Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa
File: 4cf83881-74f7-4033-977b-362e08e8d6d2.roa (raw, json)
Hash identifier: bfSYNuxuS1+BQnzDCIAA+Nl1NycYh/2TP5Ivue+u9zo=
Subject key identifier: 80:D0:C0:5C:CC:01:B1:5D:03:70:3B:44:58:02:2B:C7:FE:60:13:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A9D3048D4432BF5D308566E2CEC913F5DCBD781
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa
Signing time: Sun 19 Oct 2025 23:50:10 +0000
ROA not before: Sun 19 Oct 2025 23:50:10 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:9d:30:48:d4:43:2b:f5:d3:08:56:6e:2c:ec:91:3f:5d:cb:d7:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 19 23:50:10 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=d00e148990e14a2a121cd1a75e19ce22699c9c122bf5f97e38a7c534b5604c3c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:9f:7c:28:b2:29:64:63:51:18:49:6e:88:01:
ce:19:4e:b9:6f:e0:3b:18:dd:9d:bd:30:ba:36:d0:
f6:8f:8c:1b:e3:a9:3c:5e:52:0f:d0:72:c6:0d:b6:
cb:6b:53:7a:1c:1f:ce:9e:30:75:20:2e:58:59:e7:
09:37:a0:67:6e:49:bb:11:6c:3b:10:c1:5b:f3:b4:
e6:28:40:91:8a:16:bc:42:9b:5f:b3:24:08:c0:3f:
e9:4c:27:10:d4:b5:67:0c:e8:f3:e3:53:e9:62:56:
54:c9:ab:94:a1:c6:fe:04:a6:b1:75:f8:33:46:b6:
40:54:56:c8:7e:28:5a:71:e4:31:e8:19:1e:e7:63:
e9:16:e8:e9:29:03:a9:96:dd:b1:90:da:6e:4a:05:
7f:b4:26:18:c6:73:fb:2e:dc:6d:57:f0:1f:e4:e2:
d3:06:49:f9:2b:b9:0d:63:8a:a3:19:c7:b2:89:f5:
4e:7e:9d:28:a1:ef:c8:64:19:f8:70:e2:49:6f:49:
e1:4d:64:46:b1:58:ff:93:43:ae:ff:f1:99:81:a9:
a2:43:d9:a3:f7:93:0a:ee:e4:54:a3:c8:b4:3a:85:
89:20:b4:d3:13:2c:ef:79:22:55:30:d1:22:aa:53:
e3:90:7e:f0:79:53:cd:c7:00:5a:04:e4:04:a3:b6:
41:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D0:C0:5C:CC:01:B1:5D:03:70:3B:44:58:02:2B:C7:FE:60:13:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:840::/48
Signature Algorithm: sha256WithRSAEncryption
0e:2b:4d:f6:43:26:8c:0a:10:07:83:4e:e8:bd:c3:a6:7b:b0:
d5:ff:1b:57:c4:02:98:74:78:a6:8e:fa:b4:1f:81:f2:12:51:
ff:91:a0:a1:23:9b:62:eb:25:d5:86:be:56:f3:60:8d:8e:dc:
a6:06:bf:9f:76:db:dd:dc:9b:ed:08:5b:56:a4:c5:9e:ce:94:
34:69:fc:57:df:a3:01:de:d2:0d:d2:d8:1a:18:3a:35:f0:bb:
0d:cb:36:c0:97:0b:78:6d:8f:5c:04:91:25:df:bb:11:e8:f5:
2e:3d:0b:58:ad:bd:87:76:18:09:78:d8:8c:b5:c3:85:fa:2b:
26:30:bf:a8:0d:9c:c0:ef:37:d4:9f:c8:1a:7a:b8:49:18:77:
b7:34:78:87:10:c8:32:58:9b:d3:b3:3a:36:28:6f:a7:48:5a:
fc:5e:9c:b4:cf:78:98:42:2b:6f:58:6a:c4:b8:ed:9a:96:58:
87:20:08:ad:d6:76:65:35:dc:cb:26:86:f6:7b:1c:ac:bc:5a:
61:c1:a9:f5:88:7d:60:a1:57:ca:3d:61:1d:fe:c0:de:eb:16:
d8:8c:77:a3:9a:39:fc:cf:92:68:97:84:32:b6:73:ed:cd:52:
3c:a1:37:cb:16:d7:f0:39:4c:83:11:13:79:ef:e4:2e:87:8a:
a6:13:ec:bf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCp0wSNRDK/XTCFZuLOyRP13L14EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTkyMzUwMTBaFw0yNTExMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwMGUxNDg5OTBlMTRhMmExMjFjZDFhNzVlMTljZTIyNjk5YzljMTIyYmY1
Zjk3ZTM4YTdjNTM0YjU2MDRjM2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPSffCiyKWRjURhJbogBzhlOuW/gOxjdnb0wujbQ9o+MG+OpPF5SD9Byxg22
y2tTehwfzp4wdSAuWFnnCTegZ25JuxFsOxDBW/O05ihAkYoWvEKbX7MkCMA/6Uwn
ENS1Zwzo8+NT6WJWVMmrlKHG/gSmsXX4M0a2QFRWyH4oWnHkMegZHudj6Rbo6SkD
qZbdsZDabkoFf7QmGMZz+y7cbVfwH+Ti0wZJ+Su5DWOKoxnHson1Tn6dKKHvyGQZ
+HDiSW9J4U1kRrFY/5NDrv/xmYGpokPZo/eTCu7kVKPItDqFiSC00xMs73kiVTDR
IqpT45B+8HlTzccAWgTkBKO2QV8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSA0MBc
zAGxXQNwO0RYAivH/mATODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNmODM4ODEtNzRmNy00MDMzLTk3N2ItMzYyZTA4ZThkNmQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
QDANBgkqhkiG9w0BAQsFAAOCAQEADitN9kMmjAoQB4NO6L3Dpnuw1f8bV8QCmHR4
po76tB+B8hJR/5GgoSObYusl1Ya+VvNgjY7cpga/n3bb3dyb7QhbVqTFns6UNGn8
V9+jAd7SDdLYGhg6NfC7Dcs2wJcLeG2PXASRJd+7Eej1Lj0LWK29h3YYCXjYjLXD
hforJjC/qA2cwO831J/IGnq4SRh3tzR4hxDIMlib07M6Nihvp0ha/F6ctM94mEIr
b1hqxLjtmpZYhyAIrdZ2ZTXcyyaG9nscrLxaYcGp9Yh9YKFXyj1hHf7A3usW2Ix3
o5o5/M+SaJeEMrZz7c1SPKE3yxbX8DlMgxETee/kLoeKphPsvw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:38 2025 by rpki-client