Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
File: d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa (raw, json)
Hash identifier: Qr7FwEZmlpjmpjUiLBBO576+nFgr3fF4slTOcUIesYc=
Subject key identifier: 1B:40:8C:BC:9D:34:61:E7:1E:AC:A8:61:4E:7F:A9:FE:C2:D8:5B:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 047AD4B9B810C5FC1861E54674264653310A57CE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
Signing time: Fri 26 Sep 2025 20:01:37 +0000
ROA not before: Fri 26 Sep 2025 20:01:37 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:7a:d4:b9:b8:10:c5:fc:18:61:e5:46:74:26:46:53:31:0a:57:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:01:37 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=db4f07c9faa4c5a7397c73600ff44853e6527038da6a326af9a40a8feec3741e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9b:f7:5c:13:23:1d:9b:34:21:c1:26:55:43:
4d:6d:47:22:0f:a3:09:ac:8a:36:05:06:6f:57:b5:
85:6a:4c:6f:16:03:f2:72:de:1e:42:d0:5c:eb:ad:
45:c7:dc:53:f4:8d:3b:89:14:4d:5e:03:ca:12:5f:
ff:c9:77:3d:20:f1:6d:95:7e:d6:e6:e4:0f:c9:4d:
5c:f1:e4:d5:e1:6f:f5:1f:00:c1:3e:a1:1b:f7:70:
09:a7:dc:a2:45:1a:1e:a4:b5:b7:4a:98:62:9c:f8:
29:4d:0c:d7:e8:e9:80:13:12:a6:78:89:f6:99:7a:
77:80:41:a0:f5:cb:e4:98:14:df:56:d9:63:83:9b:
25:f0:72:f2:12:fd:fa:a1:45:1f:5d:32:96:3c:87:
c1:bc:c2:82:bd:20:81:1f:07:d1:b1:f3:ba:71:2c:
6d:60:4b:de:ee:a3:49:d4:1a:19:e5:40:10:ab:df:
06:6c:36:90:cb:b9:3f:87:b6:fd:76:fa:be:a0:61:
4b:30:2c:50:20:a2:1e:37:4f:c4:7a:6b:09:ee:21:
73:9e:02:2a:a8:4a:73:41:ed:dc:5d:89:ae:7a:f1:
fa:83:8d:9a:c1:86:6f:01:41:bb:38:5d:38:84:42:
00:de:dd:6f:47:cd:b4:ca:44:57:a4:da:ee:99:e8:
27:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:40:8C:BC:9D:34:61:E7:1E:AC:A8:61:4E:7F:A9:FE:C2:D8:5B:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016:400::/38
Signature Algorithm: sha256WithRSAEncryption
c1:a2:95:52:8d:ce:99:4d:c8:47:37:5f:39:6b:be:c4:60:c2:
99:53:4f:7d:6a:d7:28:fc:f0:5b:74:05:58:39:82:82:7b:b0:
5b:3f:ac:b6:2f:0d:a5:73:81:ad:62:4c:e6:1d:bb:a0:04:01:
15:ca:71:14:15:b5:13:9d:1b:c3:79:7a:2a:1f:b0:62:d7:29:
3a:0c:f7:df:01:2a:e0:fb:94:b8:66:c4:50:6c:d2:0b:01:97:
b7:16:99:9a:c9:7e:26:e5:8e:b6:6c:dc:fb:52:64:d9:7c:7e:
ed:15:1c:03:e0:db:47:80:04:5f:66:45:0e:32:ac:62:5f:e5:
a1:96:7b:7b:68:43:e0:d4:26:32:cb:ca:62:2c:e0:bf:55:c1:
45:97:6f:6c:7f:b7:67:bd:a8:5c:bf:23:e7:74:5a:6f:0f:a8:
eb:82:2f:74:45:5c:e7:ea:26:b7:6f:43:aa:ec:41:ea:7c:0c:
82:22:39:69:0d:d4:3d:3e:ed:5d:f9:69:d4:a5:e8:a6:ef:5e:
45:10:60:19:2d:36:5b:ae:e8:05:f6:4b:00:b8:da:44:15:6a:
84:ac:36:d1:60:e5:cd:05:a3:12:45:61:17:b7:49:52:68:01:
43:3e:ac:c1:06:51:5a:50:21:0d:dd:5a:e7:9c:bd:79:be:cd:
a0:82:1f:43
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBHrUubgQxfwYYeVGdCZGUzEKV84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAxMzdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiNGYwN2M5ZmFhNGM1YTczOTdjNzM2MDBmZjQ0ODUzZTY1MjcwMzhkYTZh
MzI2YWY5YTQwYThmZWVjMzc0MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGb91wTIx2bNCHBJlVDTW1HIg+jCayKNgUGb1e1hWpMbxYD8nLeHkLQXOut
RcfcU/SNO4kUTV4DyhJf/8l3PSDxbZV+1ubkD8lNXPHk1eFv9R8AwT6hG/dwCafc
okUaHqS1t0qYYpz4KU0M1+jpgBMSpniJ9pl6d4BBoPXL5JgU31bZY4ObJfBy8hL9
+qFFH10yljyHwbzCgr0ggR8H0bHzunEsbWBL3u6jSdQaGeVAEKvfBmw2kMu5P4e2
/Xb6vqBhSzAsUCCiHjdPxHprCe4hc54CKqhKc0Ht3F2Jrnrx+oONmsGGbwFBuzhd
OIRCAN7db0fNtMpEV6Ta7pnoJ3sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQbQIy8
nTRh5x6sqGFOf6n+wthbGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDNhYzhhMGEtOGQwNi00MGRlLWEyOTItY2I4MjRiN2M0OGI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYE
MA0GCSqGSIb3DQEBCwUAA4IBAQDBopVSjc6ZTchHN185a77EYMKZU099atco/PBb
dAVYOYKCe7BbP6y2Lw2lc4GtYkzmHbugBAEVynEUFbUTnRvDeXoqH7Bi1yk6DPff
ASrg+5S4ZsRQbNILAZe3FpmayX4m5Y62bNz7UmTZfH7tFRwD4NtHgARfZkUOMqxi
X+Whlnt7aEPg1CYyy8piLOC/VcFFl29sf7dnvahcvyPndFpvD6jrgi90RVzn6ia3
b0Oq7EHqfAyCIjlpDdQ9Pu1d+WnUpeim715FEGAZLTZbrugF9ksAuNpEFWqErDbR
YOXNBaMSRWEXt0lSaAFDPqzBBlFaUCEN3VrnnL15vs2ggh9D
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:14 2025 by rpki-client