Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
File: 914a6acc-cb88-4da2-8443-fbaf927c9652.roa (raw, json)
Hash identifier: nfxeBNN/6RHkdQsgcyIFVraRMaXtM5Cved+PmCEzZI8=
Subject key identifier: E3:06:40:44:BD:57:3E:9C:C2:C1:7B:24:77:7D:A3:D6:23:D4:1C:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E780099B505944FEB6B4757F8AB068922A70698
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
Signing time: Fri 31 Oct 2025 01:40:06 +0000
ROA not before: Fri 31 Oct 2025 01:40:06 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:78:00:99:b5:05:94:4f:eb:6b:47:57:f8:ab:06:89:22:a7:06:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 01:40:06 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=8e9c1b59a94259e1f585ef856307e2f1a68969af6cbdb45b1e409667613fe5ba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f4:06:41:d0:36:4d:f6:7b:2d:e4:26:b6:bc:
0a:8d:ac:ae:8f:1c:61:e2:44:94:79:03:48:31:03:
98:bb:d0:cb:f0:23:10:fd:03:d9:1b:bd:57:17:75:
59:b7:8f:89:25:8a:8d:6c:69:d4:02:9d:3e:0f:f2:
9b:23:74:bb:57:91:d9:de:43:cb:08:3c:78:e8:38:
41:df:7c:c4:25:6a:6c:6d:64:80:f5:b6:c7:ee:21:
a6:5d:57:41:e0:b8:ef:e9:b7:bc:22:8a:0f:7a:ea:
94:3a:9e:44:ce:13:14:7c:3d:f7:31:1b:0f:1b:14:
07:39:66:3d:bd:3f:d1:28:23:ff:3b:f1:4b:16:ae:
12:2d:2b:1c:ad:16:8b:3d:cb:9f:3d:e3:b4:ef:62:
f3:6e:1c:f3:1a:9e:f1:79:34:fb:61:74:9f:d2:37:
60:04:13:42:9b:73:55:ed:e8:a4:7e:48:02:a3:52:
77:28:13:d7:03:68:d8:83:14:50:24:c1:a5:33:1e:
2f:77:94:12:01:dc:24:a9:4d:74:e3:b1:fe:98:41:
21:69:9d:00:8a:e6:48:1e:b5:26:1d:18:38:01:77:
1e:9b:60:b7:4b:2b:85:3b:44:5b:7e:e0:2b:d7:98:
4b:b1:26:fc:87:16:70:4e:a7:ea:b8:0d:ad:e1:59:
97:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:06:40:44:BD:57:3E:9C:C2:C1:7B:24:77:7D:A3:D6:23:D4:1C:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:9000::/40
Signature Algorithm: sha256WithRSAEncryption
bc:0e:3e:ca:a6:ef:4a:7b:f5:c8:10:2e:48:5f:00:03:ad:0b:
76:37:ac:1e:bb:55:78:01:8a:6e:cf:fe:f0:84:bb:5e:41:a5:
23:60:bf:ad:f9:1c:d3:bd:bf:26:b0:5f:e8:cc:b2:4a:22:a2:
87:3e:5d:d0:ef:b4:b4:e1:8a:52:ee:54:19:47:9c:83:58:41:
63:04:15:70:bc:88:e9:dc:93:84:3e:65:0f:97:c7:41:23:87:
d4:8a:54:68:33:87:81:7f:aa:89:7d:52:87:f8:b0:80:13:0a:
26:63:ef:e1:68:c3:69:9f:3d:6c:d1:6f:13:32:0c:73:b0:f9:
6d:bb:af:da:a2:63:8a:90:a9:74:76:f8:3a:6f:aa:95:81:39:
98:c8:31:49:6d:47:a1:9f:2d:0e:82:9c:9f:79:e6:fc:54:34:
ff:4c:46:da:cf:9b:f9:dd:af:e0:a7:22:0b:a9:0c:c1:08:ed:
64:11:a7:46:90:48:ec:43:12:e2:61:27:22:de:70:aa:e1:0a:
45:f5:09:94:0e:40:0d:e5:57:25:0f:5c:39:60:74:a4:88:3d:
05:5e:85:58:3a:69:f1:c2:57:da:fc:57:b9:9b:a8:10:8f:2b:
98:9b:fe:32:a0:3f:14:16:df:29:be:cb:3b:2b:16:0e:d2:a9:
8c:22:b6:0e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXngAmbUFlE/ra0dX+KsGiSKnBpgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMTQwMDZaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlOWMxYjU5YTk0MjU5ZTFmNTg1ZWY4NTYzMDdlMmYxYTY4OTY5YWY2Y2Jk
YjQ1YjFlNDA5NjY3NjEzZmU1YmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALz0BkHQNk32ey3kJra8Co2sro8cYeJElHkDSDEDmLvQy/AjEP0D2Ru9Vxd1
WbePiSWKjWxp1AKdPg/ymyN0u1eR2d5Dywg8eOg4Qd98xCVqbG1kgPW2x+4hpl1X
QeC47+m3vCKKD3rqlDqeRM4TFHw99zEbDxsUBzlmPb0/0Sgj/zvxSxauEi0rHK0W
iz3Lnz3jtO9i824c8xqe8Xk0+2F0n9I3YAQTQptzVe3opH5IAqNSdygT1wNo2IMU
UCTBpTMeL3eUEgHcJKlNdOOx/phBIWmdAIrmSB61Jh0YOAF3Hptgt0srhTtEW37g
K9eYS7Em/IcWcE6n6rgNreFZl0UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTjBkBE
vVc+nMLBeyR3faPWI9QcVjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTE0YTZhY2MtY2I4OC00ZGEyLTg0NDMtZmJhZjkyN2M5NjUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC8Dj7Kpu9Ke/XIEC5IXwADrQt2N6weu1V4AYpu
z/7whLteQaUjYL+t+RzTvb8msF/ozLJKIqKHPl3Q77S04YpS7lQZR5yDWEFjBBVw
vIjp3JOEPmUPl8dBI4fUilRoM4eBf6qJfVKH+LCAEwomY+/haMNpnz1s0W8TMgxz
sPltu6/aomOKkKl0dvg6b6qVgTmYyDFJbUehny0Ogpyfeeb8VDT/TEbaz5v53a/g
pyILqQzBCO1kEadGkEjsQxLiYSci3nCq4QpF9QmUDkAN5VclD1w5YHSkiD0FXoVY
Omnxwlfa/Fe5m6gQjyuYm/4yoD8UFt8pvss7KxYO0qmMIrYO
-----END CERTIFICATE-----
Generated at Wed Nov 5 04:50:56 2025 by rpki-client