Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
File: abbeedab-21fb-4993-b3ce-b753ba293d00.roa (raw, json)
Hash identifier: +uo1+LBQF9JUqMaVxuWT6wis/ww79F94Rmk+oOF7pr8=
Subject key identifier: 96:9D:FA:A0:F9:25:C3:48:D6:C0:B9:43:11:2F:BD:E0:D5:BC:C9:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3EA4A5D21ABE4C4B422282AB11D9BB5CDE0FBB60
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
Signing time: Tue 21 Oct 2025 13:20:09 +0000
ROA not before: Tue 21 Oct 2025 13:20:09 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:a4:a5:d2:1a:be:4c:4b:42:22:82:ab:11:d9:bb:5c:de:0f:bb:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:09 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=ef07e32ccf482f0ac11dc7db9654a8e59ff4a89e6b6c1eef7f600265f55bba5f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1f:64:33:e7:d3:2d:ee:06:5e:48:3a:d8:f0:
2c:df:1e:c4:35:73:7b:21:e0:d9:b4:d5:54:3c:f3:
56:1a:d1:4f:71:2f:41:4f:e8:f6:1b:dd:43:85:c8:
af:78:56:d0:3d:27:f0:b9:3c:3a:9c:f6:6d:d7:04:
09:e1:12:b5:5d:0f:3e:1f:d3:d8:df:ec:96:43:fc:
d2:75:7b:50:8c:11:03:44:bf:a5:35:16:2d:3d:38:
7e:03:c4:4e:32:75:e2:ac:18:5f:38:cc:bf:46:11:
7e:ab:45:59:f1:40:70:e4:14:45:6b:be:ef:d9:9c:
9e:23:87:9f:ce:b9:51:dc:6f:a0:41:cd:57:46:3a:
da:c9:74:d8:cd:69:aa:4f:cc:9f:4d:71:d8:80:3f:
a5:60:2e:97:d4:16:45:72:2a:1a:d2:f2:af:e9:55:
41:be:34:ce:17:b8:81:43:4e:29:00:19:76:60:cd:
0a:6a:19:1f:af:66:95:1a:9d:a5:e3:b8:3e:17:81:
98:04:8d:f7:30:c5:22:1d:a4:e8:7d:c8:8c:6a:05:
85:61:91:e4:51:55:a0:bd:e8:6f:97:23:52:3d:37:
3e:48:17:b4:6f:69:53:43:48:af:50:25:f6:64:4b:
e3:10:ff:24:ab:68:61:f9:bf:69:10:e4:e2:0e:ec:
b3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:9D:FA:A0:F9:25:C3:48:D6:C0:B9:43:11:2F:BD:E0:D5:BC:C9:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:e000::/40
Signature Algorithm: sha256WithRSAEncryption
5f:4a:01:87:45:ca:82:34:7b:68:24:ec:11:c9:38:af:e0:7d:
a2:72:a4:95:1d:6f:fa:53:32:1b:d2:38:d1:4f:40:6a:cb:88:
f5:40:44:5b:2a:f9:96:5e:ab:c8:e0:7c:31:58:65:50:c6:62:
c9:2a:54:de:c2:84:c6:a8:59:0d:5e:5d:2a:d7:99:a1:cf:31:
30:fd:d5:c5:8c:83:e4:24:1a:e0:ea:6c:50:3a:61:c8:42:d8:
72:b4:a8:e1:b3:6d:de:40:bb:b2:78:db:d0:31:03:31:93:87:
98:14:bd:66:e8:01:64:67:e3:9c:07:cd:a6:0b:d9:e2:70:ba:
4d:ea:cf:9a:14:70:7f:da:4c:d9:6a:1f:39:1c:98:8d:6e:19:
19:7d:a0:0d:62:8d:6c:36:45:89:36:ea:d7:11:84:ae:32:ac:
d0:d8:dd:88:c3:52:42:fa:b2:7a:b0:fd:c5:90:c2:ae:9d:cb:
dd:aa:fc:9c:5d:92:a7:90:95:56:d2:13:cf:d2:9a:2a:70:f8:
70:b0:5f:25:1b:cf:80:36:65:45:d4:55:5b:d2:e1:b7:08:dc:
39:0f:42:85:3e:11:46:ff:85:95:9b:0d:24:3e:de:ef:00:4e:
fa:88:4f:5d:e9:7a:8d:f8:59:ec:ec:82:d2:dd:f5:17:38:a7:
b7:45:8c:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPqSl0hq+TEtCIoKrEdm7XN4Pu2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwMDlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmMDdlMzJjY2Y0ODJmMGFjMTFkYzdkYjk2NTRhOGU1OWZmNGE4OWU2YjZj
MWVlZjdmNjAwMjY1ZjU1YmJhNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKEfZDPn0y3uBl5IOtjwLN8exDVzeyHg2bTVVDzzVhrRT3EvQU/o9hvdQ4XI
r3hW0D0n8Lk8Opz2bdcECeEStV0PPh/T2N/slkP80nV7UIwRA0S/pTUWLT04fgPE
TjJ14qwYXzjMv0YRfqtFWfFAcOQURWu+79mcniOHn865UdxvoEHNV0Y62sl02M1p
qk/Mn01x2IA/pWAul9QWRXIqGtLyr+lVQb40zhe4gUNOKQAZdmDNCmoZH69mlRqd
peO4PheBmASN9zDFIh2k6H3IjGoFhWGR5FFVoL3ob5cjUj03PkgXtG9pU0NIr1Al
9mRL4xD/JKtoYfm/aRDk4g7ss/cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSWnfqg
+SXDSNbAuUMRL73g1bzJOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWJiZWVkYWItMjFmYi00OTkzLWIzY2UtYjc1M2JhMjkzZDAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDg
MA0GCSqGSIb3DQEBCwUAA4IBAQBfSgGHRcqCNHtoJOwRyTiv4H2icqSVHW/6UzIb
0jjRT0Bqy4j1QERbKvmWXqvI4HwxWGVQxmLJKlTewoTGqFkNXl0q15mhzzEw/dXF
jIPkJBrg6mxQOmHIQthytKjhs23eQLuyeNvQMQMxk4eYFL1m6AFkZ+OcB82mC9ni
cLpN6s+aFHB/2kzZah85HJiNbhkZfaANYo1sNkWJNurXEYSuMqzQ2N2Iw1JC+rJ6
sP3FkMKuncvdqvycXZKnkJVW0hPP0poqcPhwsF8lG8+ANmVF1FVb0uG3CNw5D0KF
PhFG/4WVmw0kPt7vAE76iE9d6XqN+Fns7ILS3fUXOKe3RYxf
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:28:29 2025 by rpki-client