Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
File: 9ea9340f-dd25-4e30-a952-27ce8d9906df.roa (raw, json)
Hash identifier: 2oAVTdKSJt74PLqm+OD6EiYNSNcVuvPEVCtNUXOrKAA=
Subject key identifier: A0:53:8F:AF:90:35:5D:87:44:84:69:1E:9B:96:94:22:A7:6E:F5:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56A38C4A5AF11CF908E47DACF0E063CFECF9527D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
Signing time: Mon 13 Oct 2025 17:55:58 +0000
ROA not before: Mon 13 Oct 2025 17:55:58 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:a3:8c:4a:5a:f1:1c:f9:08:e4:7d:ac:f0:e0:63:cf:ec:f9:52:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:55:58 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=255a12e8c5e716db1ef0ce47f332f706816f5e2d4644b1c00c3386397b3ad709, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:11:97:b8:a1:1c:1f:0d:a9:e5:3c:f6:92:3f:
1c:68:f2:ce:d6:f4:e4:20:f2:a4:2f:57:ad:4f:b7:
6e:86:6b:17:20:1f:19:dd:e9:79:97:04:6d:24:5b:
16:b5:de:55:12:7e:5d:a2:a5:de:2c:56:a8:a8:0f:
87:76:b2:3d:d3:44:6e:40:51:51:91:d8:ce:6e:86:
cf:bd:50:91:c8:d3:21:04:df:7b:ea:0f:f5:bb:cc:
a4:10:ff:fd:06:e8:6f:2c:4e:fe:dc:ef:e4:46:b2:
21:d0:69:45:95:c8:ee:02:5b:da:66:76:d0:d1:d3:
0a:91:5c:07:b7:e8:33:7f:21:e2:71:c8:2a:a3:c5:
6d:37:41:14:ab:97:4b:39:6e:b2:49:3d:56:8d:ac:
a9:39:95:b6:7f:d6:ba:63:53:b7:c8:15:96:6c:ad:
fc:75:4b:30:9f:f9:b6:0f:9f:f6:2b:76:cc:3b:cd:
5e:f5:43:e7:69:fb:42:87:77:77:12:c4:cf:7e:ad:
02:0b:f3:0c:d4:2d:1d:f0:10:df:02:80:81:25:b2:
4d:77:f8:dc:6d:2b:76:30:d6:6d:78:64:5e:ea:d6:
f7:ef:dc:09:f0:d9:be:33:52:25:59:44:45:38:e9:
e0:21:0d:cd:51:4c:e3:e4:f6:21:36:23:cb:9c:45:
21:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:53:8F:AF:90:35:5D:87:44:84:69:1E:9B:96:94:22:A7:6E:F5:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:4000::/40
Signature Algorithm: sha256WithRSAEncryption
33:9e:19:14:2f:ca:a9:99:74:e5:18:4b:ae:58:46:e6:35:20:
71:dd:38:91:95:37:45:71:24:ca:8d:30:0e:1e:b0:df:58:10:
9a:49:71:35:c3:e9:36:f8:68:1d:f0:f2:4d:81:e7:d9:cb:e6:
2d:f5:63:f8:04:f9:ba:d2:e0:8b:09:0b:16:f3:d6:45:91:8f:
8e:45:0c:fe:78:c6:a0:a0:cc:27:69:fc:93:a5:8e:dc:7c:4f:
68:41:f6:d5:fd:a5:93:4a:8c:7b:44:71:d0:50:02:a6:5f:57:
f5:86:1c:4a:4a:15:b2:e3:6f:4c:5f:c7:bf:5f:49:9c:70:bb:
27:a9:60:f4:ec:4f:01:98:15:94:6f:39:8d:d2:be:c7:ee:34:
b0:8c:2d:01:65:43:42:4c:4f:58:8d:7a:2d:11:87:25:b3:c5:
f3:d1:35:37:33:45:5f:13:69:c7:d5:11:d1:b9:8c:27:87:59:
a4:ac:e0:ff:e5:49:1d:40:e3:44:88:36:91:69:40:ed:85:c2:
87:a2:47:66:83:55:95:d3:2f:ec:7b:bb:55:ee:61:c7:0b:c4:
34:38:b9:42:4d:26:d1:e8:62:7a:80:73:8a:cb:15:a0:42:b2:
11:b3:f1:b2:7f:0d:f0:60:2f:97:06:85:2d:1e:93:93:bc:dc:
d8:16:4a:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVqOMSlrxHPkI5H2s8OBjz+z5Un0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU1NThaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1NWExMmU4YzVlNzE2ZGIxZWYwY2U0N2YzMzJmNzA2ODE2ZjVlMmQ0NjQ0
YjFjMDBjMzM4NjM5N2IzYWQ3MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkRl7ihHB8NqeU89pI/HGjyztb05CDypC9XrU+3boZrFyAfGd3peZcEbSRb
FrXeVRJ+XaKl3ixWqKgPh3ayPdNEbkBRUZHYzm6Gz71QkcjTIQTfe+oP9bvMpBD/
/QbobyxO/tzv5EayIdBpRZXI7gJb2mZ20NHTCpFcB7foM38h4nHIKqPFbTdBFKuX
Szluskk9Vo2sqTmVtn/WumNTt8gVlmyt/HVLMJ/5tg+f9it2zDvNXvVD52n7Qod3
dxLEz36tAgvzDNQtHfAQ3wKAgSWyTXf43G0rdjDWbXhkXurW9+/cCfDZvjNSJVlE
RTjp4CENzVFM4+T2ITYjy5xFIeMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgU4+v
kDVdh0SEaR6blpQip271LjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVhOTM0MGYtZGQyNS00ZTMwLWE5NTItMjdjZThkOTkwNmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBA
MA0GCSqGSIb3DQEBCwUAA4IBAQAznhkUL8qpmXTlGEuuWEbmNSBx3TiRlTdFcSTK
jTAOHrDfWBCaSXE1w+k2+Ggd8PJNgefZy+Yt9WP4BPm60uCLCQsW89ZFkY+ORQz+
eMagoMwnafyTpY7cfE9oQfbV/aWTSox7RHHQUAKmX1f1hhxKShWy429MX8e/X0mc
cLsnqWD07E8BmBWUbzmN0r7H7jSwjC0BZUNCTE9YjXotEYcls8Xz0TU3M0VfE2nH
1RHRuYwnh1mkrOD/5UkdQONEiDaRaUDthcKHokdmg1WV0y/se7tV7mHHC8Q0OLlC
TSbR6GJ6gHOKyxWgQrIRs/Gyfw3wYC+XBoUtHpOTvNzYFkqG
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:38:40 2025 by rpki-client