Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
File: 05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa (raw, json)
Hash identifier: QXBLSwKfZ8LJ1xuhV8TPrMxmhKf+9tKG0FvTK3GbjSA=
Subject key identifier: 5A:C0:9D:A3:B4:C9:E6:E2:51:E7:E2:51:D6:8D:D4:88:9A:96:84:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D15E9E68B2510AE6C067C5EF30237A043A3C70F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
Signing time: Tue 21 Oct 2025 14:30:12 +0000
ROA not before: Tue 21 Oct 2025 14:30:12 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8050::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:15:e9:e6:8b:25:10:ae:6c:06:7c:5e:f3:02:37:a0:43:a3:c7:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:30:12 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=e9b553f52e61fa4235fc1a59e789cb58eaa20d1f4d440273c14a45c6dcbf357e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:47:d5:a7:8d:33:7c:53:6a:e4:91:ab:1a:a7:
f9:66:fd:cf:7e:6c:03:19:4a:d2:9d:c2:b3:c4:08:
0b:9b:b4:da:73:be:1b:8e:21:18:05:07:38:08:c8:
42:db:7d:d8:d1:44:db:8f:59:f9:7b:6e:cc:2a:1a:
b1:0b:b9:36:64:1f:ed:d4:37:fa:97:35:05:d6:e2:
bc:72:37:1f:e2:9a:0d:ef:aa:e6:fa:46:d9:90:de:
f0:8b:19:e4:b9:9e:81:59:88:37:25:eb:14:ee:d3:
dd:da:6e:3d:be:b2:bc:a1:c5:bd:a8:ef:80:ab:ab:
fc:6d:66:59:d2:cd:6b:3a:01:68:a5:26:10:51:67:
cc:96:93:7a:6f:46:16:ba:32:db:9d:03:ef:34:f8:
ad:11:48:2d:9c:59:ac:d6:23:56:d0:4d:87:3d:e3:
3c:9e:97:2f:1e:8b:a5:c2:a1:b6:3b:fa:3d:d8:b7:
15:26:ff:b8:3f:a4:0f:86:4a:e0:25:5d:e1:8a:6d:
39:f0:db:0f:36:70:51:1c:4e:25:c4:21:8c:26:27:
bc:89:de:76:fb:b5:90:71:37:29:32:b2:b0:9e:6d:
c3:f5:b6:f7:59:e7:1b:89:c6:8d:d2:c0:64:f9:b6:
54:a7:bc:6d:fe:fa:79:1e:5f:13:9c:6a:c8:78:8f:
1a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C0:9D:A3:B4:C9:E6:E2:51:E7:E2:51:D6:8D:D4:88:9A:96:84:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8050::/48
Signature Algorithm: sha256WithRSAEncryption
4b:27:98:13:b1:83:47:ce:46:7f:b0:7b:ef:14:db:c4:38:09:
71:e6:96:14:11:b6:ab:7e:8c:f0:e1:59:9c:ff:a4:b2:c2:69:
22:8a:6c:2b:96:54:bc:73:5b:b3:0d:fc:47:78:ad:b0:b4:e0:
0f:25:4a:ee:0a:b5:8e:f7:e9:4c:19:cf:ef:e2:2f:ef:75:ed:
1f:96:6c:2e:cf:67:d5:b0:2c:09:29:a1:27:df:f0:f0:7e:01:
52:9f:51:54:29:9c:c7:56:36:cc:39:87:70:42:53:80:6d:95:
17:96:93:57:d4:4e:86:63:33:eb:9f:f0:ff:e3:97:dc:87:6f:
78:b2:ba:c4:79:87:62:29:4b:8e:46:e9:91:26:06:fb:02:eb:
50:8f:c9:aa:11:1e:22:62:e9:26:b7:31:e9:6c:da:24:72:f0:
23:82:e6:0f:47:99:0d:ac:ab:8c:f5:0f:d2:97:c8:f2:b4:9c:
07:ad:fb:f1:b1:c9:cb:a1:66:67:62:f4:47:7c:88:5c:79:4a:
54:15:3d:f9:e2:03:78:75:a8:05:38:88:99:9d:52:07:26:ed:
40:8a:bf:88:cd:09:1b:42:25:72:9d:3d:15:4f:6a:cf:06:11:
8f:ac:72:e8:11:b9:9f:8f:5e:09:18:2b:9a:70:db:74:b1:f2:
83:15:35:66
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTRXp5oslEK5sBnxe8wI3oEOjxw8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMwMTJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5YjU1M2Y1MmU2MWZhNDIzNWZjMWE1OWU3ODljYjU4ZWFhMjBkMWY0ZDQ0
MDI3M2MxNGE0NWM2ZGNiZjM1N2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdH1aeNM3xTauSRqxqn+Wb9z35sAxlK0p3Cs8QIC5u02nO+G44hGAUHOAjI
Qtt92NFE249Z+XtuzCoasQu5NmQf7dQ3+pc1BdbivHI3H+KaDe+q5vpG2ZDe8IsZ
5LmegVmINyXrFO7T3dpuPb6yvKHFvajvgKur/G1mWdLNazoBaKUmEFFnzJaTem9G
Froy250D7zT4rRFILZxZrNYjVtBNhz3jPJ6XLx6LpcKhtjv6Pdi3FSb/uD+kD4ZK
4CVd4YptOfDbDzZwURxOJcQhjCYnvInedvu1kHE3KTKysJ5tw/W291nnG4nGjdLA
ZPm2VKe8bf76eR5fE5xqyHiPGv8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRawJ2j
tMnm4lHn4lHWjdSImpaEYTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDVmN2FiM2YtY2I3My00OWE2LWFhZGEtNDQwYmY0ZGJmM2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
UDANBgkqhkiG9w0BAQsFAAOCAQEASyeYE7GDR85Gf7B77xTbxDgJceaWFBG2q36M
8OFZnP+kssJpIopsK5ZUvHNbsw38R3itsLTgDyVK7gq1jvfpTBnP7+Iv73XtH5Zs
Ls9n1bAsCSmhJ9/w8H4BUp9RVCmcx1Y2zDmHcEJTgG2VF5aTV9ROhmMz65/w/+OX
3IdveLK6xHmHYilLjkbpkSYG+wLrUI/JqhEeImLpJrcx6WzaJHLwI4LmD0eZDayr
jPUP0pfI8rScB6378bHJy6FmZ2L0R3yIXHlKVBU9+eIDeHWoBTiImZ1SBybtQIq/
iM0JG0Ilcp09FU9qzwYRj6xy6BG5n49eCRgrmnDbdLHygxU1Zg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:59 2025 by rpki-client