Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
File: 2562684d-020c-40d9-b3bb-3fcb4c638494.roa (raw, json)
Hash identifier: 8SB4GUdLUyxRmlUtCxfmDOcPCp2YHwoqq4pQPEuG75E=
Subject key identifier: 48:55:4C:63:4D:29:E5:98:86:FD:1C:9E:92:EF:32:88:E6:A5:57:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31E84ACAFEB26DCFB99698F2452276D8EC9B749D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
Signing time: Tue 04 Nov 2025 02:50:01 +0000
ROA not before: Tue 04 Nov 2025 02:50:01 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:e8:4a:ca:fe:b2:6d:cf:b9:96:98:f2:45:22:76:d8:ec:9b:74:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:01 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=b0450fd71bf9b4aeb906714cd2d179c03844612d1173f9a6a89b85ff7c91b3fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4c:48:78:5d:24:15:48:04:97:aa:ed:6b:17:
aa:89:ab:9b:82:16:46:34:8e:0b:68:14:9f:d5:77:
da:38:a5:72:03:c0:39:57:89:9c:ca:70:40:5e:02:
f9:38:85:8a:b7:74:e1:7d:4e:9c:7b:bf:eb:ce:b3:
91:9a:ed:42:c5:16:2c:6f:ae:9f:d0:eb:7d:85:7d:
14:a0:85:e8:c1:83:37:22:19:c0:6f:42:a3:d5:83:
b6:a9:fa:82:5f:fd:45:5f:4b:b7:57:1f:c9:f6:95:
fb:cf:90:5d:cd:fd:d8:d5:d6:0d:1b:f9:0f:f1:d1:
98:5a:1e:0c:79:c8:b9:f7:3c:e5:37:5e:d3:3a:45:
79:26:31:4b:2c:01:b9:4d:ff:b4:83:ec:b6:f7:0e:
89:02:8d:f1:9b:02:ba:c1:26:ae:9d:af:f5:24:f1:
89:03:6b:70:9d:97:16:ce:10:d3:88:72:62:18:da:
56:22:ed:17:0c:b2:bb:1f:0b:ab:0d:37:52:8d:f9:
43:91:4c:62:37:1d:4c:20:37:c3:8c:6e:20:68:08:
76:a9:14:0e:39:26:6e:58:e7:f1:94:1e:5d:1a:f9:
c8:91:d0:f1:a1:ce:d6:d2:83:e6:79:e7:09:4b:8d:
45:94:de:10:ce:40:46:03:36:e9:f5:28:87:3a:e6:
e5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:55:4C:63:4D:29:E5:98:86:FD:1C:9E:92:EF:32:88:E6:A5:57:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:9000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:c8:31:3c:1c:f9:b8:4b:a2:2a:06:40:00:3a:68:9c:91:be:
8d:cf:aa:bb:54:21:c6:27:cc:19:f7:f6:4f:0f:13:85:0c:b8:
be:21:65:ab:fe:3f:64:c4:42:61:e4:e5:0e:40:24:33:63:85:
93:a9:66:53:ec:ff:4e:a9:48:2e:fd:36:89:79:16:1f:26:d5:
6f:3e:cc:62:ad:60:4d:d3:d6:cb:64:f7:a2:b5:5f:c8:4f:bd:
e6:12:30:15:52:a2:82:88:01:7e:bd:71:ec:b7:34:32:9a:e4:
e0:9a:8d:1c:7b:dd:be:2f:b6:e1:3f:35:06:28:54:66:93:bc:
c6:f5:17:b5:b9:54:41:6f:be:b0:43:e8:c0:6c:4e:38:a5:a3:
1c:42:7e:a4:20:48:78:52:9b:83:a4:52:b6:c1:5d:6a:36:de:
2e:73:58:e1:86:bf:5b:4f:6d:5e:68:8c:5b:a4:74:43:14:76:
59:0a:d1:ee:1f:46:9c:9f:58:e3:55:46:6c:a5:05:f0:18:d5:
c2:e1:94:15:2a:99:1d:54:85:17:46:61:eb:73:b8:30:37:bb:
b5:53:2f:be:ee:5f:80:f9:21:0c:ad:a3:60:37:76:20:43:b9:
46:48:88:82:c3:4a:e4:37:86:25:09:bf:b4:3f:1b:b0:f6:d0:
7b:fc:06:3c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMehKyv6ybc+5lpjyRSJ22OybdJ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwMDFaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwNDUwZmQ3MWJmOWI0YWViOTA2NzE0Y2QyZDE3OWMwMzg0NDYxMmQxMTcz
ZjlhNmE4OWI4NWZmN2M5MWIzZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1MSHhdJBVIBJeq7WsXqomrm4IWRjSOC2gUn9V32jilcgPAOVeJnMpwQF4C
+TiFird04X1OnHu/686zkZrtQsUWLG+un9DrfYV9FKCF6MGDNyIZwG9Co9WDtqn6
gl/9RV9Lt1cfyfaV+8+QXc392NXWDRv5D/HRmFoeDHnIufc85Tde0zpFeSYxSywB
uU3/tIPstvcOiQKN8ZsCusEmrp2v9STxiQNrcJ2XFs4Q04hyYhjaViLtFwyyux8L
qw03Uo35Q5FMYjcdTCA3w4xuIGgIdqkUDjkmbljn8ZQeXRr5yJHQ8aHO1tKD5nnn
CUuNRZTeEM5ARgM26fUohzrm5WkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRIVUxj
TSnlmIb9HJ6S7zKI5qVXJzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjU2MjY4NGQtMDIwYy00MGQ5LWIzYmItM2ZjYjRjNjM4NDk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCayDE8HPm4S6IqBkAAOmickb6Nz6q7VCHGJ8wZ
9/ZPDxOFDLi+IWWr/j9kxEJh5OUOQCQzY4WTqWZT7P9OqUgu/TaJeRYfJtVvPsxi
rWBN09bLZPeitV/IT73mEjAVUqKCiAF+vXHstzQymuTgmo0ce92+L7bhPzUGKFRm
k7zG9Re1uVRBb76wQ+jAbE44paMcQn6kIEh4UpuDpFK2wV1qNt4uc1jhhr9bT21e
aIxbpHRDFHZZCtHuH0acn1jjVUZspQXwGNXC4ZQVKpkdVIUXRmHrc7gwN7u1Uy++
7l+A+SEMraNgN3YgQ7lGSIiCw0rkN4YlCb+0Pxuw9tB7/AY8
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:14:28 2025 by rpki-client