Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62d19016-7a77-4f9c-a163-b01636d2402b.roa
File: 62d19016-7a77-4f9c-a163-b01636d2402b.roa (raw, json)
Hash identifier: WDV2HFiMnY2dunJ96713UjpwiXzi/0OKvCEVdXHDOS8=
Subject key identifier: BF:09:C8:F7:70:95:0E:C1:A0:04:05:DC:AC:B2:8D:86:36:A7:F3:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4AEF58F5D71694CACA51F231F456A1459DE29314
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62d19016-7a77-4f9c-a163-b01636d2402b.roa
Signing time: Wed 29 Oct 2025 07:36:44 +0000
ROA not before: Wed 29 Oct 2025 07:36:44 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:ef:58:f5:d7:16:94:ca:ca:51:f2:31:f4:56:a1:45:9d:e2:93:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:44 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=689c5c218f819c2c5d8dc0277bd18e4b15fa522a2e05b3e06cf5e78ef3dacc1e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fa:65:51:bd:ea:b0:39:f8:44:b8:26:4a:30:
ff:9e:eb:ae:fe:19:95:bf:da:bd:e8:69:9d:ef:cc:
cb:fa:8e:36:3a:a4:b4:75:4f:68:b7:c2:23:3a:27:
4f:e2:1d:15:8d:b1:6e:87:41:89:d9:aa:e7:fc:b5:
1d:a6:90:58:99:7f:4d:a8:76:84:60:1a:4e:bb:93:
3c:e4:59:e2:62:5f:e3:af:61:85:88:86:47:2f:28:
36:f2:23:fb:9f:cc:dd:03:f1:67:94:22:86:f1:e3:
0c:51:31:2f:e7:15:10:cd:da:e6:7a:44:d3:ee:5e:
5e:2d:5f:b5:c7:9a:5c:09:40:6f:a1:a5:25:ef:00:
67:35:72:a0:24:60:3b:3b:3d:60:bf:c9:2f:14:20:
6f:98:50:55:c8:25:25:6a:52:92:64:62:13:0d:01:
bb:09:2a:6f:95:04:0a:bc:82:0d:e1:13:a6:f3:55:
a8:f1:a6:a1:89:31:9f:ee:28:66:65:4c:4a:6e:72:
f3:5b:d0:41:8b:49:82:41:d5:73:e4:62:8d:9a:4f:
05:5f:f1:e9:ea:11:fb:61:b0:33:28:ae:4c:cf:0c:
23:0f:14:4f:a2:83:8b:f2:10:e5:82:a2:16:fb:e8:
57:bb:f1:4b:78:76:9f:06:d1:7d:a3:64:ee:2e:8e:
0d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:09:C8:F7:70:95:0E:C1:A0:04:05:DC:AC:B2:8D:86:36:A7:F3:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62d19016-7a77-4f9c-a163-b01636d2402b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:e040::/48
Signature Algorithm: sha256WithRSAEncryption
07:e5:e8:bf:ca:42:93:a3:35:9c:88:0f:05:d8:bd:58:b1:df:
dd:60:1a:98:68:10:44:73:6a:44:bb:b7:d0:29:4d:62:c6:ae:
fd:d1:c6:4c:74:4a:c6:87:7a:d4:41:b4:56:76:be:8b:b6:57:
1c:ff:44:07:39:0e:92:34:33:a2:6a:fd:ff:ea:9f:7a:b8:8f:
7c:75:1f:fe:da:2f:1d:c4:e4:29:4c:59:73:22:8f:5f:2e:08:
61:30:f8:eb:7e:83:c5:38:d1:44:46:24:cd:73:23:a8:dd:77:
78:f1:13:ed:67:e1:92:a0:39:91:d9:f9:84:1f:bd:b7:27:aa:
e1:24:de:8e:df:54:3e:99:62:97:42:c3:4b:4f:c0:ad:9f:67:
bf:e3:40:18:c0:f0:8c:36:ed:71:3d:c3:ed:8f:e2:de:fb:6e:
0f:0c:9b:3e:96:91:0a:32:22:80:b4:0f:92:4f:46:f0:95:b3:
50:15:6b:65:71:25:84:37:df:64:f2:80:57:c3:99:35:f5:65:
fe:7b:15:d3:7c:bf:b5:d9:b3:0a:9d:c9:7f:d2:24:aa:08:4d:
b3:99:87:32:56:da:50:05:24:99:ad:80:0a:49:96:55:52:cc:
5b:54:c4:87:c6:dd:32:12:12:cc:28:6e:1e:e1:99:ba:19:37:
b0:ae:cb:03
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSu9Y9dcWlMrKUfIx9FahRZ3ikxQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NDRaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4OWM1YzIxOGY4MTljMmM1ZDhkYzAyNzdiZDE4ZTRiMTVmYTUyMmEyZTA1
YjNlMDZjZjVlNzhlZjNkYWNjMWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJv6ZVG96rA5+ES4Jkow/57rrv4Zlb/avehpne/My/qONjqktHVPaLfCIzon
T+IdFY2xbodBidmq5/y1HaaQWJl/Tah2hGAaTruTPORZ4mJf469hhYiGRy8oNvIj
+5/M3QPxZ5QihvHjDFExL+cVEM3a5npE0+5eXi1ftceaXAlAb6GlJe8AZzVyoCRg
Ozs9YL/JLxQgb5hQVcglJWpSkmRiEw0Buwkqb5UECryCDeETpvNVqPGmoYkxn+4o
ZmVMSm5y81vQQYtJgkHVc+RijZpPBV/x6eoR+2GwMyiuTM8MIw8UT6KDi/IQ5YKi
FvvoV7vxS3h2nwbRfaNk7i6ODR0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS/Ccj3
cJUOwaAEBdysso2GNqfzWTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJkMTkwMTYtN2E3Ny00ZjljLWExNjMtYjAxNjM2ZDI0MDJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Grg
QDANBgkqhkiG9w0BAQsFAAOCAQEAB+Xov8pCk6M1nIgPBdi9WLHf3WAamGgQRHNq
RLu30ClNYsau/dHGTHRKxod61EG0Vna+i7ZXHP9EBzkOkjQzomr9/+qferiPfHUf
/tovHcTkKUxZcyKPXy4IYTD4636DxTjRREYkzXMjqN13ePET7WfhkqA5kdn5hB+9
tyeq4STejt9UPplil0LDS0/ArZ9nv+NAGMDwjDbtcT3D7Y/i3vtuDwybPpaRCjIi
gLQPkk9G8JWzUBVrZXElhDffZPKAV8OZNfVl/nsV03y/tdmzCp3Jf9IkqghNs5mH
MlbaUAUkma2ACkmWVVLMW1TEh8bdMhISzChuHuGZuhk3sK7LAw==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:41 2025 by rpki-client