Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
File: 48b510e0-0d59-48d3-96c5-ddb87c118e43.roa (raw, json)
Hash identifier: iq2EcGqN/TP/Tk1j2dtULNs0e9x1+5dBGE2y8iOhWVM=
Subject key identifier: 3A:BC:66:84:B2:1F:36:A4:B4:1C:AF:53:A3:D4:06:B1:B6:CE:45:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45ADD07CE011269C3C08A90308DA7CAF3E383C10
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
Signing time: Tue 21 Oct 2025 13:20:04 +0000
ROA not before: Tue 21 Oct 2025 13:20:04 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:ad:d0:7c:e0:11:26:9c:3c:08:a9:03:08:da:7c:af:3e:38:3c:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:04 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=792f6f9a2e8db2b214f576a1b08851e45ba3bc7c25435bcd8df7bed2345bf175, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:20:14:73:9f:3e:4e:2d:e7:f3:85:e0:ca:95:
77:47:15:05:9e:f7:70:29:b6:ea:5e:1d:54:ae:80:
06:d6:e8:9c:cc:97:13:5e:ab:19:90:de:4a:90:b9:
f9:1f:e3:f0:a9:94:2e:6b:9e:46:a9:db:a6:88:db:
e4:cb:06:80:eb:aa:f0:c3:3a:4b:19:2d:bb:92:c8:
5d:ac:98:00:69:93:d2:22:3b:cb:39:00:74:a1:45:
bd:af:f1:6b:73:eb:f4:ed:01:3d:06:e1:56:8a:c8:
1e:99:75:e8:cf:a3:a8:bd:e3:71:68:20:54:fa:f4:
9b:72:e8:2a:9d:62:3e:48:03:56:0c:98:45:11:92:
76:6c:d3:17:87:6f:a0:ee:d0:e1:ec:79:81:b4:f7:
4f:ea:05:f9:7a:c8:94:4f:4a:32:bd:40:25:cb:34:
0b:14:e4:36:0c:5c:5d:4f:f7:16:93:a5:3d:77:a0:
a2:63:90:57:64:b4:08:9a:3c:db:2c:9c:dd:5f:ca:
a1:fa:d8:70:48:14:ab:00:4e:7c:46:2b:f5:c3:7b:
d9:8b:63:38:fb:cd:b7:06:9f:fb:4a:ca:ed:9b:9c:
f2:83:e3:77:a7:0a:f5:5e:c5:f3:05:a2:32:92:9b:
02:3a:48:5a:d9:26:c6:89:14:c8:89:e7:d0:70:3c:
82:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:BC:66:84:B2:1F:36:A4:B4:1C:AF:53:A3:D4:06:B1:B6:CE:45:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4020::/48
Signature Algorithm: sha256WithRSAEncryption
85:46:f9:c6:98:fa:6f:51:e5:86:7e:27:ad:a9:61:1b:94:e2:
ff:15:c6:7e:de:9d:f1:e3:b2:dc:1f:80:8c:15:0e:b8:0a:91:
b2:2a:f8:4f:45:92:98:cc:5a:3c:39:9e:25:28:18:11:c5:99:
86:1d:b4:cb:35:d6:69:ca:b6:a1:7e:c5:46:5d:32:f3:73:4b:
d9:52:0b:fe:f4:a1:5d:4b:5f:e3:ec:fb:2e:62:af:4f:6e:32:
49:2f:48:2f:fb:1a:e6:6e:bb:d7:04:dd:27:23:ad:51:53:eb:
53:6e:83:21:a6:f2:34:81:46:70:97:66:4c:78:11:cd:c3:43:
dd:61:d8:92:6d:d7:61:3e:61:8e:a9:49:5e:4e:0e:40:af:9f:
12:0b:51:c1:44:c5:b4:99:35:ad:47:a2:ae:3f:a0:a0:a5:ab:
18:a2:85:fc:b1:b4:b5:4c:02:4c:41:67:17:fc:60:29:5a:90:
f5:e0:cd:66:e2:aa:a6:e0:fb:eb:25:ba:2b:86:fd:1f:67:72:
18:eb:fa:d7:6c:95:72:96:53:4c:58:3e:f5:0f:f8:79:4a:d0:
4f:9f:d7:a7:2d:54:c8:88:9b:f6:a8:7d:ad:28:4c:e3:cc:e9:
32:14:30:0d:56:b4:09:f0:64:da:a2:c9:40:3c:06:4d:a0:fd:
b5:87:a8:fe
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURa3QfOARJpw8CKkDCNp8rz44PBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwMDRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5MmY2ZjlhMmU4ZGIyYjIxNGY1NzZhMWIwODg1MWU0NWJhM2JjN2MyNTQz
NWJjZDhkZjdiZWQyMzQ1YmYxNzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKggFHOfPk4t5/OF4MqVd0cVBZ73cCm26l4dVK6ABtbonMyXE16rGZDeSpC5
+R/j8KmULmueRqnbpojb5MsGgOuq8MM6Sxktu5LIXayYAGmT0iI7yzkAdKFFva/x
a3Pr9O0BPQbhVorIHpl16M+jqL3jcWggVPr0m3LoKp1iPkgDVgyYRRGSdmzTF4dv
oO7Q4ex5gbT3T+oF+XrIlE9KMr1AJcs0CxTkNgxcXU/3FpOlPXegomOQV2S0CJo8
2yyc3V/KofrYcEgUqwBOfEYr9cN72YtjOPvNtwaf+0rK7Zuc8oPjd6cK9V7F8wWi
MpKbAjpIWtkmxokUyInn0HA8ggUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ6vGaE
sh82pLQcr1Oj1Aaxts5FeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDhiNTEwZTAtMGQ1OS00OGQzLTk2YzUtZGRiODdjMTE4ZTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
IDANBgkqhkiG9w0BAQsFAAOCAQEAhUb5xpj6b1Hlhn4nralhG5Ti/xXGft6d8eOy
3B+AjBUOuAqRsir4T0WSmMxaPDmeJSgYEcWZhh20yzXWacq2oX7FRl0y83NL2VIL
/vShXUtf4+z7LmKvT24ySS9IL/sa5m671wTdJyOtUVPrU26DIabyNIFGcJdmTHgR
zcND3WHYkm3XYT5hjqlJXk4OQK+fEgtRwUTFtJk1rUeirj+goKWrGKKF/LG0tUwC
TEFnF/xgKVqQ9eDNZuKqpuD76yW6K4b9H2dyGOv612yVcpZTTFg+9Q/4eUrQT5/X
py1UyIib9qh9rShM48zpMhQwDVa0CfBk2qLJQDwGTaD9tYeo/g==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:36 2025 by rpki-client