Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: 0suEzQAcm/k8dmOiOOzNr6OdX5uRnZozOSlqi/4iS6g=
Subject key identifier: 44:32:8C:CA:09:39:CE:1C:B9:3C:B4:46:1E:A9:4E:93:87:17:1B:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B7A97AB7EC145C454EE4111A236EDC950F1274B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Fri 26 Sep 2025 20:11:24 +0000
ROA not before: Fri 26 Sep 2025 20:11:24 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:7a:97:ab:7e:c1:45:c4:54:ee:41:11:a2:36:ed:c9:50:f1:27:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:11:24 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=2f003e1484c2672a158c733476457e93e990e3194141cda0f13f0adbd067958a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f1:fd:a0:90:51:d4:e5:be:fa:ab:83:42:25:
9b:9c:bf:69:4e:f4:e3:48:6d:a7:4e:da:e4:3b:10:
d0:f5:ba:0b:09:37:a4:c2:30:fb:12:d4:10:f4:0b:
d9:22:74:28:2f:b4:78:ec:38:c7:13:b2:6a:51:ae:
4b:86:58:a1:d4:6f:78:7c:08:de:6f:f9:f1:c7:25:
9c:69:b3:b8:7f:32:c2:ec:0f:f7:2a:81:c3:08:98:
e7:02:5f:1e:cf:ad:76:14:ea:47:6a:38:31:d0:00:
e8:14:5c:e5:1f:a5:b1:f2:9b:76:03:cc:8d:0b:8c:
06:25:b2:59:c1:f7:e0:43:7c:ab:8d:5d:de:67:6a:
d5:62:9b:c3:2a:63:e0:25:12:09:f4:b5:52:75:4f:
56:c6:18:c0:ac:d3:49:9c:a7:3e:d2:50:b0:4b:b7:
8e:a8:f7:e9:75:c6:37:ed:2d:be:6a:36:49:e0:73:
73:f4:01:6d:18:22:5d:bf:f4:e3:e2:80:95:54:e3:
28:52:cb:64:3a:f2:ad:99:98:33:36:c5:1d:03:dd:
49:98:b9:3b:92:b5:91:5b:a1:cb:6a:12:a5:16:a2:
39:8a:0f:1a:87:0b:4c:f5:38:99:82:d6:bb:23:87:
6e:44:e6:d0:5c:e7:e7:16:0d:0b:13:bb:8a:0f:93:
fe:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:32:8C:CA:09:39:CE:1C:B9:3C:B4:46:1E:A9:4E:93:87:17:1B:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
0d:d9:f2:ae:85:17:b2:c8:49:fe:26:af:a1:5d:d9:7e:b5:b4:
40:f4:b7:58:3d:b1:18:b6:56:73:90:57:5d:49:e2:ac:85:40:
ab:d5:4d:07:2e:c2:08:cd:da:38:a0:ba:74:e1:ab:79:08:11:
6e:ff:f0:54:da:6d:70:26:ae:42:69:9d:5e:15:a5:08:ab:6e:
03:04:fa:93:57:51:ca:f8:a0:b7:e7:51:1a:2d:38:ed:7d:f5:
dc:d5:aa:4e:4d:33:4b:65:4c:fb:54:bf:86:01:e3:bd:8b:9a:
ab:40:d2:22:30:e2:2d:d5:12:c0:e9:97:51:7e:32:5a:e5:41:
58:cf:92:65:30:3f:c0:02:9f:a5:4d:a0:58:61:24:61:11:ba:
f6:85:83:57:d5:f9:56:a4:22:ba:91:ff:80:73:4e:23:57:01:
27:3a:82:2d:35:75:78:cf:e0:79:d1:94:15:35:ad:33:8f:75:
44:96:cf:21:93:1b:0c:2e:8d:53:ae:c2:ae:01:65:0d:5e:80:
11:e6:b5:5f:54:af:ac:80:b8:a2:89:5f:8d:b5:ed:00:81:21:
cb:a5:a4:7c:24:6a:2f:b7:f3:fd:49:04:98:7c:17:fa:f9:2c:
3e:ec:07:3e:63:1e:cc:2f:75:a6:e4:0b:bf:13:ec:ab:df:b1:
b7:4e:f5:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW3qXq37BRcRU7kERojbtyVDxJ0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDExMjRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmMDAzZTE0ODRjMjY3MmExNThjNzMzNDc2NDU3ZTkzZTk5MGUzMTk0MTQx
Y2RhMGYxM2YwYWRiZDA2Nzk1OGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANXx/aCQUdTlvvqrg0Ilm5y/aU7040htp07a5DsQ0PW6Cwk3pMIw+xLUEPQL
2SJ0KC+0eOw4xxOyalGuS4ZYodRveHwI3m/58cclnGmzuH8ywuwP9yqBwwiY5wJf
Hs+tdhTqR2o4MdAA6BRc5R+lsfKbdgPMjQuMBiWyWcH34EN8q41d3mdq1WKbwypj
4CUSCfS1UnVPVsYYwKzTSZynPtJQsEu3jqj36XXGN+0tvmo2SeBzc/QBbRgiXb/0
4+KAlVTjKFLLZDryrZmYMzbFHQPdSZi5O5K1kVuhy2oSpRaiOYoPGocLTPU4mYLW
uyOHbkTm0Fzn5xYNCxO7ig+T/m8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBREMozK
CTnOHLk8tEYeqU6ThxcbxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTlmZmEyMzgtOTEzMy00ZmE1LWFkODQtNDllNjdkMzQ4NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CoA
MA0GCSqGSIb3DQEBCwUAA4IBAQAN2fKuhReyyEn+Jq+hXdl+tbRA9LdYPbEYtlZz
kFddSeKshUCr1U0HLsIIzdo4oLp04at5CBFu//BU2m1wJq5CaZ1eFaUIq24DBPqT
V1HK+KC351EaLTjtffXc1apOTTNLZUz7VL+GAeO9i5qrQNIiMOIt1RLA6ZdRfjJa
5UFYz5JlMD/AAp+lTaBYYSRhEbr2hYNX1flWpCK6kf+Ac04jVwEnOoItNXV4z+B5
0ZQVNa0zj3VEls8hkxsMLo1TrsKuAWUNXoAR5rVfVK+sgLiiiV+Nte0AgSHLpaR8
JGovt/P9SQSYfBf6+Sw+7Ac+Yx7ML3Wm5Au/E+yr37G3TvVQ
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:08 2025 by rpki-client