Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e3fdaff-455c-48d5-bbad-e4e6f2efcd8c.roa
File: 8e3fdaff-455c-48d5-bbad-e4e6f2efcd8c.roa (raw, json)
Hash identifier: R3mY63ZE7F8Skb9gXGe+weEiXELxlBbV+I3iOVgstUo=
Subject key identifier: 4B:EB:71:53:89:D2:D7:14:4A:54:44:AE:0A:1B:91:F5:E5:99:32:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15781C9F1F48E48DE1D63AAC2CD64585F1B2F294
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e3fdaff-455c-48d5-bbad-e4e6f2efcd8c.roa
Signing time: Wed 29 Oct 2025 07:36:43 +0000
ROA not before: Wed 29 Oct 2025 07:36:43 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:78:1c:9f:1f:48:e4:8d:e1:d6:3a:ac:2c:d6:45:85:f1:b2:f2:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:43 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=a9cfb3f61defd7110c3186db2032705026a00afba67bdc5e05bde5588b9d5955, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bb:24:8c:f7:75:05:b6:8b:5b:be:02:19:fa:
b7:a2:8a:2e:50:2d:cf:20:49:2f:6b:73:77:d5:5c:
8b:6b:d6:e0:fd:6f:11:4f:13:62:07:74:36:d3:81:
c7:04:a3:b8:9e:31:47:5f:86:f3:bb:18:a9:3c:42:
21:28:d9:bf:75:62:e2:76:9e:f5:70:52:06:4b:b7:
04:5f:e1:79:7d:4d:9c:03:02:6c:ed:7c:76:df:a6:
1c:ef:bc:3a:4b:85:df:a5:22:9d:25:2e:b2:1c:db:
ad:ea:b7:ed:56:21:04:8a:c5:7b:0d:b7:04:cf:27:
27:12:78:bf:fd:01:b6:53:78:17:21:e9:60:11:2d:
d3:0f:70:9c:4c:8b:c0:c1:2b:a4:13:97:01:03:81:
c2:e1:08:8a:52:ac:6c:be:ab:78:ec:6d:e4:ae:df:
a4:bb:0b:a0:f0:d3:16:53:6a:b3:43:5a:a4:c2:6d:
61:b8:76:f7:37:33:9f:97:df:2e:07:36:f2:49:1d:
95:c9:24:37:af:3c:32:a0:22:0a:3c:40:28:cb:e8:
ee:96:e1:04:7b:11:d1:ce:94:cb:10:2e:c3:23:fa:
b2:83:57:5c:ad:24:39:29:85:b7:7a:66:88:cd:ac:
28:62:e9:32:a5:fd:49:8f:53:af:3d:08:35:38:38:
4c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:EB:71:53:89:D2:D7:14:4A:54:44:AE:0A:1B:91:F5:E5:99:32:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e3fdaff-455c-48d5-bbad-e4e6f2efcd8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:c040::/48
Signature Algorithm: sha256WithRSAEncryption
4e:a9:23:f7:2c:f6:cf:2e:b7:19:7f:c9:ac:f3:17:fb:2f:03:
24:91:ff:eb:ff:d3:30:e3:ee:11:0d:c9:bd:10:fd:01:14:49:
ef:28:23:fd:ee:f2:52:58:98:a4:75:59:5a:cf:1d:d0:bb:ee:
05:e8:b7:af:97:92:b8:02:e1:d5:42:74:83:f1:ad:ac:f0:29:
27:7d:4c:52:a0:f3:48:9b:40:26:72:a9:aa:f4:db:7d:e3:14:
15:5d:61:f8:c9:01:0f:28:92:66:5e:bb:81:01:8f:a4:66:60:
40:a0:90:82:a8:59:56:0b:a9:94:79:69:97:17:f6:f2:9b:d4:
06:e6:5f:ae:98:00:7f:d4:b3:74:ed:63:69:01:29:1f:62:41:
8a:37:69:08:a2:a9:59:75:3e:49:52:36:45:db:fc:ca:f8:4a:
9c:0c:54:1d:a2:bf:f9:52:67:27:d2:36:71:10:32:13:73:80:
d3:2b:d2:c8:5e:2f:9a:1a:0b:13:46:f9:12:a7:dd:e7:a7:7c:
31:12:a0:ab:2a:22:87:40:3a:04:c8:83:07:5a:3e:14:51:4b:
a6:f8:e9:9e:eb:e0:57:15:ef:44:a4:be:2e:4a:6a:fe:b4:3e:
7e:bc:82:cd:50:69:f7:17:fe:f7:07:1b:1e:5c:65:cf:18:ca:
c1:ba:2e:64
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFXgcnx9I5I3h1jqsLNZFhfGy8pQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NDNaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5Y2ZiM2Y2MWRlZmQ3MTEwYzMxODZkYjIwMzI3MDUwMjZhMDBhZmJhNjdi
ZGM1ZTA1YmRlNTU4OGI5ZDU5NTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJm7JIz3dQW2i1u+Ahn6t6KKLlAtzyBJL2tzd9Vci2vW4P1vEU8TYgd0NtOB
xwSjuJ4xR1+G87sYqTxCISjZv3Vi4nae9XBSBku3BF/heX1NnAMCbO18dt+mHO+8
OkuF36UinSUushzbreq37VYhBIrFew23BM8nJxJ4v/0BtlN4FyHpYBEt0w9wnEyL
wMErpBOXAQOBwuEIilKsbL6reOxt5K7fpLsLoPDTFlNqs0NapMJtYbh29zczn5ff
Lgc28kkdlckkN688MqAiCjxAKMvo7pbhBHsR0c6UyxAuwyP6soNXXK0kOSmFt3pm
iM2sKGLpMqX9SY9Trz0INTg4TG8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRL63FT
idLXFEpURK4KG5H15ZkylTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGUzZmRhZmYtNDU1Yy00OGQ1LWJiYWQtZTRlNmYyZWZjZDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GrA
QDANBgkqhkiG9w0BAQsFAAOCAQEATqkj9yz2zy63GX/JrPMX+y8DJJH/6//TMOPu
EQ3JvRD9ARRJ7ygj/e7yUliYpHVZWs8d0LvuBei3r5eSuALh1UJ0g/GtrPApJ31M
UqDzSJtAJnKpqvTbfeMUFV1h+MkBDyiSZl67gQGPpGZgQKCQgqhZVguplHlplxf2
8pvUBuZfrpgAf9SzdO1jaQEpH2JBijdpCKKpWXU+SVI2Rdv8yvhKnAxUHaK/+VJn
J9I2cRAyE3OA0yvSyF4vmhoLE0b5Eqfd56d8MRKgqyoih0A6BMiDB1o+FFFLpvjp
nuvgVxXvRKS+Lkpq/rQ+fryCzVBp9xf+9wcbHlxlzxjKwbouZA==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:50 2025 by rpki-client