Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a799a36-6e8c-4ca7-be23-5388518d8f95.roa
File: 4a799a36-6e8c-4ca7-be23-5388518d8f95.roa (raw, json)
Hash identifier: Ou5Mr8L3NwN1IVbvUccaXbqvsUsRIUrREyj2BjJsCNY=
Subject key identifier: 71:ED:87:90:8A:F1:A4:0E:DD:2C:B4:73:6C:5B:C1:CC:C4:CF:9D:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 114CF5BC78ED1CC1A3BE4DF8061A071A2E55344A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a799a36-6e8c-4ca7-be23-5388518d8f95.roa
Signing time: Fri 24 Oct 2025 00:20:05 +0000
ROA not before: Fri 24 Oct 2025 00:20:05 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01f::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:4c:f5:bc:78:ed:1c:c1:a3:be:4d:f8:06:1a:07:1a:2e:55:34:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:05 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=3371b9390ec13d8e05c0f289c5c88fdfdb1fedf7d2c81898e15ef75da3c24016, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d3:b8:10:37:91:3d:6f:96:55:96:f3:73:91:
fb:cb:51:38:8c:e9:16:55:75:1b:67:98:4a:c6:69:
18:a7:05:82:8f:d1:61:c6:42:c0:09:60:ad:b5:f4:
54:17:ee:5b:47:89:27:78:ad:fc:4d:5b:ec:59:a5:
3b:df:3a:7c:0f:16:79:64:1e:89:7a:ab:0e:c3:02:
0f:65:3b:33:ab:63:e9:9f:26:66:6f:e1:63:56:2f:
08:46:04:46:fa:1c:f9:2d:12:e8:83:a0:de:b0:52:
2f:ec:1c:0c:4a:b3:6b:8d:a7:eb:54:e3:6d:69:dd:
10:cd:d5:09:33:d6:f9:cd:e8:cf:80:54:bc:bd:5e:
62:0a:5f:96:5b:4d:8c:82:05:d9:79:19:de:95:02:
7f:eb:17:83:f9:d7:d4:3b:ec:a6:d6:cc:31:a1:87:
da:45:35:7a:f3:f3:95:6a:8e:23:47:30:cb:ae:81:
34:f1:18:24:a8:4d:14:04:74:2b:af:06:16:9f:15:
26:0c:9a:62:6a:be:14:7b:43:99:23:53:84:ff:06:
d6:45:b8:ea:c0:61:f9:62:9a:ac:97:ae:95:ae:bc:
f1:6b:dd:4c:93:2e:2b:bd:54:16:13:fe:f0:92:65:
cb:ab:0c:f5:c9:a6:b2:2d:a9:e9:53:8b:a4:56:76:
e5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:ED:87:90:8A:F1:A4:0E:DD:2C:B4:73:6C:5B:C1:CC:C4:CF:9D:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a799a36-6e8c-4ca7-be23-5388518d8f95.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01f::/36
Signature Algorithm: sha256WithRSAEncryption
2a:44:45:1c:40:84:b7:52:3c:16:1a:85:46:6c:a8:79:6f:83:
e5:73:d6:e5:46:07:8e:d8:a5:d8:9a:5a:87:25:fa:74:f4:85:
95:96:5c:59:2e:42:02:d4:36:36:0c:1f:9d:7f:d6:c7:ce:17:
37:68:95:c8:ee:77:23:59:3a:50:c7:0f:67:8e:cc:08:2a:94:
1f:ef:6c:8d:48:6b:ef:1e:c9:87:89:c1:2d:50:3e:12:87:a8:
df:f5:0f:50:b4:09:c2:ca:5b:32:b8:e0:73:1b:fe:5d:fe:49:
b5:44:19:c7:5e:49:f1:c4:bb:4d:a8:dd:bf:7b:34:66:0d:0d:
df:69:83:7b:2c:32:ff:67:bb:d4:a9:5b:04:ac:40:85:83:52:
88:cd:4b:59:14:fe:43:b9:dd:67:70:63:b9:4b:ae:d6:df:46:
c5:3b:31:0c:96:8f:5e:85:10:d1:c6:b0:79:69:28:ff:88:d6:
4a:a1:25:ba:9c:89:bf:2b:69:dd:1f:a3:93:03:08:aa:77:4c:
90:0b:67:82:b5:8f:2b:36:6a:16:58:09:a0:df:fa:6e:cb:85:
11:c7:aa:59:20:25:47:50:3d:2b:12:96:02:93:59:16:9f:75:
0b:0e:7a:d9:b8:24:94:58:8c:4c:06:d2:88:e8:e2:85:f8:b7:
a8:f6:f2:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEUz1vHjtHMGjvk34BhoHGi5VNEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMDVaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzNzFiOTM5MGVjMTNkOGUwNWMwZjI4OWM1Yzg4ZmRmZGIxZmVkZjdkMmM4
MTg5OGUxNWVmNzVkYTNjMjQwMTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3TuBA3kT1vllWW83OR+8tROIzpFlV1G2eYSsZpGKcFgo/RYcZCwAlgrbX0
VBfuW0eJJ3it/E1b7FmlO986fA8WeWQeiXqrDsMCD2U7M6tj6Z8mZm/hY1YvCEYE
Rvoc+S0S6IOg3rBSL+wcDEqza42n61TjbWndEM3VCTPW+c3oz4BUvL1eYgpflltN
jIIF2XkZ3pUCf+sXg/nX1DvsptbMMaGH2kU1evPzlWqOI0cwy66BNPEYJKhNFAR0
K68GFp8VJgyaYmq+FHtDmSNThP8G1kW46sBh+WKarJeula688WvdTJMuK71UFhP+
8JJly6sM9cmmsi2p6VOLpFZ25e0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRx7YeQ
ivGkDt0stHNsW8HMxM+dRzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGE3OTlhMzYtNmU4Yy00Y2E3LWJlMjMtNTM4ODUxOGQ4Zjk1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B8A
MA0GCSqGSIb3DQEBCwUAA4IBAQAqREUcQIS3UjwWGoVGbKh5b4Plc9blRgeO2KXY
mlqHJfp09IWVllxZLkIC1DY2DB+df9bHzhc3aJXI7ncjWTpQxw9njswIKpQf72yN
SGvvHsmHicEtUD4Sh6jf9Q9QtAnCylsyuOBzG/5d/km1RBnHXknxxLtNqN2/ezRm
DQ3faYN7LDL/Z7vUqVsErECFg1KIzUtZFP5Dud1ncGO5S67W30bFOzEMlo9ehRDR
xrB5aSj/iNZKoSW6nIm/K2ndH6OTAwiqd0yQC2eCtY8rNmoWWAmg3/puy4URx6pZ
ICVHUD0rEpYCk1kWn3ULDnrZuCSUWIxMBtKI6OKF+Leo9vJr
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:15 2025 by rpki-client