Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e497222b-2956-47cd-981e-266995a70c5a.roa
File: e497222b-2956-47cd-981e-266995a70c5a.roa (raw, json)
Hash identifier: qoPLB8h2c1g+SuNshlBeEZJ/W4MOGjsszHCn2NDLZ58=
Subject key identifier: DB:0E:67:19:F0:BA:46:FE:CC:40:6B:AF:F0:87:15:BE:C0:DA:7E:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25BC790B63FA50926F86BF259E8B1D03E64A7F6E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e497222b-2956-47cd-981e-266995a70c5a.roa
Signing time: Mon 06 Oct 2025 17:50:55 +0000
ROA not before: Mon 06 Oct 2025 17:50:55 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:bc:79:0b:63:fa:50:92:6f:86:bf:25:9e:8b:1d:03:e6:4a:7f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:55 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=4eaa13cb925da63fd277f3a5702cd733e1dee40643146a96f7d0a78aeb2008d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:15:9d:28:4a:df:17:29:4d:3c:49:59:c9:31:
4c:59:f7:40:af:a6:42:ec:12:c9:09:a5:73:97:a4:
bb:9b:22:02:cb:73:61:ac:f3:23:2e:4e:36:8d:ab:
e7:82:f1:44:38:45:1b:87:1a:75:45:bb:f9:1a:23:
3f:fa:27:a3:4d:8e:5e:76:eb:a4:ba:a2:fa:5f:3e:
50:57:d5:cf:b2:df:a7:69:8b:f5:14:1f:ec:31:19:
99:3c:15:12:37:43:cc:e1:62:c2:17:5e:cd:4c:6b:
99:9b:98:a3:db:21:53:8c:8d:c4:3c:4d:b7:9b:a0:
81:21:16:2b:c7:d5:9c:89:97:14:1f:b7:8c:d8:aa:
9c:b8:1c:7a:2c:dc:ff:6b:52:2f:63:78:44:44:b4:
be:d1:3e:06:45:c3:c3:60:47:01:4a:b8:8d:30:fb:
be:2e:77:7e:95:1c:41:3a:c1:72:b9:e2:37:08:ac:
b0:17:14:d0:2e:eb:d0:02:da:4c:5a:a3:78:7d:f5:
2f:d2:f1:01:ba:73:de:d4:54:09:d3:29:99:5f:53:
27:d6:0c:06:32:13:19:06:b9:73:9a:17:6d:e3:12:
89:be:f2:e6:86:03:78:8d:7f:48:cd:21:f3:7a:57:
54:b9:7b:77:55:c8:f7:f7:fc:24:08:fd:5f:5c:4b:
fe:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0E:67:19:F0:BA:46:FE:CC:40:6B:AF:F0:87:15:BE:C0:DA:7E:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e497222b-2956-47cd-981e-266995a70c5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:e040::/48
Signature Algorithm: sha256WithRSAEncryption
44:f3:eb:c9:b1:fe:f0:2f:21:cd:35:bd:d4:60:60:d9:12:e9:
c0:13:f7:0c:37:32:47:c1:06:de:e8:6c:a7:24:ec:4f:0f:ae:
38:9c:6d:0c:b5:62:ed:88:a3:c1:db:06:0a:09:78:70:7e:4a:
01:54:56:aa:7d:61:ba:ab:92:4c:46:fd:21:1c:76:6b:72:d2:
03:a0:fe:86:70:23:85:f6:c1:0a:ca:f0:a6:d2:90:b7:00:3d:
9a:96:30:9e:60:ae:0f:dd:f7:94:6c:05:b2:04:04:e1:61:b8:
d8:27:f7:c8:70:db:d4:11:b1:92:26:a5:9d:b9:e9:8f:5a:e5:
78:63:00:3b:e4:04:09:4f:00:76:66:3c:5e:59:8c:9b:9e:a4:
a6:b2:bd:6c:62:ae:ec:78:d3:86:27:f5:81:b8:11:40:56:ba:
29:6e:eb:90:a6:a3:b5:54:a3:5f:a3:45:d2:a8:00:e2:1b:c3:
e0:33:8e:11:fa:4a:8f:bd:45:dc:ef:71:d6:65:d9:d1:97:da:
e7:d4:ce:53:4d:fb:9a:06:de:9d:96:4a:ed:8a:13:c8:91:02:
57:b3:fc:7e:c9:f3:9a:ab:d0:1b:81:23:6a:1c:57:ea:00:47:
50:db:23:f7:1c:52:8a:18:9c:fe:85:fe:20:73:38:c9:c6:34:
2e:f3:90:5b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJbx5C2P6UJJvhr8lnosdA+ZKf24wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwNTVaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlYWExM2NiOTI1ZGE2M2ZkMjc3ZjNhNTcwMmNkNzMzZTFkZWU0MDY0MzE0
NmE5NmY3ZDBhNzhhZWIyMDA4ZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8VnShK3xcpTTxJWckxTFn3QK+mQuwSyQmlc5eku5siAstzYazzIy5ONo2r
54LxRDhFG4cadUW7+RojP/ono02OXnbrpLqi+l8+UFfVz7Lfp2mL9RQf7DEZmTwV
EjdDzOFiwhdezUxrmZuYo9shU4yNxDxNt5uggSEWK8fVnImXFB+3jNiqnLgceizc
/2tSL2N4RES0vtE+BkXDw2BHAUq4jTD7vi53fpUcQTrBcrniNwissBcU0C7r0ALa
TFqjeH31L9LxAbpz3tRUCdMpmV9TJ9YMBjITGQa5c5oXbeMSib7y5oYDeI1/SM0h
83pXVLl7d1XI9/f8JAj9X1xL/ikCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTbDmcZ
8LpG/sxAa6/whxW+wNp+yzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTQ5NzIyMmItMjk1Ni00N2NkLTk4MWUtMjY2OTk1YTcwYzVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H3g
QDANBgkqhkiG9w0BAQsFAAOCAQEARPPrybH+8C8hzTW91GBg2RLpwBP3DDcyR8EG
3uhspyTsTw+uOJxtDLVi7YijwdsGCgl4cH5KAVRWqn1huquSTEb9IRx2a3LSA6D+
hnAjhfbBCsrwptKQtwA9mpYwnmCuD933lGwFsgQE4WG42Cf3yHDb1BGxkialnbnp
j1rleGMAO+QECU8AdmY8XlmMm56kprK9bGKu7HjThif1gbgRQFa6KW7rkKajtVSj
X6NF0qgA4hvD4DOOEfpKj71F3O9x1mXZ0Zfa59TOU037mgbenZZK7YoTyJECV7P8
fsnzmqvQG4EjahxX6gBHUNsj9xxSihic/oX+IHM4ycY0LvOQWw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:12:18 2025 by rpki-client