Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
File: 0cadec3e-a35e-4321-b172-825de7a521d7.roa (raw, json)
Hash identifier: S41C0ewr6X56jFoJVYSeh1e+4mqUHFAAf1MBs09OdP8=
Subject key identifier: 48:5F:89:8E:42:70:B8:A1:85:68:D8:18:86:CA:29:F9:92:70:DB:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01F7D4C1C8C178A317DF96270AD4552CCC388C58
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
Signing time: Tue 21 Oct 2025 13:30:15 +0000
ROA not before: Tue 21 Oct 2025 13:30:15 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:f7:d4:c1:c8:c1:78:a3:17:df:96:27:0a:d4:55:2c:cc:38:8c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:30:15 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=304b652c1e62bad1e28fb5e0cdb1332ac2a6bb6eb4203c7b3a4567a99890516a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:bb:79:b2:89:ce:5d:53:ff:0e:f4:e8:46:6f:
1a:c1:53:80:c2:1b:8e:ee:8b:e9:cd:70:9d:59:74:
bc:e0:99:0d:c5:00:27:97:45:f8:eb:cf:5c:82:09:
a5:33:e4:36:2e:2d:06:e1:48:17:1e:96:10:29:dd:
0e:df:9e:e6:0a:a2:67:3a:b9:d7:a9:16:15:09:03:
fa:6b:f2:d7:34:d2:a0:76:9c:17:47:69:c9:ec:25:
85:ac:2f:0c:45:7f:21:84:d5:0d:fd:1c:1c:ec:2e:
18:21:71:a0:4b:b8:a3:ca:e7:12:e9:03:48:7c:43:
42:0f:77:7b:f7:2e:6b:ff:f7:b8:0d:39:62:f8:46:
cf:1c:f0:af:29:5b:83:c5:75:92:77:23:2c:17:51:
d0:f2:53:db:87:f6:d8:24:fb:31:38:45:fc:bb:78:
d1:80:78:6c:af:f9:81:03:82:c5:8f:40:57:ff:3a:
24:54:b8:bd:ac:b7:45:cd:51:41:c3:81:69:cc:b7:
2d:50:83:94:a7:fe:bb:c8:a9:36:e9:cd:a5:01:05:
69:05:18:59:5b:79:63:60:21:70:9f:3f:e4:94:a6:
2b:2f:b6:24:ce:e9:37:33:39:7a:9d:c4:b2:29:bd:
fd:6c:f2:8a:88:ea:1a:7e:fe:2a:c0:3f:4c:0c:41:
a1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5F:89:8E:42:70:B8:A1:85:68:D8:18:86:CA:29:F9:92:70:DB:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
23:a2:57:53:d1:26:ff:a9:48:e6:43:2a:6b:40:b4:b2:b3:73:
78:95:c8:30:57:72:a4:95:3d:d8:f6:3f:3d:ae:32:94:fb:07:
bd:f8:12:1a:fd:b8:bb:f2:a4:45:1f:9e:30:40:34:fb:1c:6a:
f1:37:22:a4:31:53:45:05:44:3f:30:0e:32:4a:6d:24:85:d3:
6a:d1:b8:ca:bd:3e:d7:95:20:0e:ca:89:91:9c:ab:64:ec:67:
96:7d:6c:4c:6f:6b:8d:2b:52:d0:df:1c:f6:42:2c:74:88:9e:
64:72:6b:bc:cf:53:ed:88:dd:e7:89:d7:35:d4:50:a5:2d:7c:
08:98:df:88:4a:54:ce:6a:32:b2:42:7e:f6:9e:af:8f:98:d7:
a0:fd:80:de:5a:e8:86:0f:ec:8a:c4:23:be:62:c2:22:83:07:
d0:f1:2a:45:ed:a1:ce:14:04:2a:07:e4:5f:34:41:79:74:1a:
69:ae:1b:38:cb:a5:77:fa:4c:78:99:19:c9:56:51:ad:f9:ea:
41:73:16:3e:55:78:c3:39:91:d5:6a:8b:40:3a:11:d3:b4:0d:
a4:3a:53:85:0c:58:1f:d3:24:d7:61:48:50:50:64:88:66:12:
e5:7a:d1:85:1d:0d:b4:0b:cc:92:ad:b0:78:f5:b8:b1:62:fd:
c5:7a:00:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAffUwcjBeKMX35YnCtRVLMw4jFgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMwMTVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwNGI2NTJjMWU2MmJhZDFlMjhmYjVlMGNkYjEzMzJhYzJhNmJiNmViNDIw
M2M3YjNhNDU2N2E5OTg5MDUxNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJe7ebKJzl1T/w706EZvGsFTgMIbju6L6c1wnVl0vOCZDcUAJ5dF+OvPXIIJ
pTPkNi4tBuFIFx6WECndDt+e5gqiZzq516kWFQkD+mvy1zTSoHacF0dpyewlhawv
DEV/IYTVDf0cHOwuGCFxoEu4o8rnEukDSHxDQg93e/cua//3uA05YvhGzxzwrylb
g8V1kncjLBdR0PJT24f22CT7MThF/Lt40YB4bK/5gQOCxY9AV/86JFS4vay3Rc1R
QcOBacy3LVCDlKf+u8ipNunNpQEFaQUYWVt5Y2AhcJ8/5JSmKy+2JM7pNzM5ep3E
sim9/WzyiojqGn7+KsA/TAxBoV0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRIX4mO
QnC4oYVo2BiGyin5knDbXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNhZGVjM2UtYTM1ZS00MzIxLWIxNzItODI1ZGU3YTUyMWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAI6JXU9Em/6lI5kMqa0C0srNzeJXIMFdypJU9
2PY/Pa4ylPsHvfgSGv24u/KkRR+eMEA0+xxq8TcipDFTRQVEPzAOMkptJIXTatG4
yr0+15UgDsqJkZyrZOxnln1sTG9rjStS0N8c9kIsdIieZHJrvM9T7Yjd54nXNdRQ
pS18CJjfiEpUzmoyskJ+9p6vj5jXoP2A3lrohg/sisQjvmLCIoMH0PEqRe2hzhQE
KgfkXzRBeXQaaa4bOMuld/pMeJkZyVZRrfnqQXMWPlV4wzmR1WqLQDoR07QNpDpT
hQxYH9Mk12FIUFBkiGYS5XrRhR0NtAvMkq2wePW4sWL9xXoArg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:56 2025 by rpki-client