Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
File: 8cfa3133-8fd4-4816-ad14-c49146075f82.roa (raw, json)
Hash identifier: IoaRweVYRsBVWSFESMgiBko/PT8HL5Y4gyz2HRNFtNM=
Subject key identifier: 39:50:D8:DB:36:A2:2F:A8:56:AF:6C:1B:DC:31:2A:54:63:ED:9D:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 398D3C25040995D7B1DBB754640DA48CA8B798A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
Signing time: Fri 26 Sep 2025 19:01:34 +0000
ROA not before: Fri 26 Sep 2025 19:01:34 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:8d:3c:25:04:09:95:d7:b1:db:b7:54:64:0d:a4:8c:a8:b7:98:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:01:34 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=1b6dec65871572b3dfe881da9be012053a9b94b9514db408c2e2074692785f34, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:23:4a:53:df:e0:fb:df:51:1c:bc:dd:78:52:
fc:16:e0:40:c1:4c:27:57:3f:25:cf:46:f4:68:86:
73:bd:01:4d:d7:77:b7:4b:9c:ab:6d:44:4f:f9:3b:
8f:a2:5b:85:f4:bd:82:51:27:6b:a4:f3:8f:09:f0:
24:a3:f1:46:a4:df:6b:cd:d3:30:31:e7:c0:25:0e:
8a:b9:ae:2d:49:45:6c:7d:7e:84:74:a8:ef:5c:30:
83:ee:2f:3b:2a:bf:d3:57:0e:c8:f2:e3:93:76:6e:
e7:76:b5:08:fd:ed:9f:44:3e:42:12:c4:4d:82:58:
93:4a:3f:aa:4d:3c:b7:c3:06:81:41:c5:b0:e1:7c:
1f:93:62:34:8d:fe:46:fe:63:f6:0b:81:22:00:ed:
76:ad:13:59:e0:ce:7c:83:1d:b8:9b:35:a9:1d:48:
e1:19:39:4e:9a:4f:4c:bf:ea:1f:c9:f8:79:29:da:
7e:06:ee:9c:dc:aa:10:b4:3a:82:ef:1c:07:1f:af:
56:30:5f:67:18:c0:68:f4:71:d2:9c:ac:d1:78:50:
f1:99:68:42:32:4b:1b:45:56:8c:e5:75:4c:28:0d:
99:e1:bd:52:ef:cb:6e:ea:db:fc:2f:bd:dc:97:9d:
19:47:90:9a:45:c9:38:42:a4:02:51:1e:cf:b9:f6:
3b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:50:D8:DB:36:A2:2F:A8:56:AF:6C:1B:DC:31:2A:54:63:ED:9D:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6000::/40
Signature Algorithm: sha256WithRSAEncryption
58:9a:06:00:53:b2:cd:14:01:80:f3:76:16:af:c1:ae:2d:9c:
f9:e1:dc:f3:24:1c:44:91:48:18:17:bc:94:e3:de:fd:9e:23:
2b:85:4f:be:1d:6a:4c:4c:28:e8:4d:f9:c5:ce:8e:46:a6:0a:
d5:54:67:5b:55:75:f4:ea:80:20:c7:62:64:87:b3:4d:ef:2d:
3c:c2:72:36:28:cf:85:85:b7:1a:f8:c1:bd:d9:04:51:f1:28:
b5:37:ef:3f:72:1b:1b:17:f5:87:1b:01:97:6e:77:5d:b0:70:
d0:cd:df:51:44:d2:49:b1:52:80:82:99:dc:b0:df:d9:09:14:
12:fe:38:03:7b:a3:db:b2:5d:1e:ad:42:c1:e6:82:90:76:23:
9d:4d:65:13:75:d2:fe:e0:89:8c:ce:de:fc:fe:31:56:d8:3f:
fa:72:ac:21:ad:3e:d9:bb:11:94:e2:5c:09:92:b5:66:dd:00:
47:e9:76:4b:3a:51:80:ed:b8:01:fa:cb:24:1c:b4:05:13:a6:
b7:c6:d6:bf:51:f5:45:8d:83:2e:15:5e:66:a0:37:93:1b:77:
c3:db:39:c6:ee:8c:84:96:b0:9d:ab:f6:3d:f2:6e:e4:48:9e:
37:bd:4c:6f:0c:17:8f:6d:8e:3e:34:0d:2f:52:67:a5:eb:26:
07:63:4c:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOY08JQQJldex27dUZA2kjKi3mKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTAxMzRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiNmRlYzY1ODcxNTcyYjNkZmU4ODFkYTliZTAxMjA1M2E5Yjk0Yjk1MTRk
YjQwOGMyZTIwNzQ2OTI3ODVmMzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUjSlPf4PvfURy83XhS/BbgQMFMJ1c/Jc9G9GiGc70BTdd3t0ucq21ET/k7
j6JbhfS9glEna6TzjwnwJKPxRqTfa83TMDHnwCUOirmuLUlFbH1+hHSo71wwg+4v
Oyq/01cOyPLjk3Zu53a1CP3tn0Q+QhLETYJYk0o/qk08t8MGgUHFsOF8H5NiNI3+
Rv5j9guBIgDtdq0TWeDOfIMduJs1qR1I4Rk5TppPTL/qH8n4eSnafgbunNyqELQ6
gu8cBx+vVjBfZxjAaPRx0pys0XhQ8ZloQjJLG0VWjOV1TCgNmeG9Uu/Lburb/C+9
3JedGUeQmkXJOEKkAlEez7n2O38CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ5UNjb
NqIvqFavbBvcMSpUY+2dwTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNmYTMxMzMtOGZkNC00ODE2LWFkMTQtYzQ5MTQ2MDc1ZjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJg
MA0GCSqGSIb3DQEBCwUAA4IBAQBYmgYAU7LNFAGA83YWr8GuLZz54dzzJBxEkUgY
F7yU4979niMrhU++HWpMTCjoTfnFzo5GpgrVVGdbVXX06oAgx2Jkh7NN7y08wnI2
KM+Fhbca+MG92QRR8Si1N+8/chsbF/WHGwGXbnddsHDQzd9RRNJJsVKAgpncsN/Z
CRQS/jgDe6Pbsl0erULB5oKQdiOdTWUTddL+4ImMzt78/jFW2D/6cqwhrT7ZuxGU
4lwJkrVm3QBH6XZLOlGA7bgB+sskHLQFE6a3xta/UfVFjYMuFV5moDeTG3fD2znG
7oyElrCdq/Y98m7kSJ43vUxvDBePbY4+NA0vUmel6yYHY0ys
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:34 2025 by rpki-client