Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4d03f6d9-094a-4f2a-aa7c-73e66047c2a1.roa
File: 4d03f6d9-094a-4f2a-aa7c-73e66047c2a1.roa (raw, json)
Hash identifier: mlwqs1+4ctXLUXWWRPmq6jkOhhXtIiXVrNfv22qQ0G8=
Subject key identifier: EF:73:95:DA:5E:30:DF:C1:7A:B1:32:F1:27:49:D6:5E:37:86:05:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 561FB1F587A37D8F8A682770C7FB68D5589A2DA1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4d03f6d9-094a-4f2a-aa7c-73e66047c2a1.roa
Signing time: Mon 06 Oct 2025 18:01:00 +0000
ROA not before: Mon 06 Oct 2025 18:01:00 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:10c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:1f:b1:f5:87:a3:7d:8f:8a:68:27:70:c7:fb:68:d5:58:9a:2d:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:01:00 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=d3d151e3d0a1e16cd0557edcbf130e9cc2c2df90f767e52b66b869beafb4d771, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d4:b9:d2:b2:25:73:52:ed:54:ba:72:a5:97:
af:44:5f:2e:49:74:d1:c1:d9:86:a9:38:e3:81:9e:
fd:c8:2c:31:72:e3:19:9c:a5:ca:3a:83:bb:96:d9:
9d:d2:44:6d:55:92:4f:bf:72:e5:91:40:fe:fa:91:
20:44:39:3e:c1:cf:d3:0d:78:e9:e3:19:45:ff:a2:
aa:6d:22:03:c6:d1:6f:ac:cb:ed:3b:e3:bb:ff:31:
ba:96:0a:57:36:ab:e0:77:dc:32:c0:c3:f0:7e:29:
08:e0:86:7e:51:8d:10:36:64:5f:55:7f:c1:45:6b:
88:3d:19:b9:38:7f:5f:55:1a:f5:19:89:20:50:55:
af:fd:0b:2c:a2:e7:7c:c3:8c:7b:bf:83:a0:f1:c9:
57:06:ef:cc:9f:25:af:d3:15:24:06:d8:11:28:46:
c5:cd:6d:0e:64:e4:93:4b:7f:9f:45:c1:a6:a3:6a:
8e:4d:6e:fc:62:72:0b:a3:a7:4f:81:15:95:6a:47:
9e:a1:c1:d2:05:bf:b2:56:3d:0c:10:9f:0e:d8:96:
ad:11:22:c4:d5:a3:87:1a:04:1e:06:1f:c1:e5:c4:
92:f3:af:df:99:ff:de:35:f1:e1:32:fd:03:37:cc:
b3:16:ad:ce:68:18:ec:95:f8:ca:0d:c8:5c:c1:64:
0d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:73:95:DA:5E:30:DF:C1:7A:B1:32:F1:27:49:D6:5E:37:86:05:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4d03f6d9-094a-4f2a-aa7c-73e66047c2a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:10c0::/46
Signature Algorithm: sha256WithRSAEncryption
56:14:78:41:7f:d2:1d:e0:51:d2:6b:42:24:0e:82:94:78:10:
b0:37:e1:0a:14:0f:7f:bb:1e:74:fe:b2:46:66:ad:f3:58:ad:
95:0b:de:67:1d:72:6c:02:67:6c:62:a6:89:9b:3d:13:70:22:
f0:a8:38:d4:9f:3d:ec:16:e3:0e:cb:b1:bb:fc:90:a4:04:34:
05:49:f5:da:23:55:1d:55:50:9a:da:8c:a4:59:06:62:f8:28:
02:8f:de:e4:10:64:12:57:b6:cf:27:19:22:16:be:bc:fb:bb:
ec:f7:00:16:e0:40:75:53:ee:00:cb:78:be:57:06:4e:14:5c:
73:66:44:bb:20:50:de:81:cc:c0:01:63:2a:53:97:8c:1d:8c:
af:e3:85:8c:ce:6b:9c:f0:3e:42:35:28:24:0e:3f:af:92:2d:
34:38:eb:16:fd:5b:a4:bc:42:f4:06:e8:26:1b:31:8c:65:45:
96:97:a5:30:82:56:7d:1f:09:77:dc:f6:2d:da:f8:eb:af:c3:
06:81:b8:51:9e:12:14:d9:39:d2:c4:af:a6:01:96:85:fc:cd:
5e:f6:87:d8:e5:94:f7:c9:cc:8b:1a:22:f6:9c:e9:28:d0:8c:
42:2c:ab:7a:dc:de:a8:11:f5:f4:b6:0a:6b:fd:c6:d0:50:02:
c8:5f:d0:ad
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVh+x9YejfY+KaCdwx/to1ViaLaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAxMDBaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzZDE1MWUzZDBhMWUxNmNkMDU1N2VkY2JmMTMwZTljYzJjMmRmOTBmNzY3
ZTUyYjY2Yjg2OWJlYWZiNGQ3NzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/UudKyJXNS7VS6cqWXr0RfLkl00cHZhqk444Ge/cgsMXLjGZylyjqDu5bZ
ndJEbVWST79y5ZFA/vqRIEQ5PsHP0w146eMZRf+iqm0iA8bRb6zL7Tvju/8xupYK
Vzar4HfcMsDD8H4pCOCGflGNEDZkX1V/wUVriD0ZuTh/X1Ua9RmJIFBVr/0LLKLn
fMOMe7+DoPHJVwbvzJ8lr9MVJAbYEShGxc1tDmTkk0t/n0XBpqNqjk1u/GJyC6On
T4EVlWpHnqHB0gW/slY9DBCfDtiWrREixNWjhxoEHgYfweXEkvOv35n/3jXx4TL9
AzfMsxatzmgY7JX4yg3IXMFkDZMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTvc5Xa
XjDfwXqxMvEnSdZeN4YFXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGQwM2Y2ZDktMDk0YS00ZjJhLWFhN2MtNzNlNjYwNDdjMmExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAVhR4QX/SHeBR0mtCJA6ClHgQsDfhChQPf7se
dP6yRmat81itlQveZx1ybAJnbGKmiZs9E3Ai8Kg41J897BbjDsuxu/yQpAQ0BUn1
2iNVHVVQmtqMpFkGYvgoAo/e5BBkEle2zycZIha+vPu77PcAFuBAdVPuAMt4vlcG
ThRcc2ZEuyBQ3oHMwAFjKlOXjB2Mr+OFjM5rnPA+QjUoJA4/r5ItNDjrFv1bpLxC
9AboJhsxjGVFlpelMIJWfR8Jd9z2Ldr466/DBoG4UZ4SFNk50sSvpgGWhfzNXvaH
2OWU98nMixoi9pzpKNCMQiyretzeqBH19LYKa/3G0FACyF/QrQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:06 2025 by rpki-client