Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cb86308-98a0-48e5-8825-d398c0ce8099.roa
File: 4cb86308-98a0-48e5-8825-d398c0ce8099.roa (raw, json)
Hash identifier: dWMFR/4I+VFlrLZ7FyJPS9DD65uJ88dXosWwVWVZYAE=
Subject key identifier: D9:86:19:C7:0C:4B:EF:D6:74:B0:94:21:53:E2:53:39:05:2E:74:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53273194C17BD03AA79B404E60843A21CCAD8AD5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cb86308-98a0-48e5-8825-d398c0ce8099.roa
Signing time: Tue 21 Oct 2025 14:31:10 +0000
ROA not before: Tue 21 Oct 2025 14:31:10 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:27:31:94:c1:7b:d0:3a:a7:9b:40:4e:60:84:3a:21:cc:ad:8a:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:31:10 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=df6ad0c9a9c1b7ec88e2eb741057a49a914ccc268a328627e77fdcaa332e6a98, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:82:f5:45:4a:57:da:4d:36:ec:28:8c:6a:ad:
f5:dc:51:45:09:49:6b:41:b2:7f:d7:70:29:39:ad:
b7:52:68:e1:0e:4c:86:e9:ef:20:b2:c6:4a:92:42:
e2:f7:86:d2:a7:f4:f2:4e:71:0b:11:a5:69:b3:d4:
a8:8a:54:92:b9:26:43:47:1c:76:65:74:b4:6f:56:
13:32:29:19:95:a2:38:61:ad:4a:24:42:37:31:af:
1e:50:5f:cb:75:e8:d3:cd:71:cf:92:86:2b:fb:cc:
28:7f:a9:78:5b:56:12:eb:af:96:e2:5a:f7:65:f2:
15:03:29:b9:ad:f3:db:f9:72:ad:b5:88:fa:b6:c1:
86:4c:2c:b2:fb:ba:75:b4:28:3b:b3:d8:79:b8:ba:
46:11:54:8f:73:cd:a7:b7:96:36:88:6b:df:0b:f3:
6d:8f:d1:a7:b9:e9:8f:c8:fa:b5:e7:aa:24:35:7a:
b7:25:8e:11:6e:10:27:d0:ff:f5:92:cd:66:9f:66:
1e:e8:4d:21:88:81:95:aa:60:05:42:2a:69:46:50:
c9:9a:74:d5:c3:a6:af:4c:58:9f:91:f3:df:7d:d9:
fe:a1:bf:be:52:84:14:f7:c0:c9:32:33:41:65:94:
cd:f6:e2:e9:ad:31:00:f5:cd:a0:d3:45:b7:39:bb:
04:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:86:19:C7:0C:4B:EF:D6:74:B0:94:21:53:E2:53:39:05:2E:74:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cb86308-98a0-48e5-8825-d398c0ce8099.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:5080::/48
Signature Algorithm: sha256WithRSAEncryption
25:3c:58:a1:dd:c5:75:99:44:84:27:8a:0c:82:a1:dd:5a:83:
79:46:58:de:a9:86:dc:ec:bc:c4:ba:6f:50:24:d3:a9:72:fd:
d6:69:55:be:26:e6:7a:11:62:04:91:32:38:be:2e:c9:4a:c7:
37:67:57:f9:e2:35:f9:cd:12:e1:00:dd:4c:d3:d2:b2:9a:ff:
82:86:b9:fe:78:0d:dd:26:b8:1b:23:20:5f:96:7d:53:73:24:
06:c2:00:06:67:77:69:e3:9b:2e:63:31:ef:e6:e2:24:f0:9a:
8e:73:7c:e3:99:33:dd:5d:d4:42:f6:6b:4b:2d:fb:bd:f1:df:
0e:9f:47:54:6b:ec:5a:7a:1b:5a:0a:23:68:26:84:b1:40:ee:
1b:f0:0a:6d:27:3f:a4:81:44:42:16:b7:78:18:68:09:1c:6b:
7c:b5:25:da:2a:55:c9:04:bb:66:e2:22:03:c8:8f:83:e5:02:
e4:f4:9e:a3:eb:9c:b3:0d:64:2f:82:53:f2:0a:13:d3:9c:ac:
1b:df:e4:8f:a2:11:94:94:91:1a:f5:de:af:a0:c3:7f:f8:ae:
c6:dc:53:e0:7d:54:6a:89:b0:f1:77:05:9d:85:7e:bb:88:ed:
2a:1f:0f:9e:40:28:66:82:02:0d:af:c6:2b:2b:cc:25:86:f9:
63:fa:7e:58
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUycxlMF70Dqnm0BOYIQ6IcytitUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMxMTBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmNmFkMGM5YTljMWI3ZWM4OGUyZWI3NDEwNTdhNDlhOTE0Y2NjMjY4YTMy
ODYyN2U3N2ZkY2FhMzMyZTZhOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJaC9UVKV9pNNuwojGqt9dxRRQlJa0Gyf9dwKTmtt1Jo4Q5MhunvILLGSpJC
4veG0qf08k5xCxGlabPUqIpUkrkmQ0ccdmV0tG9WEzIpGZWiOGGtSiRCNzGvHlBf
y3Xo081xz5KGK/vMKH+peFtWEuuvluJa92XyFQMpua3z2/lyrbWI+rbBhkwssvu6
dbQoO7PYebi6RhFUj3PNp7eWNohr3wvzbY/Rp7npj8j6teeqJDV6tyWOEW4QJ9D/
9ZLNZp9mHuhNIYiBlapgBUIqaUZQyZp01cOmr0xYn5Hz333Z/qG/vlKEFPfAyTIz
QWWUzfbi6a0xAPXNoNNFtzm7BK0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTZhhnH
DEvv1nSwlCFT4lM5BS50ZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNiODYzMDgtOThhMC00OGU1LTg4MjUtZDM5OGMwY2U4MDk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAJTxYod3FdZlEhCeKDIKh3VqDeUZY3qmG3Oy8
xLpvUCTTqXL91mlVvibmehFiBJEyOL4uyUrHN2dX+eI1+c0S4QDdTNPSspr/goa5
/ngN3Sa4GyMgX5Z9U3MkBsIABmd3aeObLmMx7+biJPCajnN845kz3V3UQvZrSy37
vfHfDp9HVGvsWnobWgojaCaEsUDuG/AKbSc/pIFEQha3eBhoCRxrfLUl2ipVyQS7
ZuIiA8iPg+UC5PSeo+ucsw1kL4JT8goT05ysG9/kj6IRlJSRGvXer6DDf/iuxtxT
4H1Uaomw8XcFnYV+u4jtKh8PnkAoZoICDa/GKyvMJYb5Y/p+WA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:15 2025 by rpki-client