Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a136ad8-9412-45df-a7b1-6bc848065b5a.roa
File: 6a136ad8-9412-45df-a7b1-6bc848065b5a.roa (raw, json)
Hash identifier: LDD3+33A4tNPeEbu4pcTmJUHwwFgZieuvzGqgCY9vPk=
Subject key identifier: 4C:BA:A0:EC:C2:94:40:76:73:9D:F7:13:50:96:6E:CF:FD:68:00:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4835DB79AC0210BC7AE6D42DE8CE8C14B3C784C0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a136ad8-9412-45df-a7b1-6bc848065b5a.roa
Signing time: Wed 29 Oct 2025 07:28:22 +0000
ROA not before: Wed 29 Oct 2025 07:28:22 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:35:db:79:ac:02:10:bc:7a:e6:d4:2d:e8:ce:8c:14:b3:c7:84:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:28:22 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=bd76297b7260b97f04fad2cb9f01588ba75033bffb54242ee1572585b7fceebd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:10:43:8e:02:97:29:b5:54:20:b3:73:fe:25:
8d:9a:a6:94:38:0a:2c:24:40:0c:a1:50:a2:59:fa:
2c:84:f4:b2:ad:5f:e2:19:59:8f:ed:c8:79:fe:e4:
1e:9a:1b:c1:a4:25:14:70:50:e8:9d:5a:05:02:d9:
29:dd:46:fa:3a:39:96:85:b8:d8:30:f3:b9:5f:7c:
51:17:62:a8:cc:e6:21:d9:cc:7e:ed:cd:7a:80:91:
d5:be:26:c9:0f:30:00:83:78:52:2b:b0:12:99:1b:
71:ef:1b:53:0a:9b:d0:53:1a:1c:0a:ef:c3:f1:b7:
c5:c5:3a:87:e5:b7:48:0c:61:9c:49:be:aa:f8:38:
ed:f0:89:51:80:a8:3a:cb:b5:fc:7c:09:2e:d9:67:
49:1d:cc:7e:e1:e1:7c:ae:7b:e7:e7:68:fb:29:e3:
b4:ab:94:9d:26:34:a7:6f:9b:6c:8e:b9:96:3d:99:
a6:11:04:c4:87:dd:9e:5c:4d:ac:3e:35:2b:6f:f5:
ba:04:9b:56:bd:d7:de:bf:c3:c9:5c:eb:d8:27:c6:
dd:5e:6e:1e:ba:5d:3c:db:79:f4:e5:ea:6c:d2:61:
71:9c:02:8c:c2:e7:94:0c:f0:3a:bc:23:34:f9:bf:
2e:fb:56:5b:12:70:2f:0c:e4:36:69:2d:5a:c9:3c:
20:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:BA:A0:EC:C2:94:40:76:73:9D:F7:13:50:96:6E:CF:FD:68:00:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a136ad8-9412-45df-a7b1-6bc848065b5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
97:c6:6b:54:60:5b:e9:41:ec:53:6b:9f:39:91:d7:55:99:5b:
56:ba:34:29:5c:86:39:66:45:1e:72:86:7b:05:13:fe:35:5e:
37:d4:87:b0:37:b3:eb:84:b3:f8:a0:ec:25:51:73:2b:8c:a8:
67:3e:49:c8:1a:a2:c6:60:34:6a:0c:d0:8e:6d:8d:4d:1b:ec:
12:9f:2e:80:22:50:6d:d3:31:38:b2:21:6e:70:dd:8f:8a:7c:
57:0d:f9:04:bd:a7:ab:87:7b:6d:8f:e7:51:63:71:40:3d:fc:
65:c5:04:e7:bb:65:a7:37:52:cd:b4:d2:1f:0b:66:21:62:07:
80:a4:bf:7e:ba:0a:93:e4:58:00:7a:65:3a:6e:11:0e:d4:ce:
7e:47:c9:64:12:a3:4a:12:4b:cc:92:4e:1e:04:39:af:41:60:
e5:1a:4b:c6:1e:5c:18:45:69:51:84:d4:d1:22:09:76:82:b3:
d9:8c:55:41:33:bd:e8:63:b2:43:d7:47:52:7f:da:50:7a:ae:
a1:0b:07:09:c3:d2:3d:0c:5e:50:3d:1e:4c:c8:2a:82:e6:90:
45:af:aa:da:d5:b3:04:ae:6c:e2:ba:d1:48:14:34:15:d5:b2:
fc:3d:0d:82:f4:e2:07:27:54:91:f6:0a:7d:4b:8b:cf:fd:51:
ce:19:6d:ce
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSDXbeawCELx65tQt6M6MFLPHhMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzI4MjJaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkNzYyOTdiNzI2MGI5N2YwNGZhZDJjYjlmMDE1ODhiYTc1MDMzYmZmYjU0
MjQyZWUxNTcyNTg1YjdmY2VlYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsQQ44Clym1VCCzc/4ljZqmlDgKLCRADKFQoln6LIT0sq1f4hlZj+3Ief7k
HpobwaQlFHBQ6J1aBQLZKd1G+jo5loW42DDzuV98URdiqMzmIdnMfu3NeoCR1b4m
yQ8wAIN4UiuwEpkbce8bUwqb0FMaHArvw/G3xcU6h+W3SAxhnEm+qvg47fCJUYCo
Osu1/HwJLtlnSR3MfuHhfK575+do+ynjtKuUnSY0p2+bbI65lj2ZphEExIfdnlxN
rD41K2/1ugSbVr3X3r/DyVzr2CfG3V5uHrpdPNt59OXqbNJhcZwCjMLnlAzwOrwj
NPm/LvtWWxJwLwzkNmktWsk8INMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRMuqDs
wpRAdnOd9xNQlm7P/WgAzDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmExMzZhZDgtOTQxMi00NWRmLWE3YjEtNmJjODQ4MDY1YjVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GqA
wDANBgkqhkiG9w0BAQsFAAOCAQEAl8ZrVGBb6UHsU2ufOZHXVZlbVro0KVyGOWZF
HnKGewUT/jVeN9SHsDez64Sz+KDsJVFzK4yoZz5JyBqixmA0agzQjm2NTRvsEp8u
gCJQbdMxOLIhbnDdj4p8Vw35BL2nq4d7bY/nUWNxQD38ZcUE57tlpzdSzbTSHwtm
IWIHgKS/froKk+RYAHplOm4RDtTOfkfJZBKjShJLzJJOHgQ5r0Fg5RpLxh5cGEVp
UYTU0SIJdoKz2YxVQTO96GOyQ9dHUn/aUHquoQsHCcPSPQxeUD0eTMgqguaQRa+q
2tWzBK5s4rrRSBQ0FdWy/D0NgvTiBydUkfYKfUuLz/1Rzhltzg==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:43 2025 by rpki-client