Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa
File: 1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa (raw, json)
Hash identifier: h3iYneictF41wux8Zg/x782nXawJpbxJoVFrjsCXdaI=
Subject key identifier: 13:5B:CC:43:A9:23:41:D8:35:B3:1C:52:19:B9:78:30:59:1B:00:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BC55AB5EB602729DBB5406C4586A4113087D1B7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa
Signing time: Mon 06 Oct 2025 18:01:04 +0000
ROA not before: Mon 06 Oct 2025 18:01:04 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:80c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:c5:5a:b5:eb:60:27:29:db:b5:40:6c:45:86:a4:11:30:87:d1:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:01:04 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=650bf7b5beb915a8044dee672d92853a8b5ee12c6db70050fe7f5e861f3f68a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:68:77:c1:11:24:ee:dc:fd:c2:3a:bc:c5:98:
37:d5:07:ca:f4:fd:78:b6:cd:60:3e:bd:7f:98:42:
36:4d:4b:38:9a:79:c6:ee:a3:ec:e4:8e:a2:cc:18:
35:ab:88:11:99:68:0f:b6:fd:bf:72:a6:df:87:1d:
89:09:4e:2a:5f:2b:53:7e:d6:11:f6:83:3a:08:09:
1b:b3:f7:80:02:21:69:ee:2f:3d:e3:42:41:7c:44:
45:2e:db:15:c0:c4:d9:67:99:af:af:b9:3e:0b:49:
7c:1a:ec:b1:ce:5a:57:be:b3:eb:c5:e2:e7:b8:94:
21:d0:f8:00:29:4f:a4:07:b6:c1:5e:fa:5c:87:b3:
a7:dc:db:b8:fc:df:ee:3e:2d:ea:a8:75:e9:4c:8b:
46:5c:95:f7:c8:f0:39:72:af:e4:59:34:cd:f9:df:
ec:8d:20:5e:09:52:8c:36:00:f8:92:cb:7c:a5:de:
e2:d8:2f:66:aa:2d:2e:2a:e8:85:83:5c:7c:ce:9f:
e8:6e:5f:26:d6:15:a1:59:60:6a:d0:d1:5c:0c:6f:
c8:94:16:55:5d:31:cb:ac:d7:b9:89:5a:82:e9:2f:
ae:e0:27:3e:e3:fa:b7:be:39:6f:c7:81:aa:8b:64:
bb:91:d3:47:d7:c2:8c:dd:98:26:70:70:1e:e8:a8:
ac:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:5B:CC:43:A9:23:41:D8:35:B3:1C:52:19:B9:78:30:59:1B:00:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
28:fa:56:9c:f6:a0:e0:64:32:6d:1b:12:f6:58:d5:50:3a:c0:
9b:d1:d0:9f:9f:85:48:a7:20:b7:e7:6c:11:ef:40:30:38:df:
f0:45:f3:cd:4c:88:8e:89:f6:35:54:7d:6e:b0:80:24:d7:eb:
b3:e9:d9:8d:f3:6e:42:cc:5b:b8:b9:86:41:dc:18:55:23:5d:
fb:67:fc:f8:ed:15:fc:c2:a2:4e:6d:1b:a6:08:59:58:62:b4:
23:c2:8f:df:b6:34:16:8e:69:e1:e5:30:0a:7f:ef:da:4c:b9:
12:3f:7d:85:9e:1c:df:b6:33:48:04:9a:26:29:e1:44:4f:1f:
58:6b:75:21:4c:e7:9e:f4:ab:94:34:d5:76:36:fb:f6:26:c6:
52:51:15:47:5d:6f:a5:e1:ef:54:51:4a:89:8d:b8:17:67:13:
08:61:fc:e6:ec:1b:ad:d4:77:18:37:2b:67:c8:ba:d6:59:f3:
97:2e:81:37:d6:c2:c4:b5:02:db:5d:2e:62:47:53:c9:82:96:
99:45:7c:1e:88:98:af:29:d9:db:44:43:08:c2:20:93:e9:0f:
72:ca:53:7c:11:24:39:2d:e5:1c:81:f4:31:bf:1b:d6:91:b6:
bd:42:f1:b8:e4:ac:47:bb:f8:a4:87:03:05:6b:06:86:97:27:
68:15:7b:fd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUS8VatetgJynbtUBsRYakETCH0bcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAxMDRaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1MGJmN2I1YmViOTE1YTgwNDRkZWU2NzJkOTI4NTNhOGI1ZWUxMmM2ZGI3
MDA1MGZlN2Y1ZTg2MWYzZjY4YTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNod8ERJO7c/cI6vMWYN9UHyvT9eLbNYD69f5hCNk1LOJp5xu6j7OSOoswY
NauIEZloD7b9v3Km34cdiQlOKl8rU37WEfaDOggJG7P3gAIhae4vPeNCQXxERS7b
FcDE2WeZr6+5PgtJfBrssc5aV76z68Xi57iUIdD4AClPpAe2wV76XIezp9zbuPzf
7j4t6qh16UyLRlyV98jwOXKv5Fk0zfnf7I0gXglSjDYA+JLLfKXe4tgvZqotLiro
hYNcfM6f6G5fJtYVoVlgatDRXAxvyJQWVV0xy6zXuYlagukvruAnPuP6t745b8eB
qotku5HTR9fCjN2YJnBwHuiorEsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQTW8xD
qSNB2DWzHFIZuXgwWRsA4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTczMGZiMGYtYWZkMi00YTQwLWIyMTgtN2QwZGYyYjJhMWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
wDANBgkqhkiG9w0BAQsFAAOCAQEAKPpWnPag4GQybRsS9ljVUDrAm9HQn5+FSKcg
t+dsEe9AMDjf8EXzzUyIjon2NVR9brCAJNfrs+nZjfNuQsxbuLmGQdwYVSNd+2f8
+O0V/MKiTm0bpghZWGK0I8KP37Y0Fo5p4eUwCn/v2ky5Ej99hZ4c37YzSASaJinh
RE8fWGt1IUznnvSrlDTVdjb79ibGUlEVR11vpeHvVFFKiY24F2cTCGH85uwbrdR3
GDcrZ8i61lnzly6BN9bCxLUC210uYkdTyYKWmUV8HoiYrynZ20RDCMIgk+kPcspT
fBEkOS3lHIH0Mb8b1pG2vULxuOSsR7v4pIcDBWsGhpcnaBV7/Q==
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:15:55 2025 by rpki-client