Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c98f4465-885d-4f5b-af66-c30a107fe0a0.roa
File: c98f4465-885d-4f5b-af66-c30a107fe0a0.roa (raw, json)
Hash identifier: cjrhm2Ad035RRW+DNvZgsrzu5c+A6cbQrvoTuvGGSzY=
Subject key identifier: 45:8C:1B:84:CC:3B:53:AF:6B:2F:F8:A7:60:62:28:F7:A7:10:BF:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25B2E7E526A667E4A95B5F5642A26B8C3F198B00
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c98f4465-885d-4f5b-af66-c30a107fe0a0.roa
Signing time: Mon 06 Oct 2025 17:40:12 +0000
ROA not before: Mon 06 Oct 2025 17:40:12 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:b2:e7:e5:26:a6:67:e4:a9:5b:5f:56:42:a2:6b:8c:3f:19:8b:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:40:12 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=4c22f1b32a68d02a9abce9e928ac9e26869bcf66a7e4466b45fdc5bdc4258bde, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:62:f8:4d:45:b3:52:3c:1a:9d:46:06:b3:19:
17:ec:49:46:af:93:a5:3d:53:83:5e:cb:75:92:51:
8d:18:4d:37:64:b6:4e:4e:72:26:cb:c8:9a:cb:d5:
4c:e4:c7:14:78:49:09:5e:62:0b:50:1f:f2:7c:22:
db:ef:bb:06:5d:de:39:6e:b4:6e:47:76:a3:2b:d6:
44:9e:7a:0b:ef:ad:23:b5:c8:60:c0:03:88:cc:94:
65:53:70:70:52:f5:45:09:96:39:4e:ce:ce:ca:20:
15:ce:c6:42:68:95:95:b7:29:ee:c6:68:71:0e:69:
64:31:ca:ca:84:13:12:f8:87:96:09:be:5c:2d:52:
2b:64:b8:89:c1:c5:ed:82:0a:bf:75:00:d6:45:06:
5c:e3:06:fe:e2:6a:4d:9a:b9:88:1e:40:94:25:76:
76:cc:f0:11:da:f7:5b:f1:41:11:18:47:4f:78:ef:
13:84:b1:66:3a:07:29:cf:7a:0b:b6:d6:49:9c:74:
3a:7f:b3:73:f2:a7:87:7e:ac:3b:a2:2b:61:ab:0a:
18:8d:d2:65:2a:fd:4b:a5:ac:d1:f7:be:54:b7:e9:
d0:47:89:92:e5:4c:10:75:a2:8b:94:cb:2a:a3:94:
d9:36:87:c5:70:0e:61:9d:18:07:72:f1:36:7a:de:
be:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:8C:1B:84:CC:3B:53:AF:6B:2F:F8:A7:60:62:28:F7:A7:10:BF:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c98f4465-885d-4f5b-af66-c30a107fe0a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:9040::/48
Signature Algorithm: sha256WithRSAEncryption
57:9f:d0:71:cf:59:a1:28:25:87:5e:b6:c4:ad:4c:2c:7d:c2:
da:ea:19:c9:d5:95:bb:f3:37:8a:af:0e:f6:0c:bf:99:ec:ac:
59:b6:56:12:43:4d:67:49:04:5a:3a:e0:47:d2:4a:9b:7d:a6:
12:28:c8:77:42:1a:89:ed:91:e9:56:05:7d:b6:a3:cb:33:16:
55:76:fc:47:85:f1:8e:26:b2:74:da:b3:fd:49:cf:1c:9c:41:
9b:0e:6e:f9:75:19:5d:12:8a:48:9f:04:dc:8c:e4:83:85:f0:
36:d0:68:7f:74:a6:8a:44:5d:76:ba:57:7a:7d:df:6a:93:5b:
8f:1e:4e:9d:e7:4d:c5:d8:62:a4:55:4c:c6:61:46:10:72:90:
b1:69:b7:99:e0:10:e3:6b:b0:df:16:66:9b:73:31:a6:9f:e3:
f3:1a:f1:5b:22:3c:81:a4:2f:f7:6b:3f:ac:4f:0e:91:dd:ae:
9e:ae:5f:f7:8c:f3:37:f8:7f:f9:38:ea:c3:cf:37:11:48:dc:
67:40:25:c0:41:83:dc:4f:39:cc:04:3b:1f:e1:f0:a9:96:52:
62:ec:f1:5e:43:fd:c4:3d:2d:65:e5:bb:e6:e1:5e:2f:64:97:
92:d1:1f:b8:90:5e:24:2b:cb:d1:cc:cc:45:e2:29:b4:5f:5c:
43:3e:bb:eb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJbLn5SamZ+SpW19WQqJrjD8ZiwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzQwMTJaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjMjJmMWIzMmE2OGQwMmE5YWJjZTllOTI4YWM5ZTI2ODY5YmNmNjZhN2U0
NDY2YjQ1ZmRjNWJkYzQyNThiZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdi+E1Fs1I8Gp1GBrMZF+xJRq+TpT1Tg17LdZJRjRhNN2S2Tk5yJsvImsvV
TOTHFHhJCV5iC1Af8nwi2++7Bl3eOW60bkd2oyvWRJ56C++tI7XIYMADiMyUZVNw
cFL1RQmWOU7OzsogFc7GQmiVlbcp7sZocQ5pZDHKyoQTEviHlgm+XC1SK2S4icHF
7YIKv3UA1kUGXOMG/uJqTZq5iB5AlCV2dszwEdr3W/FBERhHT3jvE4SxZjoHKc96
C7bWSZx0On+zc/Knh36sO6IrYasKGI3SZSr9S6Ws0fe+VLfp0EeJkuVMEHWii5TL
KqOU2TaHxXAOYZ0YB3LxNnrevm8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRFjBuE
zDtTr2sv+KdgYij3pxC/IDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzk4ZjQ0NjUtODg1ZC00ZjViLWFmNjYtYzMwYTEwN2ZlMGEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H2Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAV5/Qcc9ZoSglh162xK1MLH3C2uoZydWVu/M3
iq8O9gy/meysWbZWEkNNZ0kEWjrgR9JKm32mEijId0Iaie2R6VYFfbajyzMWVXb8
R4XxjiaydNqz/UnPHJxBmw5u+XUZXRKKSJ8E3Izkg4XwNtBof3SmikRddrpXen3f
apNbjx5OnedNxdhipFVMxmFGEHKQsWm3meAQ42uw3xZmm3Mxpp/j8xrxWyI8gaQv
92s/rE8Okd2unq5f94zzN/h/+Tjqw883EUjcZ0AlwEGD3E85zAQ7H+HwqZZSYuzx
XkP9xD0tZeW75uFeL2SXktEfuJBeJCvL0czMReIptF9cQz676w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:33 2025 by rpki-client