Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
File: 9cdad1cc-641a-4187-9b79-fc696cb535f5.roa (raw, json)
Hash identifier: Hg8TLnYb8GBD2/r5DPcaH/B5hsUav6s0ivV78vCihb8=
Subject key identifier: 9A:04:17:D0:DA:27:FA:45:1F:77:68:A9:6D:75:BE:AF:2F:E1:8B:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79460E225AB560882799F7B0B04EA395DED06DDD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
Signing time: Sun 19 Oct 2025 23:50:11 +0000
ROA not before: Sun 19 Oct 2025 23:50:11 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:46:0e:22:5a:b5:60:88:27:99:f7:b0:b0:4e:a3:95:de:d0:6d:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 19 23:50:11 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=6e70419c03a4534cacf3f86033a134b0013bae7d115607a684cde5f8ffad8b71, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2c:56:3f:7f:a3:a8:f3:b7:be:fb:81:ef:07:
46:47:d6:c8:86:bf:5b:4f:d7:a0:38:6b:76:45:97:
e8:46:ff:25:16:18:5c:e1:8c:21:96:41:68:0d:01:
b6:eb:56:a8:48:fd:a0:9f:cf:cc:28:ef:7c:2d:47:
ce:9d:e7:e5:91:89:7a:b3:8e:a1:1c:f4:0e:68:6a:
55:ec:4f:32:7e:06:7d:30:48:56:f9:35:d7:35:f8:
e1:79:05:19:c8:47:d2:8b:2a:c2:5b:c2:7f:d9:ff:
d7:f5:0c:bf:14:a2:ab:30:6a:ac:97:25:72:fc:98:
43:6b:e3:d0:f0:ae:fd:e3:15:2b:39:91:07:e1:4a:
1d:ad:e5:35:e5:91:c8:d2:5b:10:76:fb:6a:e7:65:
c0:59:e2:3f:e8:d3:9a:38:3e:90:c6:c9:7e:25:17:
09:d9:45:cd:3c:83:35:6d:cb:80:ac:83:e0:46:12:
b9:34:3e:19:1d:8b:39:97:31:9e:1c:5c:7d:92:c4:
cc:a3:38:35:d3:28:32:d7:da:ed:33:d4:7f:c8:44:
e0:13:58:61:d2:2b:36:a8:3f:24:85:d5:a6:ea:d1:
a1:a4:70:f3:24:2e:0c:2e:e3:0e:58:28:03:d1:da:
26:cf:30:69:fd:3e:64:cd:2f:53:66:08:52:18:1d:
31:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:04:17:D0:DA:27:FA:45:1F:77:68:A9:6D:75:BE:AF:2F:E1:8B:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:800::/40
Signature Algorithm: sha256WithRSAEncryption
4b:6e:6a:7e:f0:fe:0b:13:af:bb:2c:48:67:65:24:b1:42:53:
f2:f0:f0:84:cc:7f:17:22:ce:fe:f4:0c:93:03:73:c5:c8:78:
b8:05:ad:4d:e0:24:1a:13:29:08:5e:37:59:e4:bd:d9:d9:08:
ee:10:3a:ce:39:21:ba:7d:31:93:ac:b6:e0:45:58:12:87:75:
1e:45:86:6a:3b:a4:7d:c3:36:7b:76:4c:41:06:f6:91:2d:8a:
3f:ba:ee:3e:03:bc:73:2f:ad:15:17:c2:52:c2:4f:71:56:cf:
46:47:9d:04:2f:ae:a6:7b:a6:d4:7a:af:6f:85:39:bb:c6:19:
ab:49:bd:17:cc:3c:10:61:bb:f1:f0:f4:df:fa:61:56:89:7b:
7e:22:55:1e:08:ee:b3:cf:fc:3c:28:d9:ee:b6:cd:15:7f:6f:
5e:6f:d1:b4:14:97:03:21:3c:6f:d4:05:1c:8d:d1:b6:9b:a7:
b5:20:8b:81:70:7b:6f:72:c3:fa:f6:94:7f:d7:f2:02:a1:ef:
c8:36:4c:cd:e5:ee:51:ad:95:c0:dc:cc:10:56:57:c6:22:d1:
13:40:c2:ad:e7:1c:f7:ee:e6:b6:2d:40:2c:b7:25:ee:45:a3:
81:80:8d:70:52:85:8e:7c:69:46:04:09:f6:e3:59:cb:ef:9a:
73:0b:2a:7d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeUYOIlq1YIgnmfewsE6jld7Qbd0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTkyMzUwMTFaFw0yNTExMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlNzA0MTljMDNhNDUzNGNhY2YzZjg2MDMzYTEzNGIwMDEzYmFlN2QxMTU2
MDdhNjg0Y2RlNWY4ZmZhZDhiNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJksVj9/o6jzt777ge8HRkfWyIa/W0/XoDhrdkWX6Eb/JRYYXOGMIZZBaA0B
tutWqEj9oJ/PzCjvfC1Hzp3n5ZGJerOOoRz0DmhqVexPMn4GfTBIVvk11zX44XkF
GchH0osqwlvCf9n/1/UMvxSiqzBqrJclcvyYQ2vj0PCu/eMVKzmRB+FKHa3lNeWR
yNJbEHb7audlwFniP+jTmjg+kMbJfiUXCdlFzTyDNW3LgKyD4EYSuTQ+GR2LOZcx
nhxcfZLEzKM4NdMoMtfa7TPUf8hE4BNYYdIrNqg/JIXVpurRoaRw8yQuDC7jDlgo
A9HaJs8waf0+ZM0vU2YIUhgdMckCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSaBBfQ
2if6RR93aKltdb6vL+GLZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWNkYWQxY2MtNjQxYS00MTg3LTliNzktZmM2OTZjYjUzNWY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8I
MA0GCSqGSIb3DQEBCwUAA4IBAQBLbmp+8P4LE6+7LEhnZSSxQlPy8PCEzH8XIs7+
9AyTA3PFyHi4Ba1N4CQaEykIXjdZ5L3Z2QjuEDrOOSG6fTGTrLbgRVgSh3UeRYZq
O6R9wzZ7dkxBBvaRLYo/uu4+A7xzL60VF8JSwk9xVs9GR50EL66me6bUeq9vhTm7
xhmrSb0XzDwQYbvx8PTf+mFWiXt+IlUeCO6zz/w8KNnuts0Vf29eb9G0FJcDITxv
1AUcjdG2m6e1IIuBcHtvcsP69pR/1/ICoe/INkzN5e5RrZXA3MwQVlfGItETQMKt
5xz37ua2LUAstyXuRaOBgI1wUoWOfGlGBAn241nL75pzCyp9
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:05 2025 by rpki-client