Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e8f7de4-db4c-48d4-b38b-387a8380d716.roa
File: 0e8f7de4-db4c-48d4-b38b-387a8380d716.roa (raw, json)
Hash identifier: q4lHwfYisZVbOIhTgjHn0OEH9CbN2segj4CRsLZ2M9c=
Subject key identifier: D1:84:0D:A2:ED:04:84:69:A5:7A:44:51:DE:59:E2:49:A9:96:1C:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F0BD8DB4C0CB1160EC2C3326DA4AA3F0B23BB2A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e8f7de4-db4c-48d4-b38b-387a8380d716.roa
Signing time: Wed 29 Oct 2025 07:36:51 +0000
ROA not before: Wed 29 Oct 2025 07:36:51 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:0b:d8:db:4c:0c:b1:16:0e:c2:c3:32:6d:a4:aa:3f:0b:23:bb:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:51 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=8591da44b333cb996aafc33660b6e92bc4bc5df2c7744f6dae522c20934a5968, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b5:f1:a0:27:09:1f:a7:a8:79:24:56:a2:ce:
db:8c:91:69:7d:29:f9:03:fb:92:5c:0b:10:4c:c3:
e1:20:cf:9f:2f:1b:72:a7:d6:ca:95:d7:12:cb:d5:
b1:ad:ed:db:4a:21:f1:b0:ba:27:43:55:dd:db:a7:
5d:0f:5d:54:37:7a:fe:0e:b1:ca:b2:55:4b:88:9f:
11:3d:eb:7b:31:66:25:c5:91:28:60:ea:53:09:a9:
c7:03:8a:d1:b7:af:52:82:63:e8:60:95:b2:f2:80:
30:fa:b7:8b:41:36:a4:b2:52:c2:b5:e7:b4:d0:b1:
98:42:84:14:f2:1b:9d:f1:7c:b9:4a:d2:ef:83:42:
11:22:fd:c2:fc:d5:89:38:27:18:1d:db:bf:46:5f:
31:8e:25:98:f6:b5:2f:42:0b:6d:af:37:3b:1a:77:
94:4f:23:f3:86:e4:3e:df:46:92:73:9c:0a:9d:92:
7b:9c:38:bc:cc:a7:b4:e3:43:cb:e7:0d:8a:7c:89:
ba:1a:8c:a6:2c:3a:74:d0:32:6f:b4:c4:c9:61:39:
5d:01:d2:d6:3f:9d:c9:32:2f:0a:0d:ba:3c:cf:f0:
a9:e5:3b:68:1c:b9:b5:a5:48:66:40:8d:3e:9a:4c:
25:8f:cb:00:af:dd:2d:b7:21:02:b3:af:94:84:46:
45:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:84:0D:A2:ED:04:84:69:A5:7A:44:51:DE:59:E2:49:A9:96:1C:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e8f7de4-db4c-48d4-b38b-387a8380d716.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:c000::/40
Signature Algorithm: sha256WithRSAEncryption
58:3e:65:88:9d:d7:b1:a5:d5:ff:41:a0:17:9a:30:7e:95:6f:
c4:9f:d5:b2:a6:6d:1f:a3:fc:6b:13:af:c8:71:70:19:9b:2a:
a2:a8:2a:f1:c9:3f:da:91:6c:f0:d7:d6:10:e6:5d:40:02:63:
af:90:76:57:7c:85:81:dc:e0:04:d1:61:7e:94:29:71:2b:d3:
06:5f:d8:41:6c:7c:59:4f:07:07:d3:e6:ff:ad:7f:25:5b:34:
fb:20:fe:4f:59:cf:fe:39:07:e4:57:79:8b:76:41:03:92:fc:
56:0a:2b:82:2f:ef:8c:f6:e7:63:da:1a:69:ce:4a:43:ce:c1:
6f:64:9c:91:12:72:c1:5d:58:51:3c:31:92:77:c5:da:c7:36:
98:b5:03:77:19:82:94:87:fd:17:78:7e:ee:90:e3:7a:d6:51:
39:09:04:b8:b7:48:3d:11:50:9c:41:a3:ff:14:b1:b5:c7:b5:
52:ec:9a:a2:e7:34:92:ae:0f:71:c9:c7:e4:a8:31:dc:74:48:
f1:ef:89:58:13:e1:44:cf:4f:90:75:03:54:cb:1c:66:27:b5:
c5:95:09:e9:67:c8:db:62:5e:2c:94:26:d4:63:96:9b:42:94:
10:f9:1b:93:53:93:11:9c:33:83:49:af:1f:1f:a5:5d:90:47:
42:70:66:f0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXwvY20wMsRYOwsMybaSqPwsjuyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NTFaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1OTFkYTQ0YjMzM2NiOTk2YWFmYzMzNjYwYjZlOTJiYzRiYzVkZjJjNzc0
NGY2ZGFlNTIyYzIwOTM0YTU5NjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANe18aAnCR+nqHkkVqLO24yRaX0p+QP7klwLEEzD4SDPny8bcqfWypXXEsvV
sa3t20oh8bC6J0NV3dunXQ9dVDd6/g6xyrJVS4ifET3rezFmJcWRKGDqUwmpxwOK
0bevUoJj6GCVsvKAMPq3i0E2pLJSwrXntNCxmEKEFPIbnfF8uUrS74NCESL9wvzV
iTgnGB3bv0ZfMY4lmPa1L0ILba83Oxp3lE8j84bkPt9GknOcCp2Se5w4vMyntOND
y+cNinyJuhqMpiw6dNAyb7TEyWE5XQHS1j+dyTIvCg26PM/wqeU7aBy5taVIZkCN
PppMJY/LAK/dLbchArOvlIRGRWcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTRhA2i
7QSEaaV6RFHeWeJJqZYc4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGU4ZjdkZTQtZGI0Yy00OGQ0LWIzOGItMzg3YTgzODBkNzE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GrA
MA0GCSqGSIb3DQEBCwUAA4IBAQBYPmWIndexpdX/QaAXmjB+lW/En9Wypm0fo/xr
E6/IcXAZmyqiqCrxyT/akWzw19YQ5l1AAmOvkHZXfIWB3OAE0WF+lClxK9MGX9hB
bHxZTwcH0+b/rX8lWzT7IP5PWc/+OQfkV3mLdkEDkvxWCiuCL++M9udj2hppzkpD
zsFvZJyREnLBXVhRPDGSd8XaxzaYtQN3GYKUh/0XeH7ukON61lE5CQS4t0g9EVCc
QaP/FLG1x7VS7Jqi5zSSrg9xycfkqDHcdEjx74lYE+FEz0+QdQNUyxxmJ7XFlQnp
Z8jbYl4slCbUY5abQpQQ+RuTU5MRnDODSa8fH6VdkEdCcGbw
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:50 2025 by rpki-client