Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b0f19cc-b646-49d7-a134-8b1c2659541a.roa
File: 4b0f19cc-b646-49d7-a134-8b1c2659541a.roa (raw, json)
Hash identifier: SbWqXGDsGPG3fYcGdudFGzashrzoh6hXmQZkbOpb9gY=
Subject key identifier: FA:9A:D0:FC:88:9F:A2:9F:88:6D:BE:EB:C1:A9:1F:2A:BB:0E:DD:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 138B7D7D4889D647C1A9115DD7A11C9A6C876E1A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b0f19cc-b646-49d7-a134-8b1c2659541a.roa
Signing time: Fri 24 Oct 2025 00:20:13 +0000
ROA not before: Fri 24 Oct 2025 00:20:13 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06d:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:8b:7d:7d:48:89:d6:47:c1:a9:11:5d:d7:a1:1c:9a:6c:87:6e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:13 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=97728ec1f34612d8811d9469d6cacd3bedac998be945ba822fc5a59cdf5b9c7e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:95:c4:4c:38:44:26:d9:bd:49:03:a1:26:6b:
ab:a2:0b:72:e5:fc:50:07:c6:12:66:53:da:8a:04:
d4:e7:ec:5f:6d:04:fc:ad:d9:ec:42:f3:a7:3d:40:
bd:e6:8b:c9:1d:5f:e7:14:8f:ce:06:30:3b:5a:d5:
4b:fa:d9:07:fc:0c:9a:87:30:0f:b3:b4:a3:64:fd:
72:f1:e0:15:66:73:2a:cd:24:7e:d7:14:9d:54:35:
fc:13:d4:1b:ca:72:09:60:19:b7:bb:13:9f:26:6b:
11:e7:db:86:d3:4a:ea:c7:7b:39:a6:df:b1:44:14:
fe:2f:4c:dd:9a:cb:7d:34:fe:d8:25:a1:ef:9b:71:
4e:80:43:2e:b0:e8:33:c2:3e:60:1b:f4:c7:7e:fb:
12:1d:b7:0a:e9:7e:2e:93:14:03:eb:17:e7:0b:a5:
12:cc:4a:77:ef:9b:8c:7c:3c:e4:e0:ec:98:27:e5:
90:93:a2:ce:0e:4e:7b:44:1f:7b:ba:19:4f:1a:4b:
a1:c5:f2:dc:77:d8:a6:7f:85:2b:56:9a:e2:08:9c:
cc:16:45:d4:6f:9a:47:28:d7:f9:43:e2:40:ac:68:
25:26:53:56:69:ee:bd:53:5a:a1:c5:6b:65:7b:14:
08:15:dd:68:23:29:e9:b2:e1:53:76:26:c5:a7:cd:
4e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9A:D0:FC:88:9F:A2:9F:88:6D:BE:EB:C1:A9:1F:2A:BB:0E:DD:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b0f19cc-b646-49d7-a134-8b1c2659541a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
bf:82:30:05:2d:68:fa:e0:4b:d3:25:fa:3b:85:5f:02:d5:da:
80:22:a1:a9:e9:71:76:2a:9d:d0:47:dc:a6:c7:73:d5:70:b1:
de:d3:d7:f6:5f:86:48:8f:d1:37:02:36:1b:b7:a9:ab:5b:c3:
db:c9:b0:21:c6:94:f9:83:4e:86:da:94:f4:d8:84:2b:45:10:
50:87:6f:72:e0:35:e5:88:ce:06:57:98:7e:78:4b:40:b9:89:
29:9a:76:13:59:32:f3:7c:f6:23:e9:ff:64:b2:fa:14:f2:ff:
d2:ec:2c:aa:0a:d5:0a:b1:0f:84:08:37:16:f9:ab:0d:3f:88:
2d:63:07:38:5b:69:e1:2e:89:52:c2:cf:c2:12:ba:c0:d0:9e:
1e:50:80:02:5d:2d:97:ee:7d:cc:e4:a6:72:e3:5b:d9:31:77:
69:c1:a5:0a:cc:bf:15:f2:d9:ec:34:f3:e1:46:2d:cd:e4:95:
d8:18:c4:58:ae:31:6f:71:36:63:12:b3:92:d9:0f:4b:49:c1:
0d:94:26:23:db:4d:1f:b3:a1:7b:43:9b:79:d4:99:9c:08:fd:
e8:b8:7e:5b:6d:b2:d3:24:a6:2c:78:94:a0:04:85:f0:e8:cc:
df:8c:b2:17:19:bf:83:22:d0:d3:20:7b:e2:a0:8c:5e:1e:6e:
b5:a4:e6:9c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUE4t9fUiJ1kfBqRFd16EcmmyHbhowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMTNaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3NzI4ZWMxZjM0NjEyZDg4MTFkOTQ2OWQ2Y2FjZDNiZWRhYzk5OGJlOTQ1
YmE4MjJmYzVhNTljZGY1YjljN2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6VxEw4RCbZvUkDoSZrq6ILcuX8UAfGEmZT2ooE1OfsX20E/K3Z7ELzpz1A
veaLyR1f5xSPzgYwO1rVS/rZB/wMmocwD7O0o2T9cvHgFWZzKs0kftcUnVQ1/BPU
G8pyCWAZt7sTnyZrEefbhtNK6sd7OabfsUQU/i9M3ZrLfTT+2CWh75txToBDLrDo
M8I+YBv0x377Eh23Cul+LpMUA+sX5wulEsxKd++bjHw85ODsmCflkJOizg5Oe0Qf
e7oZTxpLocXy3HfYpn+FK1aa4giczBZF1G+aRyjX+UPiQKxoJSZTVmnuvVNaocVr
ZXsUCBXdaCMp6bLhU3YmxafNTsECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT6mtD8
iJ+in4htvuvBqR8quw7dJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGIwZjE5Y2MtYjY0Ni00OWQ3LWExMzQtOGIxYzI2NTk1NDFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G2A
wDANBgkqhkiG9w0BAQsFAAOCAQEAv4IwBS1o+uBL0yX6O4VfAtXagCKhqelxdiqd
0Efcpsdz1XCx3tPX9l+GSI/RNwI2G7epq1vD28mwIcaU+YNOhtqU9NiEK0UQUIdv
cuA15YjOBleYfnhLQLmJKZp2E1ky83z2I+n/ZLL6FPL/0uwsqgrVCrEPhAg3Fvmr
DT+ILWMHOFtp4S6JUsLPwhK6wNCeHlCAAl0tl+59zOSmcuNb2TF3acGlCsy/FfLZ
7DTz4UYtzeSV2BjEWK4xb3E2YxKzktkPS0nBDZQmI9tNH7Ohe0ObedSZnAj96Lh+
W22y0ySmLHiUoASF8OjM34yyFxm/gyLQ0yB74qCMXh5utaTmnA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:36 2025 by rpki-client