Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
File: a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa (raw, json)
Hash identifier: dMF3rCHwXZ3d318gYJYigjSXqVCQnChQiPde8yx/SU4=
Subject key identifier: 3E:CB:60:3F:22:8B:7B:A1:AA:FB:CA:7C:2C:8C:0A:3E:2E:90:D8:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14564AA9AF0846DB18815C0F58AD78DB1BD2B6D9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
Signing time: Fri 10 Oct 2025 17:04:24 +0000
ROA not before: Fri 10 Oct 2025 17:04:24 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:56:4a:a9:af:08:46:db:18:81:5c:0f:58:ad:78:db:1b:d2:b6:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:04:24 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=0e55ea6c9b80db51eeacd1c12cf6dc224450921b51430cc2a702358acedd1b9c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ad:ef:aa:9a:e5:0b:21:c6:13:af:dc:ab:95:
7e:c0:8e:ef:b4:7d:36:f8:48:23:8f:29:a4:33:bd:
f9:2d:fa:0d:03:f8:32:5a:42:a0:b5:f5:f1:03:5f:
5e:64:34:98:a1:ca:1f:81:dc:f2:90:4e:35:ea:f2:
10:a7:b9:03:c2:11:6b:d5:fa:9e:77:ba:f1:c6:06:
04:31:0f:4d:bd:3c:6b:ca:41:a9:f5:a2:65:28:69:
2c:2c:81:5d:36:bb:d7:55:5b:79:69:a3:73:79:fc:
69:cf:8f:b9:e8:76:ee:59:ee:8c:2b:bc:c4:82:b9:
06:79:2d:cb:20:4a:a1:05:fa:e3:01:eb:ad:36:24:
5f:02:80:bd:e8:3b:9c:4f:59:62:6a:52:0d:f2:a0:
92:89:be:89:32:09:6a:f9:eb:98:83:0d:fd:33:8e:
eb:25:d1:fa:26:89:0e:e9:50:89:20:34:46:2e:3f:
05:79:ec:de:4b:3c:12:ac:82:85:49:4e:62:56:28:
c6:32:c6:9e:ff:b7:5a:b5:91:03:47:5a:4b:c5:c8:
7a:66:5c:7a:af:14:15:2a:84:bb:34:d8:f6:04:42:
7e:35:3e:26:67:19:2b:4f:2f:72:0f:47:8f:35:f2:
4f:28:2a:62:a7:dd:d5:fb:98:6f:3a:35:30:d0:51:
20:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:CB:60:3F:22:8B:7B:A1:AA:FB:CA:7C:2C:8C:0A:3E:2E:90:D8:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:b000::/40
Signature Algorithm: sha256WithRSAEncryption
31:e6:d9:40:a8:ad:77:b1:33:35:cb:ac:a1:6b:36:3f:b2:f8:
9f:95:c4:a0:43:93:02:6a:20:a7:62:5a:b6:04:c2:0d:02:8d:
38:c3:af:49:ca:e7:aa:36:7a:77:29:95:77:73:04:7a:0e:89:
c0:53:4d:04:6c:ce:e8:15:db:f1:e1:e0:44:22:a5:28:aa:70:
fa:d9:35:fc:34:61:44:4e:65:33:49:bc:a6:20:54:aa:e7:ed:
76:29:c0:82:94:c2:ec:de:4a:80:7e:19:6e:28:30:f3:da:cb:
73:c1:1f:dc:12:49:69:d2:1b:81:65:8d:c0:40:70:a3:6f:95:
92:fc:41:67:11:0f:25:89:37:b8:49:ce:b1:bc:6b:62:e0:a0:
ab:54:f8:1c:6f:b1:6a:ba:68:0c:f8:9f:eb:98:2b:2f:d6:dc:
31:b4:d0:fb:2c:8d:54:90:81:a7:11:73:28:23:9b:94:d4:8c:
bf:05:c1:27:0a:3c:9a:b6:dc:a2:6b:fa:a7:b7:ed:9f:62:f5:
5c:1a:00:a1:f2:30:35:25:16:01:43:3f:03:a6:cd:74:a6:09:
a6:91:9c:ac:3d:ed:5a:11:df:7b:79:c2:c2:0e:42:9f:d1:a4:
26:d2:96:9b:0c:35:4f:e8:e0:09:9f:b4:4d:7f:bd:98:ec:a1:
e1:d1:f6:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFFZKqa8IRtsYgVwPWK142xvSttkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzA0MjRaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlNTVlYTZjOWI4MGRiNTFlZWFjZDFjMTJjZjZkYzIyNDQ1MDkyMWI1MTQz
MGNjMmE3MDIzNThhY2VkZDFiOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6t76qa5QshxhOv3KuVfsCO77R9NvhII48ppDO9+S36DQP4MlpCoLX18QNf
XmQ0mKHKH4Hc8pBONeryEKe5A8IRa9X6nne68cYGBDEPTb08a8pBqfWiZShpLCyB
XTa711VbeWmjc3n8ac+Pueh27lnujCu8xIK5BnktyyBKoQX64wHrrTYkXwKAveg7
nE9ZYmpSDfKgkom+iTIJavnrmIMN/TOO6yXR+iaJDulQiSA0Ri4/BXns3ks8EqyC
hUlOYlYoxjLGnv+3WrWRA0daS8XIemZceq8UFSqEuzTY9gRCfjU+JmcZK08vcg9H
jzXyTygqYqfd1fuYbzo1MNBRIIcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ+y2A/
Iot7oar7ynwsjAo+LpDYYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc4YWVmYjQtZDFlYi00YTExLTk4OTktYmY2NzI5ZTE4Y2NkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSw
MA0GCSqGSIb3DQEBCwUAA4IBAQAx5tlAqK13sTM1y6yhazY/sviflcSgQ5MCaiCn
Ylq2BMINAo04w69JyueqNnp3KZV3cwR6DonAU00EbM7oFdvx4eBEIqUoqnD62TX8
NGFETmUzSbymIFSq5+12KcCClMLs3kqAfhluKDDz2stzwR/cEklp0huBZY3AQHCj
b5WS/EFnEQ8liTe4Sc6xvGti4KCrVPgcb7FqumgM+J/rmCsv1twxtND7LI1UkIGn
EXMoI5uU1Iy/BcEnCjyattyia/qnt+2fYvVcGgCh8jA1JRYBQz8Dps10pgmmkZys
Pe1aEd97ecLCDkKf0aQm0pabDDVP6OAJn7RNf72Y7KHh0fZ2
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:39 2025 by rpki-client