Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
File: c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa (raw, json)
Hash identifier: f/YjDLCRvhL7N+G2UO0pva+cTzBtEw6ZkuZQD1wg67c=
Subject key identifier: 03:92:85:01:45:2B:F0:AC:5F:81:06:30:AB:8A:F3:27:0D:AD:FC:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A78D076C2321297780812A3B5ADEF9F946C3950
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
Signing time: Fri 26 Sep 2025 19:38:53 +0000
ROA not before: Fri 26 Sep 2025 19:38:53 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:78:d0:76:c2:32:12:97:78:08:12:a3:b5:ad:ef:9f:94:6c:39:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:38:53 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=6797a8ab0d6d31813d4fecb88b3f4fa9ef475fa9623c685013f2180f6a5414fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5e:ff:33:de:6e:64:e0:4e:75:6c:48:54:63:
8f:8c:8a:2e:ab:e8:f7:f5:d9:e2:81:ac:a5:57:ff:
b3:f7:05:a4:13:3a:10:22:ec:8c:0d:72:5d:a9:ea:
6e:f0:6f:c4:a5:cc:88:53:e3:2e:66:f0:ad:28:93:
d9:88:67:71:40:6a:a6:c4:f2:20:ac:84:99:91:de:
52:62:6c:7c:99:8c:ec:74:ee:58:20:c2:c8:24:fd:
23:74:57:26:78:09:27:6e:f2:35:72:df:57:e2:7b:
43:6a:1b:4d:90:18:d2:de:be:94:55:e8:3f:a0:ab:
5a:0c:3d:c5:2c:93:18:71:8c:dd:35:07:00:ac:83:
23:66:69:d4:54:8c:94:1b:e3:e2:b2:57:85:46:b6:
67:21:8c:4d:e3:28:9d:1e:91:16:29:26:bd:18:4d:
11:c7:cb:59:c7:bf:ee:12:ea:31:0b:ba:84:14:53:
10:d2:10:a9:c7:a9:73:56:7e:81:13:d9:1a:65:c9:
57:eb:e0:33:4e:93:7e:1e:fe:71:ef:6b:e9:a8:25:
16:c1:97:b5:60:51:e7:6e:1a:04:9d:75:08:fa:00:
35:70:49:d2:f0:26:bb:e4:46:55:9a:5a:0e:4a:b7:
0c:53:b8:2c:54:6d:c1:87:87:a7:96:02:e9:a1:c0:
06:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:92:85:01:45:2B:F0:AC:5F:81:06:30:AB:8A:F3:27:0D:AD:FC:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:a000::/40
Signature Algorithm: sha256WithRSAEncryption
10:29:e1:86:0e:c8:1c:5d:3c:02:44:f6:c8:4d:9a:2a:c1:99:
ea:e6:94:c6:7f:a8:1c:fe:33:d2:4e:7d:d4:12:1e:4c:e9:ae:
52:26:e6:ae:dc:51:dc:db:34:dc:32:5a:6a:70:20:cd:dd:16:
9b:fc:0f:8d:58:35:ee:ef:68:26:85:40:0f:30:aa:4a:4b:be:
f8:ae:f4:c8:35:4b:6e:ad:15:21:98:f3:fb:49:dc:66:a4:10:
ca:c6:6e:87:8e:b3:eb:01:3a:8b:67:c4:22:71:48:93:89:f5:
bd:8d:68:00:e8:31:95:36:bf:eb:a3:11:51:54:13:6e:29:c0:
c6:a8:ad:85:79:02:48:a4:e1:ae:c6:2a:dd:1c:23:67:93:45:
29:37:57:ba:fa:97:20:f4:d8:7a:7b:47:b2:6f:e6:07:84:cf:
ac:0a:80:58:52:db:49:88:70:d8:ef:f9:47:ba:5c:c8:d2:f8:
cb:da:9d:ca:20:f9:3c:24:47:56:1e:d2:77:ae:7e:b6:9e:b8:
6f:2f:4c:a2:39:bb:77:a5:3f:34:91:2a:fc:ff:ff:31:51:77:
37:c0:bc:0f:4a:8c:5d:77:b6:a8:23:46:66:57:83:e7:0c:89:
75:5f:9b:1f:0f:71:a4:0e:76:13:bc:1b:aa:23:05:fb:a0:ec:
03:6f:c3:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSnjQdsIyEpd4CBKjta3vn5RsOVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTM4NTNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3OTdhOGFiMGQ2ZDMxODEzZDRmZWNiODhiM2Y0ZmE5ZWY0NzVmYTk2MjNj
Njg1MDEzZjIxODBmNmE1NDE0ZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOBe/zPebmTgTnVsSFRjj4yKLqvo9/XZ4oGspVf/s/cFpBM6ECLsjA1yXanq
bvBvxKXMiFPjLmbwrSiT2YhncUBqpsTyIKyEmZHeUmJsfJmM7HTuWCDCyCT9I3RX
JngJJ27yNXLfV+J7Q2obTZAY0t6+lFXoP6CrWgw9xSyTGHGM3TUHAKyDI2Zp1FSM
lBvj4rJXhUa2ZyGMTeMonR6RFikmvRhNEcfLWce/7hLqMQu6hBRTENIQqcepc1Z+
gRPZGmXJV+vgM06Tfh7+ce9r6aglFsGXtWBR524aBJ11CPoANXBJ0vAmu+RGVZpa
Dkq3DFO4LFRtwYeHp5YC6aHABj0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDkoUB
RSvwrF+BBjCrivMnDa38nDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzM5ZGQ3MWMtZjIyYy00YmI0LTljNmYtZGZjOGM2YTAyZmZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6g
MA0GCSqGSIb3DQEBCwUAA4IBAQAQKeGGDsgcXTwCRPbITZoqwZnq5pTGf6gc/jPS
Tn3UEh5M6a5SJuau3FHc2zTcMlpqcCDN3Rab/A+NWDXu72gmhUAPMKpKS774rvTI
NUturRUhmPP7SdxmpBDKxm6HjrPrATqLZ8QicUiTifW9jWgA6DGVNr/roxFRVBNu
KcDGqK2FeQJIpOGuxirdHCNnk0UpN1e6+pcg9Nh6e0eyb+YHhM+sCoBYUttJiHDY
7/lHulzI0vjL2p3KIPk8JEdWHtJ3rn62nrhvL0yiObt3pT80kSr8//8xUXc3wLwP
Soxdd7aoI0ZmV4PnDIl1X5sfD3GkDnYTvBuqIwX7oOwDb8Nj
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:22 2025 by rpki-client