Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa
File: a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa (raw, json)
Hash identifier: IObjtKtDXyfAv+K29O5gEpNXiX+9lzPHe4av4xNvKbo=
Subject key identifier: 55:35:EC:31:7F:93:52:D9:DC:87:2E:AC:A7:AB:A3:1E:37:70:0B:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51DBF45B13B74AB235CE861B7EEBC32318344F20
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa
Signing time: Tue 21 Oct 2025 13:30:42 +0000
ROA not before: Tue 21 Oct 2025 13:30:42 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:db:f4:5b:13:b7:4a:b2:35:ce:86:1b:7e:eb:c3:23:18:34:4f:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:30:42 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=2b68d29756a9fcd16c842848e6e4b2065f002d9806d310e9db27d2e595ca6d9f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:54:73:5e:dc:ff:ee:c4:af:e1:cb:4b:79:3a:
73:b6:5e:20:bd:4e:14:0c:0b:f3:61:c4:3c:1a:4b:
7c:1b:47:2b:a6:88:c6:2b:62:73:e3:ba:90:72:51:
aa:44:02:a4:f3:5b:b5:14:dc:78:53:d4:40:30:ed:
7c:a8:ba:52:30:25:42:9a:6e:c3:43:59:ce:34:a6:
9e:a1:57:b3:c7:a2:99:5b:3c:28:bd:55:a0:bb:ff:
ee:60:c9:a3:4d:dc:9b:c3:25:f6:10:ec:34:b9:b6:
50:32:8f:1e:c3:1f:f8:d0:3b:64:b0:f0:bb:ff:4b:
2d:2e:db:02:7e:f3:68:80:8d:6b:b9:5d:51:c1:91:
77:03:4e:68:a2:3c:e4:78:4d:2a:c4:6c:63:ed:8c:
ea:90:b0:a0:61:2d:14:b8:7e:44:e7:34:c8:9f:73:
e0:d5:52:30:38:d5:74:fd:05:b3:75:3d:38:3d:91:
95:af:72:15:6f:46:01:be:65:c3:a3:f3:ad:38:06:
a2:5d:92:3b:16:d0:61:05:02:8a:38:73:70:26:0d:
77:8d:7b:53:a2:35:20:5b:89:a5:64:7c:c3:1e:ff:
66:7c:03:37:90:68:47:6e:5f:71:d5:3e:dc:6f:0f:
ca:21:6b:2a:ee:ee:0d:22:99:15:ca:06:d3:db:c4:
39:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:35:EC:31:7F:93:52:D9:DC:87:2E:AC:A7:AB:A3:1E:37:70:0B:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
6c:60:05:ad:e5:24:47:e5:9c:7f:76:dc:27:e4:c2:2a:6e:a5:
2e:fb:eb:a3:ed:d3:c5:e7:6b:da:58:99:0c:a2:c8:0e:cc:0d:
47:ba:1b:27:86:52:17:dd:5c:39:1a:03:17:63:23:4a:85:82:
ba:8b:ab:73:98:dc:0c:c4:73:96:89:da:6b:97:2e:cd:23:1e:
a1:07:13:df:8d:f6:70:4f:94:a1:69:1c:aa:bf:8a:9b:52:4a:
ce:33:cf:01:6a:ea:dd:00:40:38:5e:27:c3:91:8f:2e:75:4e:
93:86:62:7d:79:e4:12:9d:65:1f:95:45:b5:7d:26:cc:30:3f:
f9:f7:2f:f6:82:b0:be:60:e1:c4:58:0c:b7:ab:39:86:ca:33:
27:7c:db:18:ae:b1:6d:19:82:64:39:f9:e3:3d:2e:e8:b2:25:
1a:aa:24:bf:70:e6:34:42:a3:69:34:e8:25:39:9f:32:c9:6a:
a2:fa:b9:3f:d6:fc:0f:ef:eb:81:9a:00:36:91:65:2e:3a:ea:
7a:34:05:2c:99:96:1d:69:7c:bb:07:3c:c2:6f:66:8c:ae:8b:
27:13:b6:be:59:93:06:13:b1:c8:c9:e2:87:bf:d2:3f:cc:ee:
75:f0:ce:f5:8f:74:a6:2a:e8:a8:65:16:3b:cd:63:9c:76:67:
b6:c3:05:30
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUdv0WxO3SrI1zoYbfuvDIxg0TyAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMwNDJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiNjhkMjk3NTZhOWZjZDE2Yzg0Mjg0OGU2ZTRiMjA2NWYwMDJkOTgwNmQz
MTBlOWRiMjdkMmU1OTVjYTZkOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtUc17c/+7Er+HLS3k6c7ZeIL1OFAwL82HEPBpLfBtHK6aIxitic+O6kHJR
qkQCpPNbtRTceFPUQDDtfKi6UjAlQppuw0NZzjSmnqFXs8eimVs8KL1VoLv/7mDJ
o03cm8Ml9hDsNLm2UDKPHsMf+NA7ZLDwu/9LLS7bAn7zaICNa7ldUcGRdwNOaKI8
5HhNKsRsY+2M6pCwoGEtFLh+ROc0yJ9z4NVSMDjVdP0Fs3U9OD2Rla9yFW9GAb5l
w6PzrTgGol2SOxbQYQUCijhzcCYNd417U6I1IFuJpWR8wx7/ZnwDN5BoR25fcdU+
3G8PyiFrKu7uDSKZFcoG09vEOUUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRVNewx
f5NS2dyHLqynq6MeN3ALjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTJjNGMyOGMtMGRmOS00MGQ0LWJmNGQtOTI2MTA0YjY5MWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpA
MA0GCSqGSIb3DQEBCwUAA4IBAQBsYAWt5SRH5Zx/dtwn5MIqbqUu++uj7dPF52va
WJkMosgOzA1HuhsnhlIX3Vw5GgMXYyNKhYK6i6tzmNwMxHOWidprly7NIx6hBxPf
jfZwT5ShaRyqv4qbUkrOM88BaurdAEA4XifDkY8udU6ThmJ9eeQSnWUflUW1fSbM
MD/59y/2grC+YOHEWAy3qzmGyjMnfNsYrrFtGYJkOfnjPS7osiUaqiS/cOY0QqNp
NOglOZ8yyWqi+rk/1vwP7+uBmgA2kWUuOup6NAUsmZYdaXy7BzzCb2aMrosnE7a+
WZMGE7HIyeKHv9I/zO518M71j3SmKuioZRY7zWOcdme2wwUw
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:08 2025 by rpki-client