Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
File: cead5bc0-2620-45bc-b97b-adb00020a426.roa (raw, json)
Hash identifier: 7p8LkCcWS9eFSfPk9btqe+a6IFoMOYynsQVek20XYRU=
Subject key identifier: 3C:20:FA:C2:AE:2B:80:AE:C9:14:B7:08:4A:05:07:0F:5C:5C:74:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E0702308EFCF175ED4A9244D0B7256936633486
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
Signing time: Tue 21 Oct 2025 14:30:53 +0000
ROA not before: Tue 21 Oct 2025 14:30:53 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:07:02:30:8e:fc:f1:75:ed:4a:92:44:d0:b7:25:69:36:63:34:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:30:53 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=b4933669ec655867b4edeadcecb452ba4c7b0c8cb3a9a9761772eecf86419a67, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ee:46:54:77:d1:53:b0:8a:4f:d5:76:fd:a3:
d3:a8:40:19:43:ec:72:83:b1:d3:ed:81:65:0d:7d:
d6:9f:e6:e0:93:e6:68:15:e2:78:2a:c6:d4:34:10:
33:83:d4:1d:44:62:e9:e2:9e:75:b6:af:06:11:c0:
77:56:ab:d7:4b:9c:6a:e6:50:93:29:15:29:66:e4:
a8:d7:b7:d4:1e:5f:7c:0f:5b:83:cd:6b:c9:e4:cf:
93:78:59:54:c7:96:08:0e:b8:49:72:49:b5:2e:55:
f5:fc:26:6a:23:11:38:43:90:c9:2f:d4:fc:17:35:
b2:e1:8e:80:27:6c:92:ec:35:86:2b:86:29:c7:32:
e2:4b:63:2f:31:d1:a7:8a:8a:62:88:26:b5:61:fc:
b8:94:29:2b:06:8a:b3:6a:64:3b:3e:50:d6:72:5c:
02:14:9e:16:a7:38:6d:9a:ab:80:de:36:6b:ea:83:
de:1c:e9:e5:fc:fb:d0:a2:e6:5b:be:4d:07:c3:e1:
e9:34:2b:77:f7:f7:6b:54:2e:51:8d:ff:f0:99:0a:
3a:a6:1e:66:ca:25:eb:53:1e:03:30:9e:b5:f9:cd:
62:87:ad:0d:a9:ba:64:07:25:fc:12:37:97:5b:9a:
19:fe:53:17:b0:0b:d8:7d:a0:90:4d:64:7f:0a:75:
38:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:20:FA:C2:AE:2B:80:AE:C9:14:B7:08:4A:05:07:0F:5C:5C:74:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e080::/48
Signature Algorithm: sha256WithRSAEncryption
6f:d4:fd:e3:51:f7:66:99:bf:8b:a7:14:2e:ce:b2:14:3e:f0:
60:78:f1:c2:0f:41:ec:88:f8:f7:4f:d7:4a:08:00:5e:2d:ad:
bf:06:fa:ff:7c:06:da:17:23:2b:27:f8:5d:3a:a0:ce:e1:8f:
da:f6:41:ae:09:73:22:48:e4:81:64:0f:49:10:e8:cd:e3:dc:
b7:b0:64:77:5f:d7:ab:c7:07:e4:cd:d0:4b:b5:e4:fd:38:32:
69:38:f6:8b:b2:14:c7:d1:f7:c5:db:65:32:4b:93:13:4a:10:
21:20:63:4c:c0:25:d0:9c:73:43:44:89:ee:43:46:44:5f:6b:
3e:f9:9c:9b:eb:71:4a:63:09:b3:37:b7:8c:0b:3d:13:17:0a:
1a:2e:5d:37:db:f8:e7:d8:6e:0c:0c:14:f7:9b:bd:90:7b:a0:
df:37:24:f1:8b:e2:e1:0a:52:a8:13:26:76:ea:fa:9f:3e:d0:
97:37:11:c5:1f:ed:c7:00:15:e2:4a:5e:db:d3:f6:16:c2:22:
b7:d5:b6:d9:f6:09:28:21:ec:2b:49:cf:22:64:00:42:bb:3b:
41:39:29:a5:87:32:5f:c7:2c:15:32:e7:b6:49:7a:44:41:45:
36:52:c9:08:2b:f3:7e:cf:9c:c7:f9:c7:cd:54:66:08:48:e8:
60:da:65:1c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTgcCMI788XXtSpJE0LclaTZjNIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMwNTNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0OTMzNjY5ZWM2NTU4NjdiNGVkZWFkY2VjYjQ1MmJhNGM3YjBjOGNiM2E5
YTk3NjE3NzJlZWNmODY0MTlhNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTuRlR30VOwik/Vdv2j06hAGUPscoOx0+2BZQ191p/m4JPmaBXieCrG1DQQ
M4PUHURi6eKedbavBhHAd1ar10ucauZQkykVKWbkqNe31B5ffA9bg81ryeTPk3hZ
VMeWCA64SXJJtS5V9fwmaiMROEOQyS/U/Bc1suGOgCdskuw1hiuGKccy4ktjLzHR
p4qKYogmtWH8uJQpKwaKs2pkOz5Q1nJcAhSeFqc4bZqrgN42a+qD3hzp5fz70KLm
W75NB8Ph6TQrd/f3a1QuUY3/8JkKOqYeZsol61MeAzCetfnNYoetDam6ZAcl/BI3
l1uaGf5TF7AL2H2gkE1kfwp1OA0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ8IPrC
riuArskUtwhKBQcPXFx0FzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2VhZDViYzAtMjYyMC00NWJjLWI5N2ItYWRiMDAwMjBhNDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
gDANBgkqhkiG9w0BAQsFAAOCAQEAb9T941H3Zpm/i6cULs6yFD7wYHjxwg9B7Ij4
90/XSggAXi2tvwb6/3wG2hcjKyf4XTqgzuGP2vZBrglzIkjkgWQPSRDozePct7Bk
d1/Xq8cH5M3QS7Xk/TgyaTj2i7IUx9H3xdtlMkuTE0oQISBjTMAl0JxzQ0SJ7kNG
RF9rPvmcm+txSmMJsze3jAs9ExcKGi5dN9v459huDAwU95u9kHug3zck8Yvi4QpS
qBMmdur6nz7QlzcRxR/txwAV4kpe29P2FsIit9W22fYJKCHsK0nPImQAQrs7QTkp
pYcyX8csFTLntkl6REFFNlLJCCvzfs+cx/nHzVRmCEjoYNplHA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:20 2025 by rpki-client