Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
File: 8e492412-994d-4c48-a29e-9082ebce3349.roa (raw, json)
Hash identifier: PpnZnYkMq/gqEGMkyKg89NmeEwNbmIYATOJe3LmGW7U=
Subject key identifier: 16:6D:AC:4F:BD:56:C3:F2:AD:5D:59:75:D5:6E:F3:14:33:32:EA:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71D683D106DFC15C46D82BDA73971153AF254DE5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
Signing time: Fri 26 Sep 2025 19:20:19 +0000
ROA not before: Fri 26 Sep 2025 19:20:19 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:d6:83:d1:06:df:c1:5c:46:d8:2b:da:73:97:11:53:af:25:4d:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:20:19 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=8162c98b005306b836ef85b112c53a078226ddc27d857037d77079ff6ce89344, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:43:98:b8:90:ee:1e:50:f1:f0:0e:7c:ae:3b:
b0:fa:b0:6f:d5:5d:f6:39:79:29:7b:92:15:72:24:
67:1b:7c:45:3a:7e:13:f2:fa:1e:b2:e4:7a:9e:74:
c7:61:ea:6b:f8:c2:91:56:e4:c2:cd:d0:84:03:63:
58:66:d5:05:3d:33:d5:f3:d7:ee:e3:4c:da:ef:4e:
27:62:ec:90:cb:1b:3d:9d:5e:be:17:d0:fe:34:f1:
7c:e6:4c:26:8a:92:e6:0b:d9:c7:b4:a7:0b:ae:27:
db:9b:2c:cc:c3:78:04:98:04:1e:18:27:3e:5f:88:
4c:94:45:d7:30:a0:7e:9e:7c:79:9e:af:dd:65:1a:
75:55:0a:f3:05:8b:7e:23:97:a8:06:31:2c:8b:80:
6e:00:7f:1e:15:6e:0e:49:65:f9:01:6c:b7:49:61:
c4:2b:09:0d:0d:9c:ab:0c:08:85:d0:3f:79:7a:57:
33:75:82:4d:74:be:1d:0b:57:8e:1a:48:fc:91:19:
0e:80:e4:f1:09:66:59:36:25:66:e4:c1:53:85:d8:
d7:59:3c:cd:bc:ce:06:69:3c:3a:c8:ac:3e:c2:9b:
13:3b:f2:54:d0:9f:34:cb:b4:4d:49:23:a1:89:9e:
e4:39:47:e8:f1:fb:4f:c5:a3:f1:25:b2:50:9d:7a:
c6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:6D:AC:4F:BD:56:C3:F2:AD:5D:59:75:D5:6E:F3:14:33:32:EA:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
40:7e:ba:90:27:d6:c4:d5:d2:59:b2:8f:d7:5d:04:b7:f5:30:
3b:21:29:33:fc:58:45:be:23:49:ec:71:2e:92:c6:c1:57:00:
aa:d4:d7:10:2e:45:ba:ce:7c:3b:54:ec:a5:46:a7:1e:e9:6a:
92:b9:56:c0:97:2c:2f:52:bd:dc:0a:e3:23:d9:4a:5b:02:25:
f9:a5:a5:a7:56:54:3a:d4:6c:25:3f:41:9e:27:e5:b2:64:ce:
e8:49:cc:63:d7:b7:ce:cb:4d:6b:db:33:13:91:3f:b8:ba:ab:
4f:d9:8a:46:bc:ec:6b:99:0b:d2:ca:41:8b:2a:4d:a9:f5:3b:
b4:16:b6:7c:b4:a9:73:35:cc:07:91:64:d2:6a:5a:36:36:b1:
1a:e6:61:66:69:38:ef:ec:f2:6c:d5:d0:e3:19:e9:b6:c7:7f:
e5:b5:e3:56:f8:d7:ca:dd:47:30:32:18:bf:1d:6c:fa:ff:40:
f0:a9:d0:e0:1b:be:11:63:0e:22:ee:37:24:84:77:62:2a:af:
11:18:dd:ff:a6:b8:89:0b:b8:7c:28:16:f4:00:3f:b6:e6:cb:
c9:6a:24:63:47:49:c7:65:eb:1b:8d:f3:dc:1d:c5:dd:b1:f3:
72:68:99:5f:88:54:ff:0c:59:25:04:0e:61:84:a6:b3:50:d6:
c2:30:8a:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcdaD0QbfwVxG2Cvac5cRU68lTeUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTIwMTlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxNjJjOThiMDA1MzA2YjgzNmVmODViMTEyYzUzYTA3ODIyNmRkYzI3ZDg1
NzAzN2Q3NzA3OWZmNmNlODkzNDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJDmLiQ7h5Q8fAOfK47sPqwb9Vd9jl5KXuSFXIkZxt8RTp+E/L6HrLkep50
x2Hqa/jCkVbkws3QhANjWGbVBT0z1fPX7uNM2u9OJ2LskMsbPZ1evhfQ/jTxfOZM
JoqS5gvZx7SnC64n25sszMN4BJgEHhgnPl+ITJRF1zCgfp58eZ6v3WUadVUK8wWL
fiOXqAYxLIuAbgB/HhVuDkll+QFst0lhxCsJDQ2cqwwIhdA/eXpXM3WCTXS+HQtX
jhpI/JEZDoDk8QlmWTYlZuTBU4XY11k8zbzOBmk8OsisPsKbEzvyVNCfNMu0TUkj
oYme5DlH6PH7T8Wj8SWyUJ16xuUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWbaxP
vVbD8q1dWXXVbvMUMzLq0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0OTI0MTItOTk0ZC00YzQ4LWEyOWUtOTA4MmViY2UzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HqA
MA0GCSqGSIb3DQEBCwUAA4IBAQBAfrqQJ9bE1dJZso/XXQS39TA7ISkz/FhFviNJ
7HEuksbBVwCq1NcQLkW6znw7VOylRqce6WqSuVbAlywvUr3cCuMj2UpbAiX5paWn
VlQ61GwlP0GeJ+WyZM7oScxj17fOy01r2zMTkT+4uqtP2YpGvOxrmQvSykGLKk2p
9Tu0FrZ8tKlzNcwHkWTSalo2NrEa5mFmaTjv7PJs1dDjGem2x3/lteNW+NfK3Ucw
Mhi/HWz6/0DwqdDgG74RYw4i7jckhHdiKq8RGN3/priJC7h8KBb0AD+25svJaiRj
R0nHZesbjfPcHcXdsfNyaJlfiFT/DFklBA5hhKazUNbCMIpr
-----END CERTIFICATE-----
Generated at Tue Oct 21 01:35:45 2025 by rpki-client