Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
File: 4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa (raw, json)
Hash identifier: aQKX18OZgZT3oXPJ+hDa2dLBAi8+m8Z+cAz53ljsekA=
Subject key identifier: B0:C8:14:6B:46:BD:00:02:38:5E:8E:23:B0:87:2A:4E:B9:67:E4:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38798748A6385138F9FC5D0E4FA72CA085E676AC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
Signing time: Tue 21 Oct 2025 13:30:17 +0000
ROA not before: Tue 21 Oct 2025 13:30:17 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:79:87:48:a6:38:51:38:f9:fc:5d:0e:4f:a7:2c:a0:85:e6:76:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:30:17 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=073b7e60e5af39ebfc1e398ff49f15d88eee7498550bdef8f081d2e7c3c339b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ef:95:d9:c8:bb:50:24:f2:1b:61:ac:1b:dc:
40:e2:a0:aa:ce:24:df:0a:0a:c0:b0:81:5a:97:c0:
27:f8:cd:83:43:2e:c5:30:0d:99:ae:bc:cd:21:c1:
d6:f9:85:d1:8b:57:16:76:94:07:4c:f9:b2:ab:cb:
4b:ee:70:fc:47:11:78:77:cc:48:b4:de:ab:a6:66:
b8:35:52:65:ef:20:f4:0d:86:a4:68:8e:cf:a0:62:
df:8b:21:8e:26:d7:69:c2:ac:6a:bf:0d:03:95:68:
52:1a:b6:c9:5b:61:a5:f7:87:01:8b:d4:0a:25:e6:
a5:b5:69:6b:5a:b4:ab:6e:f7:ad:32:a2:51:87:cc:
20:d2:5d:56:4b:18:00:ac:97:03:ff:62:98:9e:c8:
ca:68:a9:61:02:73:78:45:7b:3f:7d:90:25:fc:bb:
50:ba:0e:a5:48:7d:93:bc:c9:06:e2:51:e1:af:37:
72:2c:e8:34:ae:0e:84:29:e0:0e:05:21:23:ac:0b:
7a:53:ae:71:15:48:cf:da:94:59:16:2e:10:ef:e5:
72:37:b6:9d:8a:51:3d:49:a8:bc:ca:35:46:d8:52:
27:5c:44:1f:d8:4d:b3:4e:b4:52:98:fd:96:c3:12:
4b:c7:eb:91:e4:70:ba:94:72:b2:a5:c0:85:a4:ee:
bf:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C8:14:6B:46:BD:00:02:38:5E:8E:23:B0:87:2A:4E:B9:67:E4:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:e000::/40
Signature Algorithm: sha256WithRSAEncryption
91:f8:df:3e:66:14:74:4e:f3:ae:42:66:d3:07:c4:ea:d0:cc:
1f:22:e7:3b:70:5f:24:b4:b8:51:b8:54:f1:36:c6:e4:24:04:
f7:01:47:7f:68:e1:3e:16:7d:01:21:02:6c:af:b9:ee:0a:0e:
3e:4a:7a:c9:51:5c:79:59:09:ab:d4:74:88:21:77:25:fb:50:
9c:d9:7b:12:84:a1:a0:b4:4b:65:c9:86:ab:a1:96:2f:3a:70:
5d:86:54:b3:82:4f:b3:70:4c:b1:45:c7:2c:7f:10:a9:9e:b5:
6e:31:20:9d:f4:9e:f2:3b:d0:02:24:37:6e:f5:a6:3a:b6:0c:
f3:39:b8:94:a3:fb:51:16:7d:48:ad:cb:25:9e:37:72:ce:df:
ea:b9:7e:da:23:59:18:81:f9:d0:f8:68:fb:e8:0e:9b:04:e5:
a6:c6:88:6e:c0:92:47:93:70:23:f4:3f:bd:6e:3c:82:c6:ab:
6c:1e:8e:a3:6c:76:f2:2f:42:24:c5:3d:b1:56:7d:ed:91:74:
02:07:fd:6a:48:e9:0b:38:c8:75:f1:51:e8:0e:c3:e0:55:e9:
92:4d:08:35:03:7e:78:d5:6d:18:bf:e8:e0:5c:09:2e:21:3b:
0b:03:7a:d1:5f:c4:51:ca:70:c1:6a:de:a0:d4:b0:6c:f2:8e:
8f:67:2e:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOHmHSKY4UTj5/F0OT6csoIXmdqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMwMTdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3M2I3ZTYwZTVhZjM5ZWJmYzFlMzk4ZmY0OWYxNWQ4OGVlZTc0OTg1NTBi
ZGVmOGYwODFkMmU3YzNjMzM5YjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjvldnIu1Ak8hthrBvcQOKgqs4k3woKwLCBWpfAJ/jNg0MuxTANma68zSHB
1vmF0YtXFnaUB0z5sqvLS+5w/EcReHfMSLTeq6ZmuDVSZe8g9A2GpGiOz6Bi34sh
jibXacKsar8NA5VoUhq2yVthpfeHAYvUCiXmpbVpa1q0q273rTKiUYfMINJdVksY
AKyXA/9imJ7IymipYQJzeEV7P32QJfy7ULoOpUh9k7zJBuJR4a83cizoNK4OhCng
DgUhI6wLelOucRVIz9qUWRYuEO/lcje2nYpRPUmovMo1RthSJ1xEH9hNs060Upj9
lsMSS8frkeRwupRysqXAhaTuv5cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSwyBRr
Rr0AAjhejiOwhypOuWfkUTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI1MjBmMmYtN2ZjMC00MWFmLThjNTMtZWMwNjc1YWE4M2QwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G3g
MA0GCSqGSIb3DQEBCwUAA4IBAQCR+N8+ZhR0TvOuQmbTB8Tq0MwfIuc7cF8ktLhR
uFTxNsbkJAT3AUd/aOE+Fn0BIQJsr7nuCg4+SnrJUVx5WQmr1HSIIXcl+1Cc2XsS
hKGgtEtlyYaroZYvOnBdhlSzgk+zcEyxRccsfxCpnrVuMSCd9J7yO9ACJDdu9aY6
tgzzObiUo/tRFn1Ircslnjdyzt/quX7aI1kYgfnQ+Gj76A6bBOWmxohuwJJHk3Aj
9D+9bjyCxqtsHo6jbHbyL0IkxT2xVn3tkXQCB/1qSOkLOMh18VHoDsPgVemSTQg1
A3541W0Yv+jgXAkuITsLA3rRX8RRynDBat6g1LBs8o6PZy70
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:55 2025 by rpki-client