Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa
File: c42c966b-1b62-4165-bbfb-62aaaca567ad.roa (raw, json)
Hash identifier: qhZg2AV5x6ACxsPTGFiRK6rh3D1SFJ9YxLmo10DzEO4=
Subject key identifier: 71:99:AD:26:64:76:A1:16:8C:DF:EF:94:45:53:0B:40:BA:EB:3A:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3882110C40094B19922DCD54A11A0D6463D12A08
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa
Signing time: Fri 17 Oct 2025 23:20:15 +0000
ROA not before: Fri 17 Oct 2025 23:20:15 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:82:11:0c:40:09:4b:19:92:2d:cd:54:a1:1a:0d:64:63:d1:2a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 17 23:20:15 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=425cda133f33084849b54f8c0bfca684a73ac783cc5daa91d5aed504408fe37f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:69:7c:80:60:b7:4d:64:03:f3:9a:b3:77:ba:
7a:5d:9c:c9:16:7c:2b:78:87:4e:66:29:50:cb:a4:
68:39:59:b1:1c:f7:94:56:bd:cb:81:c4:77:28:9a:
3c:46:78:02:73:8c:32:2f:91:05:43:15:bc:81:34:
de:66:c5:9b:a5:8d:2a:2b:35:e3:46:6a:62:31:5a:
56:5e:58:a6:11:1c:c4:11:ee:4e:92:fc:cf:08:43:
2d:92:0d:fc:32:42:5b:8b:a0:12:b8:74:ef:30:fd:
5d:0b:ca:f5:20:51:ba:ec:a1:83:44:a3:0e:d6:e9:
5b:53:83:86:75:17:64:1b:cc:9d:8d:50:d4:cb:48:
ca:42:2f:2a:91:67:ad:e5:f9:32:49:2a:ec:a6:f4:
59:4f:34:6c:cf:53:14:9d:7f:c1:e8:74:25:1c:4a:
e4:3f:eb:ce:45:ef:dc:2b:d3:74:19:f3:16:78:c3:
f1:f6:14:f2:a6:8d:ec:4e:81:e1:e0:46:47:c6:b3:
5e:e9:9e:05:2a:99:d8:64:89:e7:fa:c0:08:91:78:
ff:cc:9b:84:04:91:a2:01:7c:95:30:49:54:4f:42:
ae:f5:1d:44:96:ee:bf:7e:de:30:3d:f3:67:d0:f1:
09:48:6f:74:5e:c3:40:7c:9d:39:16:41:47:3f:77:
73:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:99:AD:26:64:76:A1:16:8C:DF:EF:94:45:53:0B:40:BA:EB:3A:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077::/32
Signature Algorithm: sha256WithRSAEncryption
0d:0c:6d:fe:bd:4d:fb:16:bb:47:f5:53:ad:3f:e4:55:9a:51:
5f:01:5d:c0:1d:2f:67:de:a6:cf:5d:72:8c:7a:e6:d2:cf:ce:
a0:f0:77:7d:8d:2f:31:87:aa:e6:b3:f1:55:97:c9:f1:be:21:
26:6d:79:d4:c6:d8:cc:bf:67:54:95:e9:07:f8:bb:f1:8e:7b:
e5:d2:14:93:3c:ad:f9:71:0b:76:83:bd:b5:46:c4:62:c0:7b:
be:a4:3d:03:c0:12:08:07:1a:77:86:f8:45:4f:6c:90:61:ed:
8c:4b:bd:19:ad:95:00:75:08:91:75:bd:d8:b8:e9:25:6d:91:
ff:f8:29:9d:e6:28:9e:fb:a8:4b:81:be:7c:89:f5:fa:43:20:
b8:7b:50:67:11:42:99:33:f2:e2:e9:a9:50:fa:62:b7:93:84:
cd:80:52:72:d6:7b:c2:fa:16:5b:84:58:54:19:6c:b7:55:88:
41:f8:4d:0a:60:aa:73:6a:99:5c:c5:ce:37:29:e6:96:48:b2:
3c:4d:af:9b:fe:a8:96:25:df:44:6c:c7:65:d8:0e:9b:c6:65:
d9:20:93:01:dd:49:39:a7:51:39:ce:59:17:c0:b7:5e:6e:92:
d4:66:96:f6:18:ef:50:a3:1f:cc:6d:d1:a4:54:eb:10:f0:6c:
3a:28:41:63
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUOIIRDEAJSxmSLc1UoRoNZGPRKggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTcyMzIwMTVaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyNWNkYTEzM2YzMzA4NDg0OWI1NGY4YzBiZmNhNjg0YTczYWM3ODNjYzVk
YWE5MWQ1YWVkNTA0NDA4ZmUzN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlpfIBgt01kA/Oas3e6el2cyRZ8K3iHTmYpUMukaDlZsRz3lFa9y4HEdyia
PEZ4AnOMMi+RBUMVvIE03mbFm6WNKis140ZqYjFaVl5YphEcxBHuTpL8zwhDLZIN
/DJCW4ugErh07zD9XQvK9SBRuuyhg0SjDtbpW1ODhnUXZBvMnY1Q1MtIykIvKpFn
reX5Mkkq7Kb0WU80bM9TFJ1/weh0JRxK5D/rzkXv3CvTdBnzFnjD8fYU8qaN7E6B
4eBGR8azXumeBSqZ2GSJ5/rACJF4/8ybhASRogF8lTBJVE9CrvUdRJbuv37eMD3z
Z9DxCUhvdF7DQHydORZBRz93c4sCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRxma0m
ZHahFozf75RFUwtAuus6FDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQyYzk2NmItMWI2Mi00MTY1LWJiZmItNjJhYWFjYTU2N2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hcw
DQYJKoZIhvcNAQELBQADggEBAA0Mbf69TfsWu0f1U60/5FWaUV8BXcAdL2feps9d
cox65tLPzqDwd32NLzGHquaz8VWXyfG+ISZtedTG2My/Z1SV6Qf4u/GOe+XSFJM8
rflxC3aDvbVGxGLAe76kPQPAEggHGneG+EVPbJBh7YxLvRmtlQB1CJF1vdi46SVt
kf/4KZ3mKJ77qEuBvnyJ9fpDILh7UGcRQpkz8uLpqVD6YreThM2AUnLWe8L6FluE
WFQZbLdViEH4TQpgqnNqmVzFzjcp5pZIsjxNr5v+qJYl30Rsx2XYDpvGZdkgkwHd
STmnUTnOWRfAt15uktRmlvYY71CjH8xt0aRU6xDwbDooQWM=
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:18:58 2025 by rpki-client