Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
File: 4408cd10-0fa6-407f-adbc-3a7a668523d6.roa (raw, json)
Hash identifier: xPCZUujVaiX5DJXKvqFLwQoAttiAHCIxBRDtgybCgvE=
Subject key identifier: 5E:F5:DC:78:D5:1B:02:47:A0:4A:A3:B8:A6:85:D3:F2:1B:14:15:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 438F38BA5D953B8F09D47EFAE62225214202B303
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
Signing time: Tue 21 Oct 2025 13:10:44 +0000
ROA not before: Tue 21 Oct 2025 13:10:44 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:8f:38:ba:5d:95:3b:8f:09:d4:7e:fa:e6:22:25:21:42:02:b3:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:10:44 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=5c4a641a11c1fbc85031fdbb62404d096f666850c9fa408f0794d84f54fb1a81, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:89:72:6b:56:2e:f5:1a:85:2e:a1:cc:29:f7:
b7:0f:57:db:44:ae:d6:1e:11:d8:73:5b:de:db:38:
53:77:c9:7f:03:37:be:80:99:e1:fa:91:44:d0:bc:
c1:d4:a9:b1:bc:03:ec:e7:41:d4:bc:c8:2b:53:3a:
d2:72:65:4b:7c:46:bd:4c:d5:82:01:1f:eb:f7:e0:
df:0d:5b:45:47:ee:54:74:e7:ac:1b:be:4f:46:ad:
e5:06:6e:cb:4b:84:4a:c9:05:27:3e:e0:c0:bf:12:
f3:15:0e:6e:f7:2f:a4:86:ee:9c:56:10:26:17:f2:
c8:ed:ff:56:69:f3:c1:52:a9:ed:64:18:92:6d:db:
25:cd:7e:2e:de:c9:b2:b3:c5:6c:23:4f:e0:eb:3b:
dc:2f:3a:61:02:0a:be:cb:25:95:d1:a5:7d:17:c6:
64:a7:1f:f8:2b:3a:89:86:d0:0e:eb:24:ef:21:2d:
72:88:44:a3:df:3e:2d:1e:56:32:61:f4:4c:57:bf:
3d:51:ec:0b:2a:11:5a:18:94:8d:d5:32:20:0d:1e:
ce:ab:84:d9:29:43:35:8c:42:bd:f6:6b:f6:46:1e:
43:89:1a:58:d9:98:dd:64:0e:89:ee:12:1d:e8:c9:
4b:92:49:c6:9f:14:b4:d3:75:95:9a:6c:11:a8:bf:
65:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F5:DC:78:D5:1B:02:47:A0:4A:A3:B8:A6:85:D3:F2:1B:14:15:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1040::/48
Signature Algorithm: sha256WithRSAEncryption
28:83:6d:3a:be:32:fa:5c:ef:d8:23:18:95:7f:54:29:cd:9e:
45:e2:fa:0c:ea:45:f1:bd:31:96:2f:4e:5f:bd:0d:df:c8:6f:
42:70:44:54:49:8f:79:d6:be:c1:76:1f:9f:82:4f:3b:13:6d:
59:db:89:d6:80:9c:ff:5b:28:b5:a3:f9:b5:b0:55:44:28:b0:
68:37:39:f3:36:ec:7a:4e:81:af:61:07:fb:4d:16:ac:72:b1:
88:73:31:1b:92:cb:73:94:fb:8f:17:d8:62:d5:0b:96:0a:74:
1a:0e:19:6b:a0:56:9d:e8:40:b6:51:13:bc:b0:87:d5:00:df:
33:72:00:af:3a:c5:d7:16:f9:64:2f:34:94:ca:a7:9e:35:d7:
ef:0c:63:64:8a:9e:43:97:b1:68:b3:eb:fc:69:d3:e0:5c:21:
dc:42:bd:9e:c0:45:93:a2:49:14:f1:8c:73:5b:4e:40:df:89:
bd:40:8f:9b:fd:22:ff:3c:96:ef:d0:73:17:4a:d8:bd:c3:7d:
33:93:db:10:d0:93:50:be:94:15:46:ac:8e:fe:3d:03:8e:93:
37:88:c2:36:4f:77:0d:fd:3e:13:91:a8:88:dd:72:2c:b2:d7:
e3:19:3e:0f:f4:a8:3b:78:e1:83:95:7b:57:91:63:95:c1:d9:
0a:f2:f2:f6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQ484ul2VO48J1H765iIlIUICswMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzEwNDRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjNGE2NDFhMTFjMWZiYzg1MDMxZmRiYjYyNDA0ZDA5NmY2NjY4NTBjOWZh
NDA4ZjA3OTRkODRmNTRmYjFhODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANWJcmtWLvUahS6hzCn3tw9X20Su1h4R2HNb3ts4U3fJfwM3voCZ4fqRRNC8
wdSpsbwD7OdB1LzIK1M60nJlS3xGvUzVggEf6/fg3w1bRUfuVHTnrBu+T0at5QZu
y0uESskFJz7gwL8S8xUObvcvpIbunFYQJhfyyO3/VmnzwVKp7WQYkm3bJc1+Lt7J
srPFbCNP4Os73C86YQIKvsslldGlfRfGZKcf+Cs6iYbQDusk7yEtcohEo98+LR5W
MmH0TFe/PVHsCyoRWhiUjdUyIA0ezquE2SlDNYxCvfZr9kYeQ4kaWNmY3WQOie4S
HejJS5JJxp8UtNN1lZpsEai/Zb8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRe9dx4
1RsCR6BKo7imhdPyGxQV4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQwOGNkMTAtMGZhNi00MDdmLWFkYmMtM2E3YTY2ODUyM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAKINtOr4y+lzv2CMYlX9UKc2eReL6DOpF8b0x
li9OX70N38hvQnBEVEmPeda+wXYfn4JPOxNtWduJ1oCc/1sotaP5tbBVRCiwaDc5
8zbsek6Br2EH+00WrHKxiHMxG5LLc5T7jxfYYtULlgp0Gg4Za6BWnehAtlETvLCH
1QDfM3IArzrF1xb5ZC80lMqnnjXX7wxjZIqeQ5exaLPr/GnT4Fwh3EK9nsBFk6JJ
FPGMc1tOQN+JvUCPm/0i/zyW79BzF0rYvcN9M5PbENCTUL6UFUasjv49A46TN4jC
Nk93Df0+E5GoiN1yLLLX4xk+D/SoO3jhg5V7V5FjlcHZCvLy9g==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:10 2025 by rpki-client