Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b3f3a2c-983c-433d-99be-8175f592a8a3.roa
File: 1b3f3a2c-983c-433d-99be-8175f592a8a3.roa (raw, json)
Hash identifier: WIwETabdO4fZxbmpDEdZIwFKDSVtwp2NOmTcsV+W0rU=
Subject key identifier: DF:DA:B7:63:36:24:9B:B2:8C:2D:7E:76:CC:45:90:3F:73:07:D8:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2652E5BD89676A928B039540612254E901A6FF96
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b3f3a2c-983c-433d-99be-8175f592a8a3.roa
Signing time: Wed 29 Oct 2025 07:28:13 +0000
ROA not before: Wed 29 Oct 2025 07:28:13 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028:8000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:52:e5:bd:89:67:6a:92:8b:03:95:40:61:22:54:e9:01:a6:ff:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:28:13 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=9a697f99df954ace05d3d8cbb19cd6386b7bd2af8f6affee4676771671b7810c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:93:ff:b7:fe:2c:11:d9:bd:e1:a3:db:d4:c0:
c6:ae:ff:19:66:b7:13:2c:2d:bc:b3:f6:03:57:58:
24:ad:85:40:80:3b:3e:a3:28:8f:03:61:c7:05:6e:
a8:66:85:9e:4a:43:0c:89:bc:6c:8f:42:7e:dd:18:
48:58:6e:70:89:20:d8:1c:0d:06:7f:95:0f:40:d0:
7f:11:82:3f:9d:16:b6:cf:ee:64:84:ea:6a:61:30:
43:d0:13:fd:e8:c5:e3:59:74:7d:f9:22:80:08:e6:
fc:1f:6a:45:01:6f:14:8c:52:de:8c:29:23:b9:c5:
0d:a0:54:b1:f0:3f:99:cb:a0:d7:9d:a8:7c:7a:a0:
a0:46:44:05:8e:9e:92:5c:da:dd:f5:bf:d8:0e:52:
41:e2:13:96:2d:76:0e:e1:be:88:19:c8:de:d9:b3:
7c:40:bb:b1:1f:ab:e4:af:02:5f:17:7a:ba:24:c8:
d6:fa:fd:96:eb:af:f4:4b:be:bc:88:3a:7b:24:a6:
97:9f:c6:1b:cb:59:68:47:89:e7:63:73:b1:e5:ca:
91:fc:f3:4e:b2:2c:4b:60:79:ef:53:b1:67:90:f7:
38:0f:d4:e9:33:b2:eb:5c:17:f9:93:12:22:e9:b2:
34:88:e3:e5:89:47:73:d2:7d:ab:8b:a8:c1:20:de:
aa:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DA:B7:63:36:24:9B:B2:8C:2D:7E:76:CC:45:90:3F:73:07:D8:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b3f3a2c-983c-433d-99be-8175f592a8a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028:8000::/36
Signature Algorithm: sha256WithRSAEncryption
7a:e0:6c:f9:df:06:2c:3f:c8:31:d4:84:0c:7b:08:96:17:6f:
b9:eb:e9:3b:0d:c5:e5:8a:eb:5a:de:d1:3f:1e:d9:47:a0:c7:
3f:9e:2e:67:f4:08:cf:62:5d:11:79:b8:32:fd:b2:93:8f:3d:
60:95:e5:f7:1c:06:33:df:a1:2a:3c:65:fe:f6:ae:35:33:7a:
ba:4f:6f:3b:48:8b:22:e9:22:cd:cf:31:90:53:50:f1:2e:00:
db:42:26:b4:31:d6:bc:4c:32:fc:d9:28:1a:e1:80:0d:e8:19:
b4:95:ca:91:fe:7f:1f:46:5b:db:4e:db:b7:f7:5e:fe:7e:40:
5f:10:1a:70:3c:7a:42:b6:b8:00:df:26:81:19:6d:9f:61:6b:
75:7d:e0:26:bd:8a:09:b3:15:45:39:7d:20:a1:80:72:d7:0e:
a4:c3:b4:39:4d:78:f9:4e:25:45:47:68:12:c1:0a:5a:a4:a4:
07:6b:dd:16:2c:be:a5:3a:0a:20:7c:64:b2:23:c2:47:12:5a:
77:56:33:14:08:db:1e:25:03:29:a2:ca:4e:31:9b:83:e7:28:
87:cb:b0:c4:1d:84:80:a9:3a:d5:f1:e6:2e:75:56:8a:70:5a:
94:2a:11:71:d8:28:45:be:f2:bd:19:0b:d5:3d:3b:ff:14:8a:
2a:ff:b9:96
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJlLlvYlnapKLA5VAYSJU6QGm/5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzI4MTNaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhNjk3Zjk5ZGY5NTRhY2UwNWQzZDhjYmIxOWNkNjM4NmI3YmQyYWY4ZjZh
ZmZlZTQ2NzY3NzE2NzFiNzgxMGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCT/7f+LBHZveGj29TAxq7/GWa3EywtvLP2A1dYJK2FQIA7PqMojwNhxwVu
qGaFnkpDDIm8bI9Cft0YSFhucIkg2BwNBn+VD0DQfxGCP50Wts/uZITqamEwQ9AT
/ejF41l0ffkigAjm/B9qRQFvFIxS3owpI7nFDaBUsfA/mcug152ofHqgoEZEBY6e
klza3fW/2A5SQeITli12DuG+iBnI3tmzfEC7sR+r5K8CXxd6uiTI1vr9luuv9Eu+
vIg6eySml5/GG8tZaEeJ52NzseXKkfzzTrIsS2B571OxZ5D3OA/U6TOy61wX+ZMS
IumyNIjj5YlHc9J9q4uowSDeql8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTf2rdj
NiSbsowtfnbMRZA/cwfYXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWIzZjNhMmMtOTgzYy00MzNkLTk5YmUtODE3NWY1OTJhOGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CiA
MA0GCSqGSIb3DQEBCwUAA4IBAQB64Gz53wYsP8gx1IQMewiWF2+56+k7DcXliuta
3tE/HtlHoMc/ni5n9AjPYl0Rebgy/bKTjz1gleX3HAYz36EqPGX+9q41M3q6T287
SIsi6SLNzzGQU1DxLgDbQia0Mda8TDL82Sga4YAN6Bm0lcqR/n8fRlvbTtu3917+
fkBfEBpwPHpCtrgA3yaBGW2fYWt1feAmvYoJsxVFOX0goYBy1w6kw7Q5TXj5TiVF
R2gSwQpapKQHa90WLL6lOgogfGSyI8JHElp3VjMUCNseJQMpospOMZuD5yiHy7DE
HYSAqTrV8eYudVaKcFqUKhFx2ChFvvK9GQvVPTv/FIoq/7mW
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:47 2025 by rpki-client