Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
File: 4967c03f-f17b-42f4-bfca-8694bb963ab0.roa (raw, json)
Hash identifier: aTWafYhuIFskFEzBu3iKaBYtR/+3ObkF7akFySkPLrg=
Subject key identifier: 67:BA:90:32:CC:28:75:6A:2A:23:88:04:82:DE:92:E3:89:A6:ED:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A7668C8B71210AF380AE8A15A5C7DFFAACAF503
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
Signing time: Tue 21 Oct 2025 13:30:38 +0000
ROA not before: Tue 21 Oct 2025 13:30:38 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:76:68:c8:b7:12:10:af:38:0a:e8:a1:5a:5c:7d:ff:aa:ca:f5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:30:38 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=cfd831ae5ef863e85b65d57afe720cf6c9f9eec86fab5a8f0f1544bdca62bf3e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2c:a1:ab:1a:ed:b7:dd:49:57:c0:8e:2d:75:
03:b7:8e:b7:83:1b:7c:e3:3c:b5:e4:9d:84:b7:fc:
34:0c:bc:b8:5c:be:37:f2:c8:05:5d:cd:68:94:cd:
8e:6b:10:18:09:6f:b2:88:27:3b:61:e0:93:c7:e3:
d1:b1:b2:4b:e7:44:d7:f9:b4:32:84:e6:93:29:a6:
3e:bb:2c:00:1b:57:47:d4:94:c2:e2:f6:4d:40:82:
22:54:6c:69:88:bb:67:af:4a:55:75:fe:4d:d3:76:
33:fa:01:3a:0d:78:a4:1b:65:f0:ed:23:87:71:06:
58:66:6e:c2:e9:ce:74:80:a6:da:38:6b:6a:f7:cd:
7a:79:22:40:f4:72:9b:64:36:ec:9d:19:d9:2d:88:
f6:74:b5:37:6d:26:f5:9e:34:03:b3:7d:43:40:10:
7e:88:d6:83:0d:a4:cc:83:4e:0a:ed:b1:10:5f:00:
ae:bf:21:fa:34:68:b8:10:28:59:51:36:db:5f:52:
69:1c:23:4a:2f:08:42:67:ae:45:6f:61:fd:b8:77:
6e:6c:c6:90:60:93:85:03:60:1d:87:9d:8d:5f:6b:
75:4d:a3:93:70:16:27:22:97:3f:d1:41:eb:fa:bf:
05:47:49:1c:6d:0b:c8:45:8d:48:ef:b9:4f:7b:bd:
90:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:BA:90:32:CC:28:75:6A:2A:23:88:04:82:DE:92:E3:89:A6:ED:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9040::/48
Signature Algorithm: sha256WithRSAEncryption
4b:80:89:0d:8d:9c:ed:b5:eb:ec:d7:8b:b2:bb:5e:cd:b9:bf:
b7:cd:71:88:e4:0e:d7:36:15:09:0e:12:2a:70:3c:5c:e7:25:
a3:a2:17:6a:00:2c:4d:25:e9:53:57:d3:7a:32:e6:59:f7:ad:
26:03:c5:dd:59:39:eb:4e:0b:d3:d3:9e:5d:66:00:c2:85:02:
34:7c:30:d5:ab:f5:d7:54:8a:91:3d:27:4d:db:83:2d:0e:8b:
bb:3d:2f:eb:b9:6b:68:96:80:9f:d1:5a:2c:4d:b5:a4:08:8a:
c5:53:67:1f:04:bf:98:f4:84:45:38:d7:25:8e:16:01:8a:3a:
21:bb:d6:f9:f8:af:24:01:65:71:5a:12:14:a4:24:07:c8:7b:
5d:85:df:a9:be:cc:bf:a1:d7:84:0a:c8:72:35:ec:94:3f:94:
d3:83:66:67:cb:7d:7e:00:30:92:59:28:1e:52:14:7c:a4:ec:
c8:62:1c:05:41:dd:56:96:c7:04:19:a2:36:03:4b:b6:0a:13:
5c:07:f0:c9:86:00:9d:52:c5:07:fa:92:66:75:bd:f6:72:cc:
fc:d3:89:66:50:ba:c4:5e:a7:c1:5e:b2:61:28:15:d7:b8:65:
15:b1:61:ee:8c:5a:fb:23:13:7a:40:e9:a5:40:d9:41:64:c6:
ca:eb:c9:f1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUanZoyLcSEK84CuihWlx9/6rK9QMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMwMzhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmZDgzMWFlNWVmODYzZTg1YjY1ZDU3YWZlNzIwY2Y2YzlmOWVlYzg2ZmFi
NWE4ZjBmMTU0NGJkY2E2MmJmM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKksoasa7bfdSVfAji11A7eOt4MbfOM8teSdhLf8NAy8uFy+N/LIBV3NaJTN
jmsQGAlvsognO2Hgk8fj0bGyS+dE1/m0MoTmkymmPrssABtXR9SUwuL2TUCCIlRs
aYi7Z69KVXX+TdN2M/oBOg14pBtl8O0jh3EGWGZuwunOdICm2jhravfNenkiQPRy
m2Q27J0Z2S2I9nS1N20m9Z40A7N9Q0AQfojWgw2kzINOCu2xEF8Arr8h+jRouBAo
WVE2219SaRwjSi8IQmeuRW9h/bh3bmzGkGCThQNgHYedjV9rdU2jk3AWJyKXP9FB
6/q/BUdJHG0LyEWNSO+5T3u9kF8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRnupAy
zCh1aiojiASC3pLjiabtNDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDk2N2MwM2YtZjE3Yi00MmY0LWJmY2EtODY5NGJiOTYzYWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAS4CJDY2c7bXr7NeLsrtezbm/t81xiOQO1zYV
CQ4SKnA8XOclo6IXagAsTSXpU1fTejLmWfetJgPF3Vk5604L09OeXWYAwoUCNHww
1av111SKkT0nTduDLQ6Luz0v67lraJaAn9FaLE21pAiKxVNnHwS/mPSERTjXJY4W
AYo6IbvW+fivJAFlcVoSFKQkB8h7XYXfqb7Mv6HXhArIcjXslD+U04NmZ8t9fgAw
klkoHlIUfKTsyGIcBUHdVpbHBBmiNgNLtgoTXAfwyYYAnVLFB/qSZnW99nLM/NOJ
ZlC6xF6nwV6yYSgV17hlFbFh7oxa+yMTekDppUDZQWTGyuvJ8Q==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:16 2025 by rpki-client