Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
File: 4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa (raw, json)
Hash identifier: h0HQJR6Y4bK/K3vD64I7lIA4xy680gcCY3f13LS6aSc=
Subject key identifier: 1F:79:BF:79:F9:35:97:13:E5:C9:9A:AB:B5:62:1E:30:A4:38:57:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11C3F731D4EAAA8FFC9A5F6CCE45CE9A83BC2E39
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
Signing time: Tue 21 Oct 2025 14:21:00 +0000
ROA not before: Tue 21 Oct 2025 14:21:00 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:c3:f7:31:d4:ea:aa:8f:fc:9a:5f:6c:ce:45:ce:9a:83:bc:2e:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:21:00 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=6b321b09ea1063d2cf1071a5eec3ac9d7b4a35e8b9c2ef7b01f429a64cce1be9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:12:3a:1a:40:25:a4:16:e1:ab:66:a3:1f:9f:
a6:34:b9:cb:a7:89:05:e1:6d:5d:a9:10:17:66:ce:
50:a9:f5:67:85:31:bb:67:cf:ee:5b:08:a1:9c:9d:
c4:4a:8d:a5:f2:20:c4:c4:55:3a:a0:36:21:00:83:
8d:cb:45:c5:70:ae:4d:be:8c:55:90:cb:2d:f0:42:
40:27:a9:3b:5b:a8:11:97:a8:8c:19:c7:ff:47:7d:
a6:3e:02:4b:09:b6:22:e6:d4:a9:b8:cc:2e:b5:63:
4c:2e:18:11:21:2c:3d:17:e7:21:11:5b:09:f3:ef:
17:24:76:ee:b5:01:a4:3d:ec:8d:bc:81:a8:58:4c:
c2:6e:bf:d2:89:d0:53:ec:dc:4d:97:d8:2d:ce:41:
d3:86:ff:93:91:a4:df:9d:d8:be:40:c7:db:d7:d2:
23:37:5c:7b:dd:c4:f2:92:7b:3a:c5:a5:1c:1c:49:
af:87:2b:ae:a6:bd:5e:b0:8b:cd:25:fc:54:0e:83:
c5:06:7c:51:7a:2f:dc:b3:ac:fe:f2:34:cc:c4:a5:
7e:b4:ac:c5:44:a3:c1:f9:81:a0:46:10:05:6b:d9:
2b:60:28:b2:ba:d3:e0:fb:76:29:1a:6b:72:31:6b:
50:dc:b3:8a:34:1e:a9:cd:58:de:e3:f5:60:1f:39:
18:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:79:BF:79:F9:35:97:13:E5:C9:9A:AB:B5:62:1E:30:A4:38:57:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:c000::/40
Signature Algorithm: sha256WithRSAEncryption
73:0a:26:80:e3:fe:4d:40:9c:47:6f:76:63:5f:97:b3:bf:7e:
f5:6b:6e:4f:64:32:f7:a2:8a:6b:63:a6:4a:67:e0:68:d4:97:
6d:0b:43:b6:78:94:93:b6:a8:17:08:72:8c:fb:35:08:15:72:
2e:de:46:01:f3:f8:40:1b:99:c4:99:62:ed:48:14:17:f4:36:
85:1c:27:f6:6e:3c:7c:d5:f3:36:1c:37:7b:72:fb:32:b8:a3:
35:08:3f:b9:bc:a6:66:05:22:b3:1a:04:5d:cd:07:a6:b2:5d:
8e:e6:06:1a:0a:5e:26:f0:e1:53:be:19:00:99:ca:8e:30:ec:
14:ca:c7:ba:89:4d:09:12:02:31:da:25:ad:c0:81:7b:1e:76:
f6:de:5b:5e:77:50:b2:49:f6:45:e8:38:57:56:8c:25:78:a5:
8a:e5:91:cb:06:1c:4f:e9:1d:c3:c0:02:11:d9:29:26:44:f1:
22:8a:fa:d8:71:66:47:06:2e:b3:db:13:5c:0e:37:75:9e:98:
e5:28:ff:80:b4:a2:4c:3e:be:e2:19:75:a5:03:54:c7:9e:98:
27:9a:09:3a:d5:90:42:3e:0c:34:81:f6:3f:30:5d:d6:f1:23:
ad:50:ff:11:98:82:86:35:2f:c1:a6:bc:a3:7f:5a:82:4b:c9:
4b:50:d7:55
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEcP3MdTqqo/8ml9szkXOmoO8LjkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIxMDBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiMzIxYjA5ZWExMDYzZDJjZjEwNzFhNWVlYzNhYzlkN2I0YTM1ZThiOWMy
ZWY3YjAxZjQyOWE2NGNjZTFiZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYSOhpAJaQW4atmox+fpjS5y6eJBeFtXakQF2bOUKn1Z4Uxu2fP7lsIoZyd
xEqNpfIgxMRVOqA2IQCDjctFxXCuTb6MVZDLLfBCQCepO1uoEZeojBnH/0d9pj4C
Swm2IubUqbjMLrVjTC4YESEsPRfnIRFbCfPvFyR27rUBpD3sjbyBqFhMwm6/0onQ
U+zcTZfYLc5B04b/k5Gk353YvkDH29fSIzdce93E8pJ7OsWlHBxJr4crrqa9XrCL
zSX8VA6DxQZ8UXov3LOs/vI0zMSlfrSsxUSjwfmBoEYQBWvZK2AosrrT4Pt2KRpr
cjFrUNyzijQeqc1Y3uP1YB85GKcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfeb95
+TWXE+XJmqu1Yh4wpDhXqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFkNGIxZDUtMTczZS00YzEzLTgwMzItYWIyZGQxZmFmZWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDA
MA0GCSqGSIb3DQEBCwUAA4IBAQBzCiaA4/5NQJxHb3ZjX5ezv371a25PZDL3oopr
Y6ZKZ+Bo1JdtC0O2eJSTtqgXCHKM+zUIFXIu3kYB8/hAG5nEmWLtSBQX9DaFHCf2
bjx81fM2HDd7cvsyuKM1CD+5vKZmBSKzGgRdzQemsl2O5gYaCl4m8OFTvhkAmcqO
MOwUyse6iU0JEgIx2iWtwIF7Hnb23lted1CySfZF6DhXVowleKWK5ZHLBhxP6R3D
wAIR2SkmRPEiivrYcWZHBi6z2xNcDjd1npjlKP+AtKJMPr7iGXWlA1THnpgnmgk6
1ZBCPgw0gfY/MF3W8SOtUP8RmIKGNS/Bpryjf1qCS8lLUNdV
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:55 2025 by rpki-client