Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4622ab3d-f2d8-4bec-a18b-b056342928a8.roa
File: 4622ab3d-f2d8-4bec-a18b-b056342928a8.roa (raw, json)
Hash identifier: ALoGtYAUi4iGG9fnUODsHO3yzdaVgL4gYii37Ejwe5Q=
Subject key identifier: 60:51:4B:8F:0C:2E:9F:83:7A:EE:D9:CA:8D:84:7C:BB:C7:4E:A8:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 445E96EF383DE42B296E46DA14B1CCEA187C0352
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4622ab3d-f2d8-4bec-a18b-b056342928a8.roa
Signing time: Tue 21 Oct 2025 13:20:08 +0000
ROA not before: Tue 21 Oct 2025 13:20:08 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:5e:96:ef:38:3d:e4:2b:29:6e:46:da:14:b1:cc:ea:18:7c:03:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:08 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=166e6fea33da3fecafbfede3a0a42b04b596b7a83b8b435e38276f317d228640, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:6a:99:f4:08:e6:74:b5:22:06:fb:8f:ce:34:
2c:f1:e2:bb:a6:f3:27:e2:8d:04:58:fe:09:60:60:
e3:14:05:b2:e1:0a:1e:72:6b:0e:23:4a:2f:ab:9f:
3d:5d:c4:de:85:a4:4f:3b:6c:8f:4b:ae:4e:b2:15:
f1:81:bf:65:a2:70:b5:00:6f:4b:61:58:43:74:64:
44:81:09:61:74:02:37:c6:75:bb:c5:6b:4c:34:52:
86:c1:9b:8f:62:f4:e7:10:0e:b4:2c:9b:b6:d7:c3:
6c:50:30:6e:1b:34:4b:52:74:16:72:da:c8:4d:6c:
c0:b5:d2:d5:de:81:cc:b2:28:2f:a3:74:c2:82:c6:
32:06:42:7c:07:8c:2a:51:e3:f2:95:9c:54:b5:de:
05:76:75:0f:df:0c:2a:c4:55:8a:d5:d8:1d:37:2e:
ec:db:91:23:a9:9c:99:e0:ac:70:35:a1:10:5a:34:
18:3f:01:e0:4c:1b:0b:32:45:3e:da:fc:da:61:ca:
70:ef:6a:54:72:07:23:73:fd:05:26:ae:4b:1c:b8:
17:05:28:18:fd:8d:9d:2e:1d:7e:19:03:55:21:7c:
82:b9:6e:72:11:ed:c6:b6:f2:d1:52:06:5d:57:b3:
d1:d8:0c:74:8a:2e:65:cf:36:6a:07:1f:90:be:38:
3d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:51:4B:8F:0C:2E:9F:83:7A:EE:D9:CA:8D:84:7C:BB:C7:4E:A8:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4622ab3d-f2d8-4bec-a18b-b056342928a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a080::/48
Signature Algorithm: sha256WithRSAEncryption
94:6f:bb:fe:26:88:5b:7e:1d:72:7d:8c:fa:df:4f:52:ec:78:
89:cd:e1:0a:60:78:71:c7:8b:61:ff:30:57:6f:9e:d3:ee:06:
1f:12:ee:8e:b3:15:09:23:df:ad:b4:e7:4d:fd:a9:60:2e:31:
fb:b4:74:f8:0d:ed:2e:3c:3f:c1:59:64:79:dd:f4:81:45:f6:
e5:02:bf:76:89:ff:09:08:f6:ad:ef:a0:c3:07:a8:57:92:ec:
2e:7b:67:c7:4e:34:85:2d:42:41:4f:17:a8:cd:48:6f:4c:c0:
59:8d:25:ec:5e:52:38:7b:f7:88:a6:1e:44:31:f3:e7:b7:c4:
c3:40:f3:1f:7f:ca:b8:a3:13:8f:f4:3a:a0:9a:4f:45:b3:01:
3d:65:8f:08:e7:bd:4e:02:5e:19:cb:d1:95:46:9b:2f:a0:f5:
65:fb:76:45:92:4d:6b:3a:71:4d:f4:eb:8c:b0:7b:7b:4f:2e:
37:ed:7c:0b:f2:4e:80:c3:c2:8c:6a:6e:69:c6:dd:fc:82:c9:
7e:d2:69:95:48:10:0d:ea:49:79:43:2d:24:d4:99:39:a5:4d:
05:38:d1:36:40:ad:ac:a0:25:aa:30:1a:c4:e0:66:1d:83:1b:
1b:9e:21:eb:3b:67:3f:7c:54:0c:bd:2f:cc:02:46:f0:e7:41:
96:30:1e:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURF6W7zg95CspbkbaFLHM6hh8A1IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwMDhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2NmU2ZmVhMzNkYTNmZWNhZmJmZWRlM2EwYTQyYjA0YjU5NmI3YTgzYjhi
NDM1ZTM4Mjc2ZjMxN2QyMjg2NDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIpqmfQI5nS1Igb7j840LPHiu6bzJ+KNBFj+CWBg4xQFsuEKHnJrDiNKL6uf
PV3E3oWkTztsj0uuTrIV8YG/ZaJwtQBvS2FYQ3RkRIEJYXQCN8Z1u8VrTDRShsGb
j2L05xAOtCybttfDbFAwbhs0S1J0FnLayE1swLXS1d6BzLIoL6N0woLGMgZCfAeM
KlHj8pWcVLXeBXZ1D98MKsRVitXYHTcu7NuRI6mcmeCscDWhEFo0GD8B4EwbCzJF
Ptr82mHKcO9qVHIHI3P9BSauSxy4FwUoGP2NnS4dfhkDVSF8grluchHtxrby0VIG
XVez0dgMdIouZc82agcfkL44PXECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRgUUuP
DC6fg3ru2cqNhHy7x06omzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDYyMmFiM2QtZjJkOC00YmVjLWExOGItYjA1NjM0MjkyOGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGg
gDANBgkqhkiG9w0BAQsFAAOCAQEAlG+7/iaIW34dcn2M+t9PUux4ic3hCmB4cceL
Yf8wV2+e0+4GHxLujrMVCSPfrbTnTf2pYC4x+7R0+A3tLjw/wVlked30gUX25QK/
don/CQj2re+gwweoV5LsLntnx040hS1CQU8XqM1Ib0zAWY0l7F5SOHv3iKYeRDHz
57fEw0DzH3/KuKMTj/Q6oJpPRbMBPWWPCOe9TgJeGcvRlUabL6D1Zft2RZJNazpx
TfTrjLB7e08uN+18C/JOgMPCjGpuacbd/ILJftJplUgQDepJeUMtJNSZOaVNBTjR
NkCtrKAlqjAaxOBmHYMbG54h6ztnP3xUDL0vzAJG8OdBljAerg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:26 2025 by rpki-client