Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
File: 8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa (raw, json)
Hash identifier: o/OtHCLI5ZGoj0fgBDDsAQTppTsTNS87cnysUtideAA=
Subject key identifier: 84:74:47:50:1C:C9:36:BA:7B:31:F3:80:4F:19:7E:52:D8:6F:EC:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3693B436E06447597313DAFC1EA3FD05F8ED4927
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
Signing time: Fri 26 Sep 2025 20:01:35 +0000
ROA not before: Fri 26 Sep 2025 20:01:35 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:93:b4:36:e0:64:47:59:73:13:da:fc:1e:a3:fd:05:f8:ed:49:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:01:35 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=89d08d499d1682f8c0f14bfe11dc523168792e920047e9be2936d93ab2eac5ee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:79:d3:42:53:e3:52:13:97:23:63:3c:ef:a8:
f4:91:63:c1:de:b3:7f:44:28:c8:32:6a:98:44:da:
7d:f7:df:3e:21:7d:fe:3f:ee:6e:56:03:94:33:c1:
9e:2d:ca:23:e8:a9:d3:2d:9a:e4:a6:1c:16:13:2c:
7d:6e:4e:fb:c3:b7:ce:93:f2:81:29:08:74:c2:f3:
33:c7:d0:cf:f5:9f:a7:c4:73:80:39:fc:83:52:3d:
57:3d:ff:e2:64:db:f6:f3:25:34:38:4b:96:84:6b:
9a:b7:70:51:b6:d2:0a:95:6d:5c:68:77:4b:5a:06:
61:67:e4:1a:93:37:19:5c:1b:48:67:86:1a:6c:7a:
65:22:ef:c4:6e:21:fa:5c:08:cf:ad:89:bc:4f:38:
b6:6e:3d:83:70:7f:07:05:32:95:64:a0:b2:fa:a0:
d3:6b:d4:16:95:43:77:df:22:eb:15:44:cb:72:89:
05:75:67:78:de:e3:ef:4d:ea:e4:42:f3:aa:e1:09:
51:27:b4:00:bb:b0:ca:e4:95:95:d6:88:59:4c:cd:
20:b5:a0:7e:4f:d9:66:97:9b:e5:66:19:ac:bf:fc:
f5:ad:4d:fb:ac:bf:8a:07:9b:ea:c8:39:1c:6e:8a:
b7:e1:1e:bb:0b:05:b5:e9:e3:5f:18:dd:1a:de:36:
c6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:74:47:50:1C:C9:36:BA:7B:31:F3:80:4F:19:7E:52:D8:6F:EC:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:800::/38
Signature Algorithm: sha256WithRSAEncryption
78:d8:c6:d7:c8:5b:7b:cd:55:9f:21:55:5f:5d:c2:0c:d6:89:
54:d2:8f:ff:c5:dc:16:ec:f9:16:8f:65:68:a4:fb:25:ba:bb:
1c:4e:d6:6f:8f:7a:e1:82:35:96:48:82:27:bb:4c:f2:68:bf:
a3:6b:17:a2:4e:00:8a:90:89:3d:6d:3e:87:88:e0:bf:39:90:
8e:52:3f:7a:11:ad:6b:ff:c2:d8:d3:77:2d:da:fe:ae:0f:5c:
f5:50:40:86:6a:76:9c:80:5d:c7:69:16:c7:cf:01:23:bb:eb:
d8:71:48:c9:2a:cd:48:40:79:e8:cc:6e:42:58:76:ed:9a:c3:
91:2c:a1:0a:48:2b:36:19:dd:fc:cd:52:21:2a:cb:18:32:04:
94:39:d4:88:6c:0b:6a:d6:7f:54:d3:5d:1c:d3:c8:87:22:2d:
12:6e:6a:ac:ae:1d:49:84:14:30:c0:58:75:b9:98:a2:3b:c8:
5d:12:32:ca:d1:57:15:ee:fd:e6:5e:c3:6e:ba:62:91:b5:a2:
db:e3:69:32:99:e4:f7:4f:f2:c0:db:51:fc:ae:91:28:79:27:
26:8b:71:56:e2:e6:0d:1d:d8:43:37:fa:d1:88:ca:dc:67:d9:
46:59:3e:44:d8:e4:74:7d:22:ef:df:8d:1c:41:53:0e:10:86:
e1:2c:d5:8f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNpO0NuBkR1lzE9r8HqP9BfjtSScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAxMzVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5ZDA4ZDQ5OWQxNjgyZjhjMGYxNGJmZTExZGM1MjMxNjg3OTJlOTIwMDQ3
ZTliZTI5MzZkOTNhYjJlYWM1ZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMd500JT41ITlyNjPO+o9JFjwd6zf0QoyDJqmETaffffPiF9/j/ublYDlDPB
ni3KI+ip0y2a5KYcFhMsfW5O+8O3zpPygSkIdMLzM8fQz/Wfp8RzgDn8g1I9Vz3/
4mTb9vMlNDhLloRrmrdwUbbSCpVtXGh3S1oGYWfkGpM3GVwbSGeGGmx6ZSLvxG4h
+lwIz62JvE84tm49g3B/BwUylWSgsvqg02vUFpVDd98i6xVEy3KJBXVneN7j703q
5ELzquEJUSe0ALuwyuSVldaIWUzNILWgfk/ZZpeb5WYZrL/89a1N+6y/igeb6sg5
HG6Kt+EeuwsFtenjXxjdGt42xnECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSEdEdQ
HMk2unsx84BPGX5S2G/sGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNhNTA3N2ItMDk4Ny00YTY1LWI4ZmYtYTFlMjdmNzZjZDFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoI
MA0GCSqGSIb3DQEBCwUAA4IBAQB42MbXyFt7zVWfIVVfXcIM1olU0o//xdwW7PkW
j2VopPslurscTtZvj3rhgjWWSIInu0zyaL+jaxeiTgCKkIk9bT6HiOC/OZCOUj96
Ea1r/8LY03ct2v6uD1z1UECGanacgF3HaRbHzwEju+vYcUjJKs1IQHnozG5CWHbt
msORLKEKSCs2Gd38zVIhKssYMgSUOdSIbAtq1n9U010c08iHIi0Sbmqsrh1JhBQw
wFh1uZiiO8hdEjLK0VcV7v3mXsNuumKRtaLb42kymeT3T/LA21H8rpEoeScmi3FW
4uYNHdhDN/rRiMrcZ9lGWT5E2OR0fSLv340cQVMOEIbhLNWP
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:28 2025 by rpki-client