Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa
File: 92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa (raw, json)
Hash identifier: LllR5bpxqf95BS7W+bxobs6oKt5dm+DwHwbylV0nUF0=
Subject key identifier: 12:C4:DB:D2:9C:49:EA:AF:86:8C:93:FF:82:D2:2B:A0:C2:90:3D:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 481FBCC377E18442F967C6D4E6554DB38ED39583
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa
Signing time: Fri 31 Oct 2025 00:40:07 +0000
ROA not before: Fri 31 Oct 2025 00:40:07 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:4040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:1f:bc:c3:77:e1:84:42:f9:67:c6:d4:e6:55:4d:b3:8e:d3:95:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 00:40:07 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=f18dadf9146dc27edea5fbdc34317e0bbc16cb6ce1bdb353cae0d5e595d70610, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9c:37:2f:0a:6b:ba:ef:2f:b0:68:5f:eb:6c:
f6:2d:57:44:41:a5:30:b3:94:42:9f:24:7b:8a:99:
ad:1f:a1:4d:f5:4a:df:c1:6a:a8:07:a6:cf:73:21:
54:c3:46:02:39:a9:3f:82:44:bd:e3:d0:71:f5:82:
0b:3b:04:6f:33:6e:1c:a0:d5:db:e6:89:aa:cf:2e:
27:00:c4:3d:b3:e6:b2:88:c6:d5:ab:45:c3:eb:24:
5c:75:c8:51:20:95:1c:d5:5d:34:af:c5:80:1c:72:
ea:e9:6e:66:9b:6f:bc:d4:59:8f:1a:38:9f:5a:f2:
5b:45:f5:24:14:fc:b3:82:18:71:6f:12:0c:93:6a:
4a:0d:75:89:20:05:f0:b1:d2:17:fc:72:b1:53:8a:
bc:f1:1e:73:c2:b5:09:fa:ef:80:ae:3d:e9:b3:f8:
6f:f3:f0:1f:4d:3b:9e:48:60:bc:40:9f:4e:af:eb:
5b:fc:d0:40:1d:f7:1e:5d:d4:0b:82:c2:06:12:dd:
a4:cf:bf:0b:fb:88:bf:bf:33:0c:0d:18:d5:5b:9a:
ec:f4:53:ec:fb:2e:ed:de:46:f0:42:6f:d3:b4:d9:
7b:5a:12:f5:81:8d:73:11:8a:7f:ac:58:9f:a3:83:
25:ce:a8:8c:ce:7d:44:56:ab:47:00:75:3c:aa:b8:
54:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:C4:DB:D2:9C:49:EA:AF:86:8C:93:FF:82:D2:2B:A0:C2:90:3D:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:4040::/46
Signature Algorithm: sha256WithRSAEncryption
b2:cc:db:9d:78:07:e1:a1:2a:c0:4c:1b:e1:92:a7:0c:a5:c1:
8b:b4:b6:2a:36:35:55:c3:99:66:af:50:55:99:27:da:ad:37:
c7:68:bf:83:f3:da:64:9d:2b:79:7d:e5:6a:6a:93:1e:20:19:
fb:21:13:66:08:ab:15:b4:6f:ea:06:09:92:83:88:a7:4d:c2:
46:d2:50:30:d8:31:ca:73:d3:26:fa:ad:ae:7d:6d:42:b3:2d:
40:d7:54:54:c2:af:82:b4:bb:35:13:7b:43:7a:11:3b:ff:33:
67:d0:d9:53:0d:4e:14:76:37:22:57:14:f8:27:e3:4b:b4:52:
a9:00:2d:b9:89:59:89:4e:87:7c:ee:0d:7b:64:40:3e:1a:8f:
da:4a:73:03:fe:55:93:4b:0b:cf:cb:d6:79:2d:eb:71:f7:c8:
a0:02:d9:5d:e7:43:0a:a3:12:06:8a:80:05:44:d6:8f:51:44:
ec:3b:c5:e4:43:06:c3:8b:61:61:d1:78:19:95:c5:9a:81:87:
cf:ab:15:07:35:3e:87:09:23:88:5e:13:f2:fb:58:0a:9a:73:
f2:44:f7:b0:87:75:44:89:3e:50:c1:ef:23:40:b6:dd:7d:03:
f0:81:64:67:52:19:21:3d:4f:cf:5d:41:29:a8:fd:fc:e6:4a:
67:43:9f:4d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSB+8w3fhhEL5Z8bU5lVNs47TlYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMDQwMDdaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxOGRhZGY5MTQ2ZGMyN2VkZWE1ZmJkYzM0MzE3ZTBiYmMxNmNiNmNlMWJk
YjM1M2NhZTBkNWU1OTVkNzA2MTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANScNy8Ka7rvL7BoX+ts9i1XREGlMLOUQp8ke4qZrR+hTfVK38FqqAemz3Mh
VMNGAjmpP4JEvePQcfWCCzsEbzNuHKDV2+aJqs8uJwDEPbPmsojG1atFw+skXHXI
USCVHNVdNK/FgBxy6uluZptvvNRZjxo4n1ryW0X1JBT8s4IYcW8SDJNqSg11iSAF
8LHSF/xysVOKvPEec8K1CfrvgK496bP4b/PwH007nkhgvECfTq/rW/zQQB33Hl3U
C4LCBhLdpM+/C/uIv78zDA0Y1Vua7PRT7Psu7d5G8EJv07TZe1oS9YGNcxGKf6xY
n6ODJc6ojM59RFarRwB1PKq4VLsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQSxNvS
nEnqr4aMk/+C0iugwpA92zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTJiMzFmYTItYmUxYS00MjNlLTlhY2ItMGUyMTY4YzJmYWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNA
QDANBgkqhkiG9w0BAQsFAAOCAQEAsszbnXgH4aEqwEwb4ZKnDKXBi7S2KjY1VcOZ
Zq9QVZkn2q03x2i/g/PaZJ0reX3lamqTHiAZ+yETZgirFbRv6gYJkoOIp03CRtJQ
MNgxynPTJvqtrn1tQrMtQNdUVMKvgrS7NRN7Q3oRO/8zZ9DZUw1OFHY3IlcU+Cfj
S7RSqQAtuYlZiU6HfO4Ne2RAPhqP2kpzA/5Vk0sLz8vWeS3rcffIoALZXedDCqMS
BoqABUTWj1FE7DvF5EMGw4thYdF4GZXFmoGHz6sVBzU+hwkjiF4T8vtYCppz8kT3
sId1RIk+UMHvI0C23X0D8IFkZ1IZIT1Pz11BKaj9/OZKZ0OfTQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:45 2025 by rpki-client