Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
File: 4aa20760-fb28-4393-bec8-9ffb467f03e4.roa (raw, json)
Hash identifier: Qg+OSqjkyGMBE/g5usnAM1YulqfgaS2z1K25C7tUDz4=
Subject key identifier: 12:3C:F7:CC:3E:0C:29:25:AA:7C:B8:FB:AB:3E:BE:0B:7A:D2:08:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 288F595653B9E114B807AA8CFBF8A3B32BE746BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
Signing time: Tue 21 Oct 2025 13:40:34 +0000
ROA not before: Tue 21 Oct 2025 13:40:34 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:8f:59:56:53:b9:e1:14:b8:07:aa:8c:fb:f8:a3:b3:2b:e7:46:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:40:34 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=5b92067d27c7f97c2a65fa499184ddd7026b29a67b25c51099421f59c1b31ab3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:de:9d:c2:0c:cb:16:6f:a9:56:e1:85:96:9d:
f3:4b:ca:dd:45:a7:cd:b6:a1:d5:2c:a8:90:b1:aa:
95:bd:58:86:13:47:56:b6:eb:0e:87:28:76:23:7a:
08:ff:7a:4a:ab:a8:fd:b9:42:d9:81:df:8b:78:cb:
c3:08:bc:81:0b:f5:ed:cc:0d:69:a1:7e:07:71:bf:
73:0c:60:0d:5e:cb:d0:89:6a:19:86:28:af:46:5e:
ac:ee:7d:1b:d9:c7:b5:7e:4c:24:f4:b3:b7:06:1c:
ec:eb:67:ee:30:3f:97:4c:d5:e1:99:88:d4:73:cc:
6a:c8:88:59:ad:2f:47:dd:36:86:8f:3e:01:35:2a:
30:90:0f:fa:eb:8a:2b:7c:3b:41:5f:a2:34:8c:0b:
35:65:1e:8a:ae:ec:4c:59:4d:c7:85:24:8e:af:a6:
bc:17:ea:a1:a0:c3:1a:98:9c:6b:82:bc:90:a1:11:
07:1e:4f:77:15:27:44:85:a1:18:87:2d:1a:0e:2b:
07:2b:33:1f:ee:1c:03:18:76:0f:bd:86:44:5f:25:
55:b1:d6:6d:65:c3:79:b2:32:cc:71:65:a3:c0:03:
eb:e7:4b:c5:c7:a6:1f:9c:f2:1f:ec:b8:7d:31:c0:
62:e9:e3:9a:98:3e:eb:d4:c2:ae:c6:aa:fa:3c:e5:
0b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:3C:F7:CC:3E:0C:29:25:AA:7C:B8:FB:AB:3E:BE:0B:7A:D2:08:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
89:05:92:9a:e8:49:d7:4a:58:c9:39:96:de:a0:b7:47:e1:d9:
e7:fa:3c:06:ad:4f:17:d4:76:03:88:36:9a:39:4d:d3:e6:71:
00:af:c7:4c:14:e7:a1:27:82:04:4b:f0:e2:42:56:c2:c6:12:
b6:1a:06:62:38:26:e6:09:29:9f:aa:91:e5:09:3e:9a:71:4a:
8d:6f:e7:45:ac:5d:70:e8:a6:24:be:4c:50:04:b6:f6:6a:b2:
7b:52:b7:6c:8c:09:27:be:cf:92:ef:80:9e:c4:74:a4:be:36:
6f:b6:25:91:00:a4:25:4c:0d:a6:ae:6c:d3:13:20:6a:43:5c:
51:af:e1:84:8b:84:ae:46:0a:08:df:65:5f:d2:f8:c3:aa:9f:
08:b7:6a:74:5e:8a:df:d2:90:b8:00:1f:f6:b9:8e:de:97:08:
e5:e0:81:a3:cc:fe:c6:bb:1e:24:ce:3e:c0:80:9e:e9:57:74:
d6:5e:23:48:98:f1:84:f9:8a:c1:43:1c:09:16:3c:19:73:bb:
d4:ff:77:05:c7:6b:1b:74:ee:de:85:1b:7f:16:ef:06:fb:3f:
33:d6:bf:01:f8:ea:e2:78:51:2a:54:f0:bd:3c:2f:18:b8:b3:
6e:33:21:35:04:c9:0f:c0:6c:c9:10:7a:f0:86:1f:50:63:d1:
52:a1:01:98
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKI9ZVlO54RS4B6qM+/ijsyvnRr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzQwMzRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDViOTIwNjdkMjdjN2Y5N2MyYTY1ZmE0OTkxODRkZGQ3MDI2YjI5YTY3YjI1
YzUxMDk5NDIxZjU5YzFiMzFhYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIvencIMyxZvqVbhhZad80vK3UWnzbah1SyokLGqlb1YhhNHVrbrDocodiN6
CP96Squo/blC2YHfi3jLwwi8gQv17cwNaaF+B3G/cwxgDV7L0IlqGYYor0ZerO59
G9nHtX5MJPSztwYc7Otn7jA/l0zV4ZmI1HPMasiIWa0vR902ho8+ATUqMJAP+uuK
K3w7QV+iNIwLNWUeiq7sTFlNx4Ukjq+mvBfqoaDDGpica4K8kKERBx5PdxUnRIWh
GIctGg4rByszH+4cAxh2D72GRF8lVbHWbWXDebIyzHFlo8AD6+dLxcemH5zyH+y4
fTHAYunjmpg+69TCrsaq+jzlC4UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQSPPfM
PgwpJap8uPurPr4LetIIjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhMjA3NjAtZmIyOC00MzkzLWJlYzgtOWZmYjQ2N2YwM2U0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hpg
MA0GCSqGSIb3DQEBCwUAA4IBAQCJBZKa6EnXSljJOZbeoLdH4dnn+jwGrU8X1HYD
iDaaOU3T5nEAr8dMFOehJ4IES/DiQlbCxhK2GgZiOCbmCSmfqpHlCT6acUqNb+dF
rF1w6KYkvkxQBLb2arJ7UrdsjAknvs+S74CexHSkvjZvtiWRAKQlTA2mrmzTEyBq
Q1xRr+GEi4SuRgoI32Vf0vjDqp8It2p0Xorf0pC4AB/2uY7elwjl4IGjzP7Gux4k
zj7AgJ7pV3TWXiNImPGE+YrBQxwJFjwZc7vU/3cFx2sbdO7ehRt/Fu8G+z8z1r8B
+OrieFEqVPC9PC8YuLNuMyE1BMkPwGzJEHrwhh9QY9FSoQGY
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:06 2025 by rpki-client