Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1bb27900-3531-4083-aef8-cc7656dba027.roa
File: 1bb27900-3531-4083-aef8-cc7656dba027.roa (raw, json)
Hash identifier: XTCK/QtbYUkJz3HiH1AfPA+qmLNshrnsBYubMheIoGc=
Subject key identifier: C4:83:5D:F1:4F:BC:9C:37:E2:79:44:6E:F8:6B:5A:73:85:6F:49:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D62D161D50AD3EF68141ED9B489EECC8AD3F2BE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1bb27900-3531-4083-aef8-cc7656dba027.roa
Signing time: Fri 31 Oct 2025 01:20:10 +0000
ROA not before: Fri 31 Oct 2025 01:20:10 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:62:d1:61:d5:0a:d3:ef:68:14:1e:d9:b4:89:ee:cc:8a:d3:f2:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 01:20:10 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=2b743b3a237d81177fbe9f1c121c3662b5453b1e7825ea834efb46aca675b72b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3d:80:1d:ac:cf:97:17:ea:e7:d4:cc:91:80:
3d:69:6e:30:0b:98:83:c6:00:51:c3:91:d1:07:86:
74:65:57:71:45:04:c5:fb:3e:3f:a3:7d:a8:32:34:
7a:db:bd:57:fe:88:dc:5f:5e:2e:b8:c8:ee:74:13:
ff:83:b0:17:1c:f6:dd:ec:33:65:f5:da:c8:1d:6c:
5b:ef:3b:d1:14:e1:33:75:40:93:04:24:96:6c:0d:
b6:4e:b7:04:bb:41:d0:8f:c1:e9:4e:2e:75:04:8f:
29:ce:3d:b6:61:6a:1e:ae:2e:3b:43:72:f2:c7:01:
6a:cb:29:be:5a:86:6d:fb:44:2d:6d:e1:5e:49:3c:
47:9d:50:56:d0:7d:a7:9c:d5:d2:6e:38:01:42:ea:
b8:cf:1e:44:8e:df:be:f6:c3:9a:fd:ad:35:ab:be:
c6:4a:35:f1:b6:77:46:9f:ec:6f:86:0a:d8:7b:2f:
2b:43:84:53:90:85:e7:de:32:55:4e:72:ce:4d:fb:
67:ad:4d:92:36:7b:f5:f8:ac:a7:71:28:56:c6:5c:
04:07:e3:d5:a0:04:8c:17:5e:05:86:27:c2:44:fc:
e8:87:1a:27:a5:c0:b9:30:81:aa:d6:18:40:6a:cc:
cd:f2:25:d7:b9:6b:83:14:3b:d9:da:7b:5f:54:5b:
fe:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:83:5D:F1:4F:BC:9C:37:E2:79:44:6E:F8:6B:5A:73:85:6F:49:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1bb27900-3531-4083-aef8-cc7656dba027.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:b000::/40
Signature Algorithm: sha256WithRSAEncryption
68:60:5a:0e:03:9b:40:91:08:5a:20:e4:b4:50:1c:18:70:5a:
f5:b3:81:8b:0a:c7:0e:e4:27:93:8e:da:b2:e5:5c:e0:5e:87:
11:99:cd:ea:40:75:3e:6a:77:39:06:19:6e:fa:8c:b7:30:5b:
92:01:39:7c:c4:6a:86:34:2a:ca:4b:da:e2:84:de:34:d8:4d:
93:5b:8f:ea:57:33:b2:90:65:93:65:25:27:ed:42:34:fb:9b:
2d:20:e3:ae:22:74:00:c4:ab:46:a1:1b:21:c9:7e:7e:c2:ce:
d8:e7:6d:44:f9:c1:64:77:b7:15:5a:17:ec:c5:78:a8:07:e9:
3e:ee:49:e3:54:c1:31:a4:84:f5:ec:05:80:07:03:6a:88:b4:
8a:fb:93:53:14:8e:6a:a8:f6:8b:d9:4d:cc:56:cd:ee:f8:7e:
b5:9c:c9:87:b1:91:0e:24:7d:81:f7:99:ac:24:08:e3:d2:c0:
5c:55:07:4a:75:75:af:88:d9:6b:05:7d:e4:f1:1e:eb:3e:ba:
3e:80:05:b8:29:32:7e:6d:17:4d:b5:d3:d3:99:fd:41:43:e9:
ad:9f:5c:c5:db:f4:84:2a:36:a2:15:49:67:ea:89:0f:da:1b:
58:9d:03:d6:2f:5a:a8:03:65:94:b4:b0:92:bc:16:bd:4e:80:
bc:8f:f1:cb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXWLRYdUK0+9oFB7ZtInuzIrT8r4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMTIwMTBaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiNzQzYjNhMjM3ZDgxMTc3ZmJlOWYxYzEyMWMzNjYyYjU0NTNiMWU3ODI1
ZWE4MzRlZmI0NmFjYTY3NWI3MmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKw9gB2sz5cX6ufUzJGAPWluMAuYg8YAUcOR0QeGdGVXcUUExfs+P6N9qDI0
etu9V/6I3F9eLrjI7nQT/4OwFxz23ewzZfXayB1sW+870RThM3VAkwQklmwNtk63
BLtB0I/B6U4udQSPKc49tmFqHq4uO0Ny8scBasspvlqGbftELW3hXkk8R51QVtB9
p5zV0m44AULquM8eRI7fvvbDmv2tNau+xko18bZ3Rp/sb4YK2HsvK0OEU5CF594y
VU5yzk37Z61NkjZ79fisp3EoVsZcBAfj1aAEjBdeBYYnwkT86IcaJ6XAuTCBqtYY
QGrMzfIl17lrgxQ72dp7X1Rb/skCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTEg13x
T7ycN+J5RG74a1pzhW9JtDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWJiMjc5MDAtMzUzMS00MDgzLWFlZjgtY2M3NjU2ZGJhMDI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOw
MA0GCSqGSIb3DQEBCwUAA4IBAQBoYFoOA5tAkQhaIOS0UBwYcFr1s4GLCscO5CeT
jtqy5VzgXocRmc3qQHU+anc5Bhlu+oy3MFuSATl8xGqGNCrKS9rihN402E2TW4/q
VzOykGWTZSUn7UI0+5stIOOuInQAxKtGoRshyX5+ws7Y521E+cFkd7cVWhfsxXio
B+k+7knjVMExpIT17AWABwNqiLSK+5NTFI5qqPaL2U3MVs3u+H61nMmHsZEOJH2B
95msJAjj0sBcVQdKdXWviNlrBX3k8R7rPro+gAW4KTJ+bRdNtdPTmf1BQ+mtn1zF
2/SEKjaiFUln6okP2htYnQPWL1qoA2WUtLCSvBa9ToC8j/HL
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:14:35 2025 by rpki-client