Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
File: 914a6acc-cb88-4da2-8443-fbaf927c9652.roa (raw, json)
Hash identifier: 129bnivwgs9xmXVJmOWIinPTU0VKO1C6YZCmZeB5f84=
Subject key identifier: 23:F7:55:D1:65:7F:E8:BE:87:BA:CD:A6:5E:DE:8E:30:EE:57:5A:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57E4903F8E877F11C0CC6F352697D5DE9D2907EA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
Signing time: Mon 06 Oct 2025 18:00:37 +0000
ROA not before: Mon 06 Oct 2025 18:00:37 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:e4:90:3f:8e:87:7f:11:c0:cc:6f:35:26:97:d5:de:9d:29:07:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:00:37 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=398b40926592c1ab2184d5bc729ba9bd39084728d3a87f65ecc0037766a807f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c9:d4:3e:aa:2d:55:fe:cc:28:48:3f:11:dc:
4e:dc:0f:a8:5e:8b:ab:46:b8:39:b9:7f:9b:eb:f6:
66:2e:e8:f8:27:68:72:68:fc:78:f1:76:10:25:a7:
21:66:7e:c5:91:d9:a2:09:c9:dc:62:c5:b9:f1:79:
60:47:17:86:32:11:d5:7d:29:f2:ff:6e:81:84:0a:
db:86:9e:ef:d6:7e:be:66:27:76:1e:93:b9:b5:45:
1a:b0:c6:ce:93:ec:b2:fc:1d:9d:84:e4:a1:d3:12:
cc:f1:6d:2c:33:7e:8c:07:84:03:a5:f6:2d:95:91:
9f:19:25:d5:aa:27:82:d7:a1:53:33:46:97:de:fb:
7d:83:75:98:85:b5:1c:c6:64:00:18:86:79:cb:36:
1b:ca:b8:4a:ef:36:b1:27:d9:64:4c:b5:6c:dd:80:
70:b5:26:cd:a5:f0:2f:83:89:2b:19:3f:57:56:15:
c6:b2:ed:da:b1:03:0b:f9:8b:96:4e:39:00:f3:66:
34:f6:e8:db:e5:62:a3:f1:f1:3e:d3:42:8f:e2:da:
f8:a9:5a:d4:82:9e:db:13:d5:1b:55:66:9f:1f:f4:
82:11:dd:64:a4:1e:9d:b4:25:f7:aa:33:f5:b0:b3:
14:3b:cb:8a:81:4a:28:87:db:46:a3:5c:29:b4:37:
3d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F7:55:D1:65:7F:E8:BE:87:BA:CD:A6:5E:DE:8E:30:EE:57:5A:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:9000::/40
Signature Algorithm: sha256WithRSAEncryption
59:3f:6f:d1:bf:f0:8a:9a:a8:f2:ba:45:d0:12:e9:63:8d:86:
e7:38:e1:59:10:0f:f5:47:81:ae:46:2d:5d:4e:14:06:69:f6:
83:10:fc:b9:51:ca:36:99:7b:02:99:b1:9f:c3:8c:ec:90:e7:
87:3b:f9:94:9a:f0:a2:9c:9e:d0:e6:cb:f5:40:24:3f:ea:65:
ce:f7:bb:a3:16:ee:2b:2c:b7:21:d5:f1:e1:92:0b:06:6b:2a:
f4:aa:55:1a:a7:19:e7:af:c4:86:63:6a:45:87:de:89:2e:93:
c5:da:5c:0e:96:ae:ab:7e:6a:e6:b9:d1:1d:20:9c:7b:f9:ee:
37:07:c3:62:0a:c9:5f:5a:70:e5:90:b5:63:fc:bd:93:c9:80:
fb:00:ff:f9:2a:6f:07:26:ac:db:7a:93:45:ad:b9:2c:14:76:
6a:48:0a:58:c7:c6:d8:05:c2:9a:60:e5:6f:0f:ff:dd:0c:e6:
3d:55:ab:fb:b7:a5:a1:fc:f5:5c:cc:da:5b:94:db:7d:17:56:
f5:e6:bd:73:42:02:24:8a:08:c0:51:59:c5:18:6a:73:3e:92:
37:fb:2d:ff:20:af:e3:a5:3e:42:e5:fd:a0:26:d7:03:78:df:
32:2e:c0:01:ba:0f:53:0c:87:b3:94:e3:cc:f3:aa:7b:04:96:
65:d6:94:33
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV+SQP46HfxHAzG81JpfV3p0pB+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAwMzdaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5OGI0MDkyNjU5MmMxYWIyMTg0ZDViYzcyOWJhOWJkMzkwODQ3MjhkM2E4
N2Y2NWVjYzAwMzc3NjZhODA3ZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLJ1D6qLVX+zChIPxHcTtwPqF6Lq0a4Obl/m+v2Zi7o+Cdocmj8ePF2ECWn
IWZ+xZHZognJ3GLFufF5YEcXhjIR1X0p8v9ugYQK24ae79Z+vmYndh6TubVFGrDG
zpPssvwdnYTkodMSzPFtLDN+jAeEA6X2LZWRnxkl1aongtehUzNGl977fYN1mIW1
HMZkABiGecs2G8q4Su82sSfZZEy1bN2AcLUmzaXwL4OJKxk/V1YVxrLt2rEDC/mL
lk45APNmNPbo2+Vio/HxPtNCj+La+Kla1IKe2xPVG1Vmnx/0ghHdZKQenbQl96oz
9bCzFDvLioFKKIfbRqNcKbQ3PakCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQj91XR
ZX/ovoe6zaZe3o4w7lda9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTE0YTZhY2MtY2I4OC00ZGEyLTg0NDMtZmJhZjkyN2M5NjUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBZP2/Rv/CKmqjyukXQEuljjYbnOOFZEA/1R4Gu
Ri1dThQGafaDEPy5Uco2mXsCmbGfw4zskOeHO/mUmvCinJ7Q5sv1QCQ/6mXO97uj
Fu4rLLch1fHhkgsGayr0qlUapxnnr8SGY2pFh96JLpPF2lwOlq6rfmrmudEdIJx7
+e43B8NiCslfWnDlkLVj/L2TyYD7AP/5Km8HJqzbepNFrbksFHZqSApYx8bYBcKa
YOVvD//dDOY9Vav7t6Wh/PVczNpblNt9F1b15r1zQgIkigjAUVnFGGpzPpI3+y3/
IK/jpT5C5f2gJtcDeN8yLsABug9TDIezlOPM86p7BJZl1pQz
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:23:01 2025 by rpki-client