Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
File: 9d030354-5f4d-47d4-9f96-310c9a509d02.roa (raw, json)
Hash identifier: KDoMiQkyBy3jU6kut2YX8U89Z5xlMU3HoBuAo7lRHN4=
Subject key identifier: F8:91:9B:4E:E8:E2:B0:8E:4F:31:38:56:A3:2E:DD:F6:CE:28:EE:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 719F814596DAAC072438E6F92121BD73F5691954
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
Signing time: Sun 19 Oct 2025 23:50:04 +0000
ROA not before: Sun 19 Oct 2025 23:50:04 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:9f:81:45:96:da:ac:07:24:38:e6:f9:21:21:bd:73:f5:69:19:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 19 23:50:04 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=d87ee61443268549cecf033f07d274b344b343e685f7e956898e535eeaa6b634, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c8:2c:5d:85:ed:69:ca:f7:07:28:de:9e:09:
e0:df:68:11:c2:c8:4a:09:7b:3e:18:19:87:e7:dd:
75:7e:83:5f:18:e0:b9:16:e5:cc:f7:c8:cd:c9:d1:
5a:80:b7:26:15:34:14:34:19:4e:a7:79:66:bc:99:
82:f5:b0:72:5b:c6:bf:e8:07:74:1f:fe:a4:64:f5:
18:bc:20:a7:9f:33:24:22:a7:3d:e1:11:76:47:2b:
cc:aa:61:c0:8b:87:24:ca:de:85:79:3b:42:f3:92:
70:17:e3:da:1b:a6:1a:ec:e3:8e:5e:44:32:9c:ac:
4f:c0:88:e5:73:9c:2b:2c:59:46:7f:23:91:43:ce:
02:0d:e4:fd:2f:d3:88:82:e0:a6:79:9c:d8:7e:91:
df:4c:ab:99:ce:78:f5:3d:5a:26:0f:51:52:df:0f:
73:df:7d:85:15:b9:0c:ff:32:40:cb:48:48:61:22:
98:ac:9e:2d:e1:df:9d:b5:c6:28:c7:fa:28:40:4d:
12:17:87:64:18:54:d3:e1:ff:7f:d6:8c:71:2a:f5:
ef:5c:b3:1a:99:93:d1:5c:20:c0:64:a7:ec:ac:68:
90:1d:79:27:c0:67:72:f0:50:20:41:16:f8:55:f5:
7b:57:ea:6c:9d:a0:90:05:cc:f9:29:46:d9:7b:6c:
c5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:91:9B:4E:E8:E2:B0:8E:4F:31:38:56:A3:2E:DD:F6:CE:28:EE:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:800::/40
Signature Algorithm: sha256WithRSAEncryption
6f:35:86:64:5f:00:e0:4b:f1:04:f1:1f:0f:4a:48:b6:df:6d:
3b:0d:d2:22:8b:a2:35:38:58:44:05:b9:d4:c6:c9:03:3c:fa:
c6:bc:c4:b3:22:73:9b:4a:a3:87:29:e7:7f:ab:d2:56:d7:d0:
02:f3:c5:6d:d8:28:01:30:e8:ab:54:c6:df:0b:56:e1:60:3c:
09:25:a3:6c:04:ba:88:36:f2:ff:93:23:29:83:16:5f:48:d3:
d1:f0:07:94:f6:e7:01:06:af:21:f7:31:28:ea:c7:e6:67:23:
ec:e7:10:25:36:07:88:f8:5f:ce:dc:82:fd:93:2e:e4:0e:76:
8f:a2:72:03:ae:40:79:6c:a1:90:e6:52:b6:72:5f:4f:bd:e3:
9d:92:f2:0b:6e:1d:6a:0d:f6:51:4e:d3:6f:60:7b:34:9a:b6:
68:0e:42:61:29:e6:d9:8f:8c:fe:c2:c9:b3:48:85:d7:2c:84:
f6:8b:2f:03:cf:20:e2:fd:23:1e:1b:c0:d4:ce:4c:3a:1f:65:
1b:65:5a:f2:9d:d2:73:fb:56:80:08:5b:b8:b1:9e:d7:02:af:
45:a4:36:f6:42:2c:b2:f9:fb:b9:5a:b6:06:b4:27:02:3d:e5:
8c:34:5f:2a:b2:00:f7:97:7c:20:c2:a0:81:06:80:d8:fd:da:
db:57:c2:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcZ+BRZbarAckOOb5ISG9c/VpGVQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTkyMzUwMDRaFw0yNTExMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4N2VlNjE0NDMyNjg1NDljZWNmMDMzZjA3ZDI3NGIzNDRiMzQzZTY4NWY3
ZTk1Njg5OGU1MzVlZWFhNmI2MzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvILF2F7WnK9wco3p4J4N9oEcLISgl7PhgZh+fddX6DXxjguRblzPfIzcnR
WoC3JhU0FDQZTqd5ZryZgvWwclvGv+gHdB/+pGT1GLwgp58zJCKnPeERdkcrzKph
wIuHJMrehXk7QvOScBfj2humGuzjjl5EMpysT8CI5XOcKyxZRn8jkUPOAg3k/S/T
iILgpnmc2H6R30yrmc549T1aJg9RUt8Pc999hRW5DP8yQMtISGEimKyeLeHfnbXG
KMf6KEBNEheHZBhU0+H/f9aMcSr171yzGpmT0VwgwGSn7KxokB15J8BncvBQIEEW
+FX1e1fqbJ2gkAXM+SlG2XtsxYMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT4kZtO
6OKwjk8xOFajLt32zijuIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQwMzAzNTQtNWY0ZC00N2Q0LTlmOTYtMzEwYzlhNTA5ZDAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAI
MA0GCSqGSIb3DQEBCwUAA4IBAQBvNYZkXwDgS/EE8R8PSki23207DdIii6I1OFhE
BbnUxskDPPrGvMSzInObSqOHKed/q9JW19AC88Vt2CgBMOirVMbfC1bhYDwJJaNs
BLqINvL/kyMpgxZfSNPR8AeU9ucBBq8h9zEo6sfmZyPs5xAlNgeI+F/O3IL9ky7k
DnaPonIDrkB5bKGQ5lK2cl9PveOdkvILbh1qDfZRTtNvYHs0mrZoDkJhKebZj4z+
wsmzSIXXLIT2iy8DzyDi/SMeG8DUzkw6H2UbZVryndJz+1aACFu4sZ7XAq9FpDb2
Qiyy+fu5WrYGtCcCPeWMNF8qsgD3l3wgwqCBBoDY/drbV8KB
-----END CERTIFICATE-----
Generated at Tue Oct 21 01:34:01 2025 by rpki-client