Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46510026-3bc6-4802-9977-5875dcaffcac.roa
File: 46510026-3bc6-4802-9977-5875dcaffcac.roa (raw, json)
Hash identifier: xVf6qo5fH+ooGxj2JCRvbqkVBUcqMzlkULqECDiV4ug=
Subject key identifier: 08:7A:D3:E8:38:65:C9:E3:E1:5F:26:3D:6F:2C:D6:97:EF:50:8C:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 515DC2129611259298E5BD5C4106755E57B455EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46510026-3bc6-4802-9977-5875dcaffcac.roa
Signing time: Fri 17 Oct 2025 21:40:12 +0000
ROA not before: Fri 17 Oct 2025 21:40:12 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:5d:c2:12:96:11:25:92:98:e5:bd:5c:41:06:75:5e:57:b4:55:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 17 21:40:12 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=72f2c4eb8e23b052d4aa963d1640e7005615a35caeb42f490b848a6f0e7be7e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1e:b8:34:53:bf:ee:6a:89:ac:58:c3:8a:f3:
71:7b:fb:ea:f7:7c:50:a0:7f:08:7d:31:71:11:74:
71:fc:c3:b1:88:76:4d:00:e6:68:ac:c9:4a:13:b1:
49:38:ca:9b:05:96:a7:8a:c8:32:5f:f9:3e:6c:43:
2f:f8:20:7e:cc:10:ed:a5:0f:39:49:f7:64:fb:7f:
c8:5f:48:f5:98:5c:bc:fb:4f:2c:1e:42:09:d3:2c:
15:68:c3:4d:7e:30:bd:f3:27:b5:9e:72:bb:38:62:
4a:0c:d7:84:51:4f:a0:8b:0f:15:cf:9c:ea:d8:3a:
2d:bf:ce:87:6d:7f:9e:7f:ed:9d:cc:a7:12:57:32:
3d:fc:91:c0:bc:db:36:31:32:0f:62:a1:fd:2b:25:
a5:3c:f9:eb:c8:19:0d:d9:f6:69:7d:ee:16:ee:b9:
a8:2d:78:6b:63:38:63:af:b8:74:18:3f:94:c6:ae:
68:a9:c7:c9:10:ac:65:76:eb:5c:d0:67:8b:f4:8c:
2f:49:5c:0d:5e:8e:ed:94:aa:c3:84:c3:ae:8e:e6:
1f:70:b7:48:17:90:0c:e7:8c:d0:10:4e:a1:9d:25:
83:ab:55:a8:6d:d6:ce:a4:8d:8e:b4:66:37:b5:11:
fb:30:44:7f:67:c1:2b:88:13:2f:8b:00:3a:00:76:
4b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7A:D3:E8:38:65:C9:E3:E1:5F:26:3D:6F:2C:D6:97:EF:50:8C:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46510026-3bc6-4802-9977-5875dcaffcac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:a000::/40
Signature Algorithm: sha256WithRSAEncryption
94:c2:7d:6e:63:3a:0d:89:76:2a:92:4f:bc:70:ad:16:c2:ff:
a8:b8:68:46:23:dc:43:ce:b4:d2:a4:27:a5:98:ef:bf:74:05:
20:4b:0b:e1:bb:74:83:f7:c8:0c:a8:db:b0:bf:2b:71:63:0e:
f6:d7:c0:45:2c:35:f8:0a:90:7d:be:6c:c9:b0:99:d7:1d:cf:
c3:e1:b0:c9:c5:66:7d:ec:9e:8f:3e:1e:a0:bc:83:ce:04:b0:
7a:4d:18:9f:fb:ba:e1:05:f4:f4:8c:b4:f5:0c:ba:12:18:92:
fd:dd:ff:82:5b:eb:c9:62:4b:ab:8a:1b:3a:c3:ad:0d:e5:95:
e0:40:77:9b:3f:cc:94:42:b0:ea:05:f5:ed:21:e3:ee:66:85:
be:54:f6:4a:d5:78:2d:61:f6:42:1e:77:cd:a5:9e:2b:3a:cd:
81:ad:3a:55:a4:d2:ef:5f:d2:80:83:fc:59:ae:e7:0b:7d:04:
b4:15:cc:52:3a:54:07:2f:b5:2f:c6:6d:c7:91:48:00:e6:e4:
61:7f:bf:0c:9c:17:c6:68:85:84:ca:9e:d2:80:ce:47:20:3a:
37:8a:4d:25:8d:6d:b3:37:7c:0f:e3:c2:57:63:a1:c1:80:df:
6c:71:1e:28:8e:d6:c4:8d:92:d5:0d:80:a0:94:a9:f5:1a:ee:
6f:29:84:48
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUV3CEpYRJZKY5b1cQQZ1Xle0VewwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTcyMTQwMTJaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyZjJjNGViOGUyM2IwNTJkNGFhOTYzZDE2NDBlNzAwNTYxNWEzNWNhZWI0
MmY0OTBiODQ4YTZmMGU3YmU3ZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI4euDRTv+5qiaxYw4rzcXv76vd8UKB/CH0xcRF0cfzDsYh2TQDmaKzJShOx
STjKmwWWp4rIMl/5PmxDL/ggfswQ7aUPOUn3ZPt/yF9I9ZhcvPtPLB5CCdMsFWjD
TX4wvfMntZ5yuzhiSgzXhFFPoIsPFc+c6tg6Lb/Oh21/nn/tncynElcyPfyRwLzb
NjEyD2Kh/SslpTz568gZDdn2aX3uFu65qC14a2M4Y6+4dBg/lMauaKnHyRCsZXbr
XNBni/SML0lcDV6O7ZSqw4TDro7mH3C3SBeQDOeM0BBOoZ0lg6tVqG3WzqSNjrRm
N7UR+zBEf2fBK4gTL4sAOgB2S9MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQIetPo
OGXJ4+FfJj1vLNaX71CMPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDY1MTAwMjYtM2JjNi00ODAyLTk5NzctNTg3NWRjYWZmY2FjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWg
MA0GCSqGSIb3DQEBCwUAA4IBAQCUwn1uYzoNiXYqkk+8cK0Wwv+ouGhGI9xDzrTS
pCelmO+/dAUgSwvhu3SD98gMqNuwvytxYw7218BFLDX4CpB9vmzJsJnXHc/D4bDJ
xWZ97J6PPh6gvIPOBLB6TRif+7rhBfT0jLT1DLoSGJL93f+CW+vJYkurihs6w60N
5ZXgQHebP8yUQrDqBfXtIePuZoW+VPZK1XgtYfZCHnfNpZ4rOs2BrTpVpNLvX9KA
g/xZrucLfQS0FcxSOlQHL7Uvxm3HkUgA5uRhf78MnBfGaIWEyp7SgM5HIDo3ik0l
jW2zN3wP48JXY6HBgN9scR4ojtbEjZLVDYCglKn1Gu5vKYRI
-----END CERTIFICATE-----
Generated at Tue Oct 21 01:35:45 2025 by rpki-client