Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
File: 183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa (raw, json)
Hash identifier: wQomDZSi4bDTAgZSuiShWx+Pm39vMySbKW6U2TnqvDw=
Subject key identifier: 2A:57:A3:C5:FF:C8:74:5C:26:58:C5:39:B4:FE:05:9E:67:EA:F2:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56F84A0EE01F8FA2CE9DB61246BB9DEA3D7E4345
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
Signing time: Tue 21 Oct 2025 14:21:00 +0000
ROA not before: Tue 21 Oct 2025 14:21:00 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:f8:4a:0e:e0:1f:8f:a2:ce:9d:b6:12:46:bb:9d:ea:3d:7e:43:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:21:00 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=0cb9f983fd5f779e521985c2e71a37c85d770325889a253b8a25a24bbfa4c83b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:83:88:fe:90:3c:2b:cb:b3:d6:95:45:98:08:
b7:df:c1:d1:00:49:f2:63:63:c1:cb:75:c4:b4:b0:
42:8d:c4:46:7d:d3:29:52:b4:b8:f9:2e:5b:1f:fd:
f9:12:73:b2:1c:7e:d8:e7:fc:44:49:10:26:da:6c:
55:44:9d:3c:88:0b:35:5d:30:6b:7a:21:77:26:e2:
48:ad:9e:ff:ae:79:76:0e:a0:aa:24:68:de:ef:0f:
08:26:81:7f:6e:b8:df:39:9c:b7:49:28:99:9b:0c:
85:88:b4:1d:fb:8b:05:76:79:0f:fe:1c:be:98:c2:
6a:05:08:45:d9:2d:3a:e5:87:8e:23:4e:80:95:6a:
79:d9:63:f2:f6:3f:d5:95:55:2d:89:ab:7f:60:0c:
7c:58:9e:c9:d8:ec:c3:9c:92:2f:d7:98:92:23:10:
c4:90:74:7a:3d:4c:f2:d6:24:f5:78:21:f2:29:1f:
fe:35:29:54:ec:25:9b:fb:d3:31:e4:0b:a9:d7:ca:
92:e5:6a:c1:9b:51:09:14:48:75:93:6c:4a:f0:48:
e3:2c:5b:fd:f3:cb:ea:f1:f0:e2:c4:62:99:2c:37:
39:24:e1:11:97:ef:93:e7:3d:04:43:db:19:9b:a4:
5e:2a:69:1d:50:73:4c:85:a1:f9:ad:a2:62:7f:7a:
5a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:57:A3:C5:FF:C8:74:5C:26:58:C5:39:B4:FE:05:9E:67:EA:F2:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:1000::/40
Signature Algorithm: sha256WithRSAEncryption
1e:dd:b8:d8:d0:a3:42:6a:1f:47:d7:05:ba:5b:6d:1e:f4:df:
4e:a4:31:3c:ba:a4:4e:73:62:82:d4:b8:74:ed:94:4e:5e:78:
94:79:7d:79:0b:fd:c0:bd:19:95:0c:5b:59:1b:0a:6b:09:f4:
7e:d7:99:a2:b8:cb:f6:99:55:d7:e5:17:32:a1:9f:32:29:26:
f2:cc:aa:d6:e4:c6:05:2a:40:98:df:7f:c5:b0:89:74:cf:14:
40:9d:c5:cb:01:f3:5a:dc:e9:55:29:62:a1:47:2b:bc:49:76:
94:b9:91:76:43:1b:be:2b:7c:c4:9f:38:36:fc:c9:e9:5f:f6:
7e:4e:3e:67:65:f2:d5:91:f3:61:66:88:6a:11:3e:f8:37:dc:
61:bd:cd:01:e0:d7:cb:74:2e:44:ce:40:23:c0:57:8c:dd:41:
18:11:51:65:bf:3e:73:0a:40:24:5b:d6:e2:28:12:32:96:c1:
0a:ea:7e:6c:93:c1:55:68:f4:8a:b2:1e:74:3a:88:d5:91:f6:
c7:00:48:ee:7e:b9:05:74:33:d2:a6:de:78:0a:2e:f1:4c:ab:
54:2f:11:c1:ae:86:1d:23:eb:30:1c:3e:8c:46:f8:48:33:6a:
66:42:8c:a3:f3:da:0a:9a:4b:ea:9e:4d:75:89:a1:6f:34:77:
c0:8e:df:19
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVvhKDuAfj6LOnbYSRrud6j1+Q0UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIxMDBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjYjlmOTgzZmQ1Zjc3OWU1MjE5ODVjMmU3MWEzN2M4NWQ3NzAzMjU4ODlh
MjUzYjhhMjVhMjRiYmZhNGM4M2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqDiP6QPCvLs9aVRZgIt9/B0QBJ8mNjwct1xLSwQo3ERn3TKVK0uPkuWx/9
+RJzshx+2Of8REkQJtpsVUSdPIgLNV0wa3ohdybiSK2e/655dg6gqiRo3u8PCCaB
f2643zmct0komZsMhYi0HfuLBXZ5D/4cvpjCagUIRdktOuWHjiNOgJVqedlj8vY/
1ZVVLYmrf2AMfFieydjsw5ySL9eYkiMQxJB0ej1M8tYk9Xgh8ikf/jUpVOwlm/vT
MeQLqdfKkuVqwZtRCRRIdZNsSvBI4yxb/fPL6vHw4sRimSw3OSThEZfvk+c9BEPb
GZukXippHVBzTIWh+a2iYn96WvcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQqV6PF
/8h0XCZYxTm0/gWeZ+ry1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgzZWI1ODMtM2ZiMy00YzNhLWJhZGItOWZlMGE0ZTUwZmQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAe3bjY0KNCah9H1wW6W20e9N9OpDE8uqROc2KC
1Lh07ZROXniUeX15C/3AvRmVDFtZGwprCfR+15miuMv2mVXX5RcyoZ8yKSbyzKrW
5MYFKkCY33/FsIl0zxRAncXLAfNa3OlVKWKhRyu8SXaUuZF2Qxu+K3zEnzg2/Mnp
X/Z+Tj5nZfLVkfNhZohqET74N9xhvc0B4NfLdC5EzkAjwFeM3UEYEVFlvz5zCkAk
W9biKBIylsEK6n5sk8FVaPSKsh50OojVkfbHAEjufrkFdDPSpt54Ci7xTKtULxHB
roYdI+swHD6MRvhIM2pmQoyj89oKmkvqnk11iaFvNHfAjt8Z
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:15 2025 by rpki-client