Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
File: c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa (raw, json)
Hash identifier: 99LguaHgtm1Y9bMzAN3zpvAA7JwF6fxBLzJ4shJtfGA=
Subject key identifier: 3A:98:94:FF:77:44:AF:F8:03:D6:A0:18:B4:9C:41:84:CB:FC:C2:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 562BE852CAB455D2B0D3C922154D3984CC17E350
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
Signing time: Fri 26 Sep 2025 19:10:12 +0000
ROA not before: Fri 26 Sep 2025 19:10:12 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:2b:e8:52:ca:b4:55:d2:b0:d3:c9:22:15:4d:39:84:cc:17:e3:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:10:12 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=ed658a97b33ae8dcfae153beaf92adf5cb9a0c4d82244f45ae416e454018f494, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1c:3a:1a:2f:0e:5a:29:ff:29:70:a7:bc:79:
6f:56:0f:94:30:a7:1a:d1:68:b3:5f:5b:14:a9:bb:
e2:25:e6:f7:9f:1a:c8:cd:4a:a0:5d:11:d9:f7:58:
2e:f8:5f:05:22:b6:c7:78:05:f3:d4:ce:62:d0:29:
3f:5a:c5:94:e1:b5:83:e9:c0:38:fb:3f:36:24:37:
28:45:6a:7c:fc:9e:f0:45:ff:e6:34:46:f1:3d:cc:
b3:db:34:e5:86:2d:92:eb:49:2f:c2:67:ae:a2:50:
b9:9c:aa:7e:21:97:b5:ad:0b:ca:f9:b9:dc:19:19:
e2:13:f9:bd:4b:d4:1a:80:41:31:e1:f8:95:d7:d6:
46:bf:3e:77:cd:71:6e:fb:18:0a:91:99:a3:2b:74:
28:8c:7f:77:b9:a3:2f:1d:03:ce:3c:1a:77:b9:d7:
8a:e8:4a:38:c3:07:8b:af:de:20:9b:20:12:82:24:
3e:d1:3d:7b:fb:76:73:f5:56:85:55:f4:b6:5c:de:
06:85:ff:84:5d:10:64:8f:14:f8:d4:2d:6f:f2:46:
ce:60:ab:22:88:96:ea:79:06:3d:28:04:af:16:51:
78:0e:c8:77:d4:59:e9:51:73:8e:b1:d3:14:c6:3b:
20:ee:e3:63:bb:be:26:86:b7:97:23:2e:ae:b6:84:
32:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:98:94:FF:77:44:AF:F8:03:D6:A0:18:B4:9C:41:84:CB:FC:C2:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:34:5a:b6:7e:d0:8d:b8:82:e0:18:1f:44:b4:57:4a:87:0d:
86:f1:17:af:fa:1c:67:46:19:61:b4:14:12:bf:d8:c6:b4:47:
43:fa:be:37:e1:fc:06:ca:84:07:b3:37:78:25:48:ec:8a:92:
54:bb:b9:ea:3d:11:6c:7c:cd:f7:98:ef:af:0e:a5:5d:94:cb:
44:8a:8d:d1:ba:2a:80:33:20:8c:0e:5b:bd:8d:62:33:01:8d:
88:29:33:b3:ab:3f:94:c2:ca:4e:ec:ce:5b:05:91:c1:b4:26:
72:f1:1a:95:1e:d2:58:55:d4:9c:24:30:b2:64:b7:dc:a2:5e:
13:08:45:87:8f:36:fa:cc:d3:45:58:14:97:3c:af:78:c5:f4:
e8:47:3f:41:b3:d5:6d:44:22:63:af:89:39:9b:fa:ff:60:53:
7f:62:65:51:38:ad:ff:7a:2e:b2:b5:2a:f7:ac:42:ed:36:30:
a6:5e:66:92:37:5f:78:37:cd:83:c0:00:83:5d:29:38:9a:3b:
36:91:f3:1e:f7:4e:fc:ae:0c:dc:cd:d8:b0:94:7d:ec:7d:69:
c4:af:49:0c:e2:bf:f1:e8:2b:90:26:04:fc:db:e0:47:6c:c6:
61:af:38:db:bf:06:84:ef:82:d6:a5:13:e6:bf:6c:83:1c:6f:
a5:e9:bb:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVivoUsq0VdKw08kiFU05hMwX41AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTEwMTJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkNjU4YTk3YjMzYWU4ZGNmYWUxNTNiZWFmOTJhZGY1Y2I5YTBjNGQ4MjI0
NGY0NWFlNDE2ZTQ1NDAxOGY0OTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOccOhovDlop/ylwp7x5b1YPlDCnGtFos19bFKm74iXm958ayM1KoF0R2fdY
LvhfBSK2x3gF89TOYtApP1rFlOG1g+nAOPs/NiQ3KEVqfPye8EX/5jRG8T3Ms9s0
5YYtkutJL8JnrqJQuZyqfiGXta0Lyvm53BkZ4hP5vUvUGoBBMeH4ldfWRr8+d81x
bvsYCpGZoyt0KIx/d7mjLx0Dzjwad7nXiuhKOMMHi6/eIJsgEoIkPtE9e/t2c/VW
hVX0tlzeBoX/hF0QZI8U+NQtb/JGzmCrIoiW6nkGPSgErxZReA7Id9RZ6VFzjrHT
FMY7IO7jY7u+Joa3lyMurraEMoECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6mJT/
d0Sv+APWoBi0nEGEy/zCsDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzNmNGIwZTAtZGY2ZC00ODFhLThkNzUtNzcwOWU1NDVkMWU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIg
MA0GCSqGSIb3DQEBCwUAA4IBAQA8NFq2ftCNuILgGB9EtFdKhw2G8Rev+hxnRhlh
tBQSv9jGtEdD+r434fwGyoQHszd4JUjsipJUu7nqPRFsfM33mO+vDqVdlMtEio3R
uiqAMyCMDlu9jWIzAY2IKTOzqz+UwspO7M5bBZHBtCZy8RqVHtJYVdScJDCyZLfc
ol4TCEWHjzb6zNNFWBSXPK94xfToRz9Bs9VtRCJjr4k5m/r/YFN/YmVROK3/ei6y
tSr3rELtNjCmXmaSN194N82DwACDXSk4mjs2kfMe9078rgzczdiwlH3sfWnEr0kM
4r/x6CuQJgT82+BHbMZhrzjbvwaE74LWpRPmv2yDHG+l6bui
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:57 2025 by rpki-client