Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa3b401f-ea91-45a9-8182-d567cfac077a.roa
File: fa3b401f-ea91-45a9-8182-d567cfac077a.roa (raw, json)
Hash identifier: d996j0ppcu5kL0uxSOsiPfwf7yrCsKLjxuPpDY7W7Y0=
Subject key identifier: 5C:BA:30:33:32:D5:52:60:34:BB:21:82:B5:49:4F:40:FE:DF:FF:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53C456CC4C71D7E6A1CC8E546C97A553C593946F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa3b401f-ea91-45a9-8182-d567cfac077a.roa
Signing time: Tue 21 Oct 2025 13:20:08 +0000
ROA not before: Tue 21 Oct 2025 13:20:08 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:c4:56:cc:4c:71:d7:e6:a1:cc:8e:54:6c:97:a5:53:c5:93:94:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:08 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=792d47d04931f0b27f6ffd0eef3cb61718d7e274c9588d13cbf1d5b41fa391cf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cd:f9:66:ce:a6:ec:31:9e:85:cd:de:3b:99:
ac:b5:f6:75:24:90:1a:35:8f:3f:e4:de:bb:45:53:
aa:c0:53:de:0f:c6:b7:05:86:46:c9:bc:ff:ed:c9:
8e:fc:80:b7:14:6d:3a:fa:fc:4e:35:54:dd:9e:44:
77:bd:16:67:ae:5c:e4:02:40:4f:d0:e4:84:c7:79:
8b:65:cc:81:0a:e9:93:4e:53:61:f5:21:51:c5:da:
a6:1b:3d:56:2f:88:db:3b:ed:ef:0e:33:70:c4:1a:
85:d9:d7:df:9e:35:80:17:b3:a6:ed:48:98:4b:45:
fe:4d:67:2f:a2:c5:cb:ab:1b:8a:c5:bd:45:b6:00:
92:bb:a6:43:9b:28:9a:9d:bb:4c:14:0e:1f:7a:af:
68:33:3d:ba:df:63:d4:61:dd:ab:5f:9e:38:88:1f:
ee:51:28:7f:25:99:45:ab:7b:dd:68:f3:00:5d:b4:
ba:9c:79:b9:df:ad:5a:49:ff:ad:8a:7f:e0:9d:6a:
3b:77:3c:b2:c8:76:51:b0:e5:59:fc:20:34:38:ac:
9c:76:cc:80:6f:67:80:33:1b:f3:fa:e4:11:86:d7:
85:f2:ee:46:04:8a:50:f5:44:8f:64:06:a8:72:01:
70:69:22:c8:5d:1d:2f:77:f7:23:71:c2:ce:3f:6f:
71:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:BA:30:33:32:D5:52:60:34:BB:21:82:B5:49:4F:40:FE:DF:FF:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa3b401f-ea91-45a9-8182-d567cfac077a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:b080::/48
Signature Algorithm: sha256WithRSAEncryption
6d:39:42:2e:65:0d:ec:a6:c8:af:8a:76:24:98:d8:93:fa:e2:
75:44:ff:fd:07:f7:2b:f3:4d:19:e3:1e:2d:7d:da:8d:02:73:
e9:52:b6:40:55:e0:a9:fe:7c:3c:44:35:e1:bd:a4:08:29:03:
3d:14:73:39:74:9f:0b:f2:52:6b:c9:48:57:91:d4:f5:05:ac:
fd:83:95:62:92:4a:8e:1d:fc:a9:65:55:f5:bc:48:e3:0f:b3:
a4:bd:48:72:05:44:b5:42:b8:3a:b9:7c:dc:c2:46:f3:20:87:
31:6e:55:bb:60:cc:27:be:79:a7:27:51:9e:2e:59:1d:9e:45:
22:39:19:d9:f3:48:4f:9e:4d:7f:6a:6f:b7:f4:9b:24:61:62:
96:a1:a3:7f:af:93:81:55:43:82:21:77:ff:66:32:09:32:54:
9c:d7:71:5e:a3:24:30:74:91:70:1b:33:7d:af:26:57:86:61:
74:b9:52:a9:78:5e:38:90:a2:6d:9e:f5:5b:61:a6:cc:5a:af:
68:fe:65:e7:45:a4:b1:2e:a6:92:d0:82:eb:ff:ff:bf:ee:7f:
c6:d0:25:fc:88:71:67:db:58:ad:8b:fc:62:d7:f3:a9:e6:dc:
73:a2:90:08:b4:22:9a:f1:22:db:63:2f:63:78:1d:6d:88:b0:
3a:98:16:39
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUU8RWzExx1+ahzI5UbJelU8WTlG8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwMDhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5MmQ0N2QwNDkzMWYwYjI3ZjZmZmQwZWVmM2NiNjE3MThkN2UyNzRjOTU4
OGQxM2NiZjFkNWI0MWZhMzkxY2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDN+WbOpuwxnoXN3juZrLX2dSSQGjWPP+Teu0VTqsBT3g/GtwWGRsm8/+3J
jvyAtxRtOvr8TjVU3Z5Ed70WZ65c5AJAT9DkhMd5i2XMgQrpk05TYfUhUcXaphs9
Vi+I2zvt7w4zcMQahdnX3541gBezpu1ImEtF/k1nL6LFy6sbisW9RbYAkrumQ5so
mp27TBQOH3qvaDM9ut9j1GHdq1+eOIgf7lEofyWZRat73WjzAF20upx5ud+tWkn/
rYp/4J1qO3c8ssh2UbDlWfwgNDisnHbMgG9ngDMb8/rkEYbXhfLuRgSKUPVEj2QG
qHIBcGkiyF0dL3f3I3HCzj9vcQ8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRcujAz
MtVSYDS7IYK1SU9A/t//WDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmEzYjQwMWYtZWE5MS00NWE5LTgxODItZDU2N2NmYWMwNzdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGw
gDANBgkqhkiG9w0BAQsFAAOCAQEAbTlCLmUN7KbIr4p2JJjYk/ridUT//Qf3K/NN
GeMeLX3ajQJz6VK2QFXgqf58PEQ14b2kCCkDPRRzOXSfC/JSa8lIV5HU9QWs/YOV
YpJKjh38qWVV9bxI4w+zpL1IcgVEtUK4Orl83MJG8yCHMW5Vu2DMJ755pydRni5Z
HZ5FIjkZ2fNIT55Nf2pvt/SbJGFilqGjf6+TgVVDgiF3/2YyCTJUnNdxXqMkMHSR
cBszfa8mV4ZhdLlSqXheOJCibZ71W2GmzFqvaP5l50WksS6mktCC6///v+5/xtAl
/IhxZ9tYrYv8Ytfzqebcc6KQCLQimvEi22MvY3gdbYiwOpgWOQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:20 2025 by rpki-client