Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
File: 4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa (raw, json)
Hash identifier: Y2S1+25BlVJqcP1AfrQvvAHiiy5FKd/Pv95m/wfqssc=
Subject key identifier: 5F:01:58:3A:28:EA:3F:4B:76:D4:C8:2F:9C:7E:EA:66:B2:82:14:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B0F37F743FC077B4E9EAFCB1635F9B7513DA427
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
Signing time: Tue 21 Oct 2025 13:51:00 +0000
ROA not before: Tue 21 Oct 2025 13:51:00 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:0f:37:f7:43:fc:07:7b:4e:9e:af:cb:16:35:f9:b7:51:3d:a4:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:51:00 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=ebb94e8d83902c2d69b589c84e2f0a891975df390e500b1f872e2dc2a609d2f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:7d:20:da:bb:a0:8a:87:f4:6f:32:cc:a9:79:
16:75:25:e8:cf:22:c9:96:c8:c9:fc:ea:2e:2f:53:
1f:12:07:1b:13:c1:c8:5b:f1:f4:87:de:74:6f:65:
c5:83:57:30:3a:bb:de:92:6e:da:85:30:e3:3d:00:
60:99:d2:7d:2f:c1:80:8b:b4:df:71:c8:21:3d:d2:
49:12:eb:a5:a2:b3:69:c1:6a:fc:ad:26:cd:90:14:
b1:ff:ba:ac:af:3c:25:7d:9d:e5:75:7f:7b:8a:84:
48:64:3a:a2:fe:d9:77:8c:90:d2:67:55:a7:a0:bc:
56:27:66:3a:1c:cf:f9:ed:2a:9d:a0:b0:2c:ff:ae:
58:6b:14:6a:a5:24:9f:a4:0c:fd:6c:68:13:37:31:
ee:ef:ed:6e:cc:89:0a:2f:0d:f5:2c:19:8b:ec:cf:
2c:b4:2d:42:54:3c:46:c8:7f:05:09:98:7c:52:ad:
0b:fa:e3:32:10:2d:76:ce:8b:b7:cf:fd:3c:b8:66:
75:61:42:2e:17:3c:b2:6b:ce:77:6a:fa:e2:ac:97:
62:c9:14:dd:dd:60:37:8e:ea:5c:a0:36:63:2a:44:
44:fb:b5:78:fb:db:20:f1:e4:e9:91:4f:ba:df:a6:
f9:42:90:c2:22:06:f7:5c:53:e1:50:2b:f9:d3:5f:
61:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:01:58:3A:28:EA:3F:4B:76:D4:C8:2F:9C:7E:EA:66:B2:82:14:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:4000::/40
Signature Algorithm: sha256WithRSAEncryption
82:6f:d0:53:39:4a:eb:42:3f:1f:21:29:2f:ea:f6:87:d1:fe:
ab:3e:93:87:95:c6:cc:e6:8a:6f:37:b6:8f:56:9c:32:2e:29:
97:bf:00:fc:e5:9d:8a:d0:43:57:65:8e:3e:44:2e:18:82:88:
b3:74:5c:e1:ae:0d:4f:8c:2a:da:5a:d0:e1:07:6d:6d:38:eb:
d7:9a:df:07:60:6f:85:a9:47:2b:c1:d4:45:ce:6e:eb:bb:57:
17:e1:f2:c8:98:aa:fa:b7:66:7c:bd:b2:b8:36:f4:f0:9f:85:
49:8a:68:7a:06:f0:44:71:ce:d9:a0:c8:16:b2:84:ab:9a:4e:
6c:28:00:c7:7f:e8:a4:c0:c6:91:5f:d2:ed:59:9d:f3:e6:ec:
cd:89:18:f2:b2:56:1b:4c:3c:7c:a2:ab:7c:f4:b8:b3:a9:57:
ec:78:5c:dd:bf:51:b6:7a:1b:50:da:d4:53:c9:a4:69:10:5b:
84:22:8b:86:9c:f5:bd:ad:b4:73:35:3f:ec:27:75:1b:c3:be:
2e:f6:d1:30:26:0b:d0:c2:bb:ab:de:2c:fa:bb:e3:50:30:36:
8d:20:f0:90:9c:20:ec:2a:44:1d:b9:3b:c5:7d:b0:fb:44:66:
af:17:01:b9:ae:00:19:9c:39:86:0d:ae:b5:93:c7:db:aa:f5:
f4:b2:48:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSw8390P8B3tOnq/LFjX5t1E9pCcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUxMDBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGViYjk0ZThkODM5MDJjMmQ2OWI1ODljODRlMmYwYTg5MTk3NWRmMzkwZTUw
MGIxZjg3MmUyZGMyYTYwOWQyZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOR9INq7oIqH9G8yzKl5FnUl6M8iyZbIyfzqLi9THxIHGxPByFvx9IfedG9l
xYNXMDq73pJu2oUw4z0AYJnSfS/BgIu033HIIT3SSRLrpaKzacFq/K0mzZAUsf+6
rK88JX2d5XV/e4qESGQ6ov7Zd4yQ0mdVp6C8VidmOhzP+e0qnaCwLP+uWGsUaqUk
n6QM/WxoEzcx7u/tbsyJCi8N9SwZi+zPLLQtQlQ8Rsh/BQmYfFKtC/rjMhAtds6L
t8/9PLhmdWFCLhc8smvOd2r64qyXYskU3d1gN47qXKA2YypERPu1ePvbIPHk6ZFP
ut+m+UKQwiIG91xT4VAr+dNfYVUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfAVg6
KOo/S3bUyC+cfupmsoIUIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI2ZGRjYTctMTcyZi00ZjBlLTlhODMtOWEzNTlmNjJjNDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVA
MA0GCSqGSIb3DQEBCwUAA4IBAQCCb9BTOUrrQj8fISkv6vaH0f6rPpOHlcbM5opv
N7aPVpwyLimXvwD85Z2K0ENXZY4+RC4YgoizdFzhrg1PjCraWtDhB21tOOvXmt8H
YG+FqUcrwdRFzm7ru1cX4fLImKr6t2Z8vbK4NvTwn4VJimh6BvBEcc7ZoMgWsoSr
mk5sKADHf+ikwMaRX9LtWZ3z5uzNiRjyslYbTDx8oqt89LizqVfseFzdv1G2ehtQ
2tRTyaRpEFuEIouGnPW9rbRzNT/sJ3Ubw74u9tEwJgvQwrur3iz6u+NQMDaNIPCQ
nCDsKkQduTvFfbD7RGavFwG5rgAZnDmGDa61k8fbqvX0skhX
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:12:03 2025 by rpki-client