEUQX2rYIHxarRUOwE64HZ0MNfFgJWNkFgFiZx2Cf0XhuI
R8q47/Y+5pu7yA8BKMZq/tskXb4yGXsbbT6BzMDV457NBdgY93kn0IUJkNA46tEq
hcUp/vgczIO0hc0Ab1e7k7pD8kh2puC8HHzOBe2bg9vs35VMRUdXyaxmX0nqJycg
JaLdRrWCHbhkUo8mPnxQyL/1Kr0P0DhJos3XA6f0KAL+Gm4BnLxILh/wjwi90GyF
APHEbqNFJP7zj4viE56WvNo6GTECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS9BaRG
Vik0ezFjV9qY7QyhP/5V9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGI1Nzg5MzgtM2RjYS00ZDcyLTgzODUtZjhhOTNlNTA4Mzc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkE
MA0GCSqGSIb3DQEBCwUAA4IBAQDE4zU7Qt8l9sCkenVSzeXxl/Nj8Jbxqtx+2Ynm
zic4UJa2KW65AvLhRMO/Cbp5S/AU6EZa+CsIzdjyxRz8JVr7d5AFOmktUAc8BJIz
o+76P7dtz1fvnnNs1tP9Uh/oKr/ixwfPnX/+6SzRE13YHTXXeihTGrPthr4l01sV
0Ny8meIz5LEtHMs3LNLb6T4SOYlaULwH4CO7ki/VzzUQPJaGALf2l0m5+yfDAp+k
0CheccABv15mTUtlVqgw+eqyYeFEnqTlq4vKNVFLFzdrar3J+GiY4RsbYzEzj2wa
fyoyzSjpT2XXGbWx0mjsPwWTSdE4UuI0FzO4H19RTxenf8uT
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:51:24 2025 by rpki-client