Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
File: e5179068-cbcf-4f9a-864d-3c97430c84f4.roa (raw, json)
Hash identifier: hz4Wq3hf/jTXoOtBZojCZ5GNsHZ8cMpahE3hxMcxiyE=
Subject key identifier: C3:DE:81:13:49:E6:5D:E5:C1:15:DE:0B:8A:CF:34:4B:09:F8:57:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DCE7E1BB50C56CB38E550E582C1AAEAECDC296E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
Signing time: Fri 26 Sep 2025 20:01:06 +0000
ROA not before: Fri 26 Sep 2025 20:01:06 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:ce:7e:1b:b5:0c:56:cb:38:e5:50:e5:82:c1:aa:ea:ec:dc:29:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:01:06 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=09663df774185d4948b65e51f8e625fa848e20b3b1c1f8fcd6e07fa1cfab00f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:56:b6:a2:cb:5d:8a:58:85:19:f7:17:b9:6b:
3e:42:28:7e:cc:80:01:74:32:4b:65:1f:9a:9c:08:
0f:f8:85:41:17:0b:e2:70:c1:9f:ee:e3:62:3f:5e:
f3:4f:68:b2:38:3f:03:56:9c:42:3f:9c:06:d1:88:
3b:94:90:36:cf:c6:e4:8f:fb:87:ff:ff:ba:a2:ea:
ee:b7:84:d1:2a:c0:4b:90:d4:0e:60:60:86:bc:8b:
31:e7:8b:bb:18:54:80:a1:86:9e:c8:ed:67:5a:6e:
9c:c6:4d:69:7a:57:12:08:b9:87:01:cc:ae:4a:5c:
71:1b:59:8f:9f:44:93:d6:da:c1:cf:41:6f:90:c4:
8c:d7:d7:86:dc:74:41:d7:64:ea:c5:1a:06:05:7e:
df:aa:f4:5c:e3:af:72:f0:31:57:0f:4b:0b:cf:38:
1a:5f:16:c5:68:50:15:e4:2c:ff:5f:2c:e9:e6:80:
ab:91:6f:48:11:3e:a6:83:ab:cd:09:37:d1:02:29:
0b:45:a4:9d:02:e9:a1:96:98:2b:b9:ca:9e:41:85:
81:04:44:1a:37:4f:65:e5:29:a2:98:bf:91:61:a8:
d8:7a:11:b7:b5:c8:51:16:1b:fd:a1:ea:d0:da:e7:
43:ea:c7:7d:23:56:64:01:14:b6:76:46:03:9a:e3:
5d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:DE:81:13:49:E6:5D:E5:C1:15:DE:0B:8A:CF:34:4B:09:F8:57:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015::/38
Signature Algorithm: sha256WithRSAEncryption
57:60:3f:c3:a9:4d:4b:4e:60:49:fc:3d:a8:3b:65:d0:63:61:
a9:d8:5a:15:a9:1f:2c:6a:8a:d7:9a:50:f2:72:f9:f2:8e:1c:
c0:72:3c:13:ba:c0:87:7e:88:1c:cb:90:e4:ad:74:6a:f5:5c:
d2:a5:1e:5f:5d:e0:44:37:25:5b:cd:eb:c2:2f:c3:7c:c9:f6:
63:19:72:c4:23:6e:1b:64:42:0f:dc:59:49:ba:76:ee:7e:05:
81:65:35:d3:a0:aa:53:0d:9f:89:50:77:99:27:33:50:eb:c9:
3c:4b:e2:5f:de:96:03:b9:b8:13:56:4c:85:c1:b3:d5:67:a3:
35:af:47:d4:d8:fd:6f:c6:b5:9b:65:64:92:3e:98:96:df:92:
bb:a2:0d:05:cf:12:2c:ed:6a:e5:aa:c1:1a:06:8d:24:5b:9c:
54:72:b7:ed:e4:1a:49:73:76:2d:8b:55:61:35:07:be:5b:b9:
72:03:c1:69:89:12:d1:32:95:14:f3:94:b6:e7:bf:bc:78:ac:
7e:81:e7:30:0a:a3:43:1b:9c:8b:e6:dd:fe:34:0d:19:ad:68:
4c:ad:94:50:ef:66:76:70:dc:db:3d:ea:83:6f:6b:07:fc:2e:
33:34:23:ea:04:e6:3e:79:69:42:da:65:cb:ee:92:c7:1c:c4:
f4:1f:51:a9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTc5+G7UMVss45VDlgsGq6uzcKW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAxMDZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5NjYzZGY3NzQxODVkNDk0OGI2NWU1MWY4ZTYyNWZhODQ4ZTIwYjNiMWMx
ZjhmY2Q2ZTA3ZmExY2ZhYjAwZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5WtqLLXYpYhRn3F7lrPkIofsyAAXQyS2UfmpwID/iFQRcL4nDBn+7jYj9e
809osjg/A1acQj+cBtGIO5SQNs/G5I/7h///uqLq7reE0SrAS5DUDmBghryLMeeL
uxhUgKGGnsjtZ1punMZNaXpXEgi5hwHMrkpccRtZj59Ek9bawc9Bb5DEjNfXhtx0
Qddk6sUaBgV+36r0XOOvcvAxVw9LC884Gl8WxWhQFeQs/18s6eaAq5FvSBE+poOr
zQk30QIpC0WknQLpoZaYK7nKnkGFgQREGjdPZeUpopi/kWGo2HoRt7XIURYb/aHq
0NrnQ+rHfSNWZAEUtnZGA5rjXVUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTD3oET
SeZd5cEV3guKzzRLCfhXszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUxNzkwNjgtY2JjZi00ZjlhLTg2NGQtM2M5NzQzMGM4NGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXYD/DqU1LTmBJ/D2oO2XQY2Gp2FoVqR8saorX
mlDycvnyjhzAcjwTusCHfogcy5DkrXRq9VzSpR5fXeBENyVbzevCL8N8yfZjGXLE
I24bZEIP3FlJunbufgWBZTXToKpTDZ+JUHeZJzNQ68k8S+Jf3pYDubgTVkyFwbPV
Z6M1r0fU2P1vxrWbZWSSPpiW35K7og0FzxIs7WrlqsEaBo0kW5xUcrft5BpJc3Yt
i1VhNQe+W7lyA8FpiRLRMpUU85S257+8eKx+gecwCqNDG5yL5t3+NA0ZrWhMrZRQ
72Z2cNzbPeqDb2sH/C4zNCPqBOY+eWlC2mXL7pLHHMT0H1Gp
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:55 2025 by rpki-client