Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
File: 04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa (raw, json)
Hash identifier: 8NkzwrRnLa47utVp5QXUfUFktqhDgcl13K4fhm6OxQ8=
Subject key identifier: FC:8D:DD:8A:3F:38:42:90:A7:6C:F2:D5:EC:D2:87:59:06:67:FC:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47B78F6A41DAD2854ABB48A4975622D6BD151FC2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
Signing time: Fri 26 Sep 2025 20:00:12 +0000
ROA not before: Fri 26 Sep 2025 20:00:12 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:b7:8f:6a:41:da:d2:85:4a:bb:48:a4:97:56:22:d6:bd:15:1f:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:00:12 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=272c0c59c0043c0f8243e303c9bb2266e2a1720f8a9a2cd0c52b0b589a23df07, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:00:1e:3f:1b:67:7b:42:3e:2e:14:60:ff:40:
c2:7d:3f:77:60:02:94:50:86:9b:6d:3a:70:66:2f:
5a:df:a7:bd:a0:2e:c3:80:d2:3d:2e:02:7d:e0:f3:
90:06:b3:4e:72:4a:88:ed:28:b0:e6:15:01:b8:43:
aa:1d:5d:5e:85:79:2d:b5:32:eb:fb:a6:36:56:73:
47:dd:c6:62:58:a3:ce:04:aa:10:f4:c3:c7:9d:ea:
fc:c9:74:93:46:1e:ee:51:41:3a:9f:b2:13:9d:1e:
4d:b2:46:a3:21:fa:20:47:d2:51:44:4f:39:df:1c:
d9:88:1c:85:eb:ae:74:1c:07:66:f9:2c:43:1d:24:
d8:c9:70:ac:ff:f8:17:df:37:84:ca:10:10:92:36:
a5:fa:be:c7:11:a0:cb:f6:57:98:c3:e3:d0:6b:c6:
50:7a:86:53:4c:75:2c:b1:c7:a0:ee:03:1e:d8:54:
92:80:d0:58:79:51:44:f9:8b:58:b1:96:c6:7f:d3:
d8:70:c7:3a:dd:f9:92:02:f0:c4:5d:c0:9f:8b:b1:
17:84:fd:0e:8f:3c:cd:0c:92:dd:86:43:bc:7d:ed:
31:f8:64:54:97:0c:6a:f6:b2:86:18:b7:4d:69:5a:
29:a0:69:67:fa:4f:2f:dc:bf:c6:c4:ef:16:38:44:
ec:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:8D:DD:8A:3F:38:42:90:A7:6C:F2:D5:EC:D2:87:59:06:67:FC:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8800::/38
Signature Algorithm: sha256WithRSAEncryption
51:53:aa:b2:4c:4a:81:41:19:84:6c:16:7c:bb:59:76:13:c9:
bf:f9:fd:86:56:42:e1:78:f1:57:63:07:00:36:2c:05:33:51:
ba:a6:07:e1:61:4d:d5:90:73:08:1d:4c:3c:68:c3:66:56:89:
71:d5:84:66:29:f8:4b:92:44:ae:b6:63:0a:51:ce:1f:05:27:
69:b5:f2:fa:ba:09:ff:6d:45:f2:c7:86:c3:a7:d2:fe:b8:a6:
d7:25:3b:29:f0:bc:c6:86:08:16:ca:db:aa:58:93:22:03:87:
fc:75:59:e0:0b:d6:b1:84:69:92:34:4c:6c:da:4b:3a:f7:05:
2a:06:5f:b9:ab:19:37:9f:84:c5:b3:50:aa:d1:8a:36:a5:21:
24:40:cc:d7:72:fd:c3:c7:25:8a:77:dc:69:0a:06:60:b2:0d:
64:4b:b8:20:ff:2d:7e:82:65:21:01:0f:97:96:69:96:d9:01:
57:e1:e5:70:cf:c7:66:97:bc:97:f6:b0:3c:30:9c:e1:ab:48:
a4:1a:50:57:d5:56:e5:1c:7d:ad:82:e8:24:78:0a:4c:43:35:
a8:c4:27:73:f7:36:79:82:98:8a:63:f8:54:43:f3:38:0f:b1:
be:a4:a1:95:00:eb:1f:04:c1:d5:ee:46:0a:47:2c:7d:98:c3:
11:40:17:32
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR7ePakHa0oVKu0ikl1Yi1r0VH8IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAwMTJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3MmMwYzU5YzAwNDNjMGY4MjQzZTMwM2M5YmIyMjY2ZTJhMTcyMGY4YTlh
MmNkMGM1MmIwYjU4OWEyM2RmMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJsAHj8bZ3tCPi4UYP9Awn0/d2AClFCGm206cGYvWt+nvaAuw4DSPS4CfeDz
kAazTnJKiO0osOYVAbhDqh1dXoV5LbUy6/umNlZzR93GYlijzgSqEPTDx53q/Ml0
k0Ye7lFBOp+yE50eTbJGoyH6IEfSUURPOd8c2YgcheuudBwHZvksQx0k2MlwrP/4
F983hMoQEJI2pfq+xxGgy/ZXmMPj0GvGUHqGU0x1LLHHoO4DHthUkoDQWHlRRPmL
WLGWxn/T2HDHOt35kgLwxF3An4uxF4T9Do88zQyS3YZDvH3tMfhkVJcMavayhhi3
TWlaKaBpZ/pPL9y/xsTvFjhE7F0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT8jd2K
PzhCkKds8tXs0odZBmf8UDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRhNDY0ZmYtN2I5ZC00M2YwLTg2OWQtN2U3YzY2YTdhNWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCI
MA0GCSqGSIb3DQEBCwUAA4IBAQBRU6qyTEqBQRmEbBZ8u1l2E8m/+f2GVkLhePFX
YwcANiwFM1G6pgfhYU3VkHMIHUw8aMNmVolx1YRmKfhLkkSutmMKUc4fBSdptfL6
ugn/bUXyx4bDp9L+uKbXJTsp8LzGhggWytuqWJMiA4f8dVngC9axhGmSNExs2ks6
9wUqBl+5qxk3n4TFs1Cq0Yo2pSEkQMzXcv3DxyWKd9xpCgZgsg1kS7gg/y1+gmUh
AQ+XlmmW2QFX4eVwz8dml7yX9rA8MJzhq0ikGlBX1VblHH2tgugkeApMQzWoxCdz
9zZ5gpiKY/hUQ/M4D7G+pKGVAOsfBMHV7kYKRyx9mMMRQBcy
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:55 2025 by rpki-client