Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94da73c8-c1bb-4329-a141-1dcbab6b0213.roa
File: 94da73c8-c1bb-4329-a141-1dcbab6b0213.roa (raw, json)
Hash identifier: 0hQ0Zo0ECqdTRx3PHtLj5wWht7MNOXaaC6cyryAOR8I=
Subject key identifier: F2:5F:36:94:5E:31:03:FF:56:7C:8D:7F:E6:55:9D:81:73:25:44:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23040CBFE4D551AB0DD4417EF6EA77776F00BE3C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94da73c8-c1bb-4329-a141-1dcbab6b0213.roa
Signing time: Fri 31 Oct 2025 01:20:05 +0000
ROA not before: Fri 31 Oct 2025 01:20:05 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:04:0c:bf:e4:d5:51:ab:0d:d4:41:7e:f6:ea:77:77:6f:00:be:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 01:20:05 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=479f4c34e1615b6756f7b0ba61732b4c65e00a15828dc9510f12413fb62ad3ff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d4:12:f8:11:cc:bc:a9:a4:2c:16:46:02:0a:
3c:a7:7e:8e:dc:7f:bb:89:14:35:21:6f:3c:39:f7:
0c:89:80:fb:48:9c:43:bc:6a:cc:49:50:76:f5:17:
46:c9:00:94:c0:be:80:08:3c:a2:6a:55:7c:2c:95:
ee:0d:90:7c:dd:e5:35:75:b1:50:52:d2:9d:61:45:
03:61:55:65:ac:d6:d0:09:97:42:8c:32:0d:e5:9c:
b0:7b:b1:9e:ac:1c:0e:de:e3:c7:5c:64:23:02:e8:
90:eb:c1:16:23:cb:cb:25:49:fa:8b:1b:2f:89:4e:
2a:29:5f:1c:79:db:44:1c:50:22:85:99:66:a9:6d:
9c:d3:d4:f0:ec:2a:c6:3a:27:1f:2e:a7:a3:4f:0d:
d9:5b:1b:d4:28:93:aa:72:d5:c7:04:1b:7a:65:1f:
4d:ef:03:c0:23:6a:0d:fe:d9:a3:fe:e5:aa:eb:88:
82:6e:9d:73:4d:eb:31:74:2d:2e:b4:8c:af:1a:dc:
5b:0e:51:7a:c0:0e:53:0a:91:65:7c:5d:5b:2a:eb:
d2:a9:55:84:81:92:a0:28:fb:b1:59:7e:a5:3a:eb:
94:d0:06:62:70:0a:3d:55:62:84:b8:b2:9c:09:7f:
aa:4b:bb:0d:c2:d2:ef:e3:8c:c6:a5:da:cb:a5:c0:
45:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5F:36:94:5E:31:03:FF:56:7C:8D:7F:E6:55:9D:81:73:25:44:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94da73c8-c1bb-4329-a141-1dcbab6b0213.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4020::/48
Signature Algorithm: sha256WithRSAEncryption
44:c1:18:2a:e2:0d:53:c3:b1:47:f4:1e:94:f0:c9:23:e3:72:
f8:bd:f1:f0:8e:46:a6:4e:d3:29:a6:dc:68:a5:5a:20:a2:9b:
30:d9:f5:0a:68:f3:0e:40:0f:ce:a7:5d:15:c2:fa:a2:34:df:
88:71:16:1f:1b:90:4b:3a:82:14:0b:25:fc:24:76:68:da:46:
e8:ec:78:75:0e:d6:c8:c2:bf:2b:9e:62:54:8d:e1:9d:c1:88:
8c:f1:30:1c:f6:cf:33:ad:31:24:f0:d9:d5:b7:6e:5a:9b:5e:
d6:63:d2:2b:5c:9c:6a:d8:9e:2d:a9:e7:ca:71:47:3c:82:3b:
5d:9d:c7:61:bc:9c:77:e4:5d:89:ff:b9:e8:78:2d:7a:0d:6d:
83:26:30:c1:16:14:82:0a:4e:e2:b1:ef:b2:81:c3:b8:c1:89:
9e:54:08:9b:77:b1:11:4b:19:33:83:23:2a:8e:26:da:33:9d:
2d:34:1a:da:67:96:9e:0b:7f:29:91:71:4f:54:22:77:e3:00:
87:9d:11:49:2d:97:b3:7c:59:35:32:1b:cb:08:50:f7:8a:41:
92:84:61:d9:24:64:d3:b5:fa:4c:f9:a9:7f:49:4d:5e:fc:26:
be:85:71:33:5d:9f:58:a7:33:12:2f:7b:1f:eb:01:24:b3:dd:
ab:8d:eb:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIwQMv+TVUasN1EF+9up3d28AvjwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMTIwMDVaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3OWY0YzM0ZTE2MTViNjc1NmY3YjBiYTYxNzMyYjRjNjVlMDBhMTU4Mjhk
Yzk1MTBmMTI0MTNmYjYyYWQzZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTUEvgRzLyppCwWRgIKPKd+jtx/u4kUNSFvPDn3DImA+0icQ7xqzElQdvUX
RskAlMC+gAg8ompVfCyV7g2QfN3lNXWxUFLSnWFFA2FVZazW0AmXQowyDeWcsHux
nqwcDt7jx1xkIwLokOvBFiPLyyVJ+osbL4lOKilfHHnbRBxQIoWZZqltnNPU8Owq
xjonHy6no08N2Vsb1CiTqnLVxwQbemUfTe8DwCNqDf7Zo/7lquuIgm6dc03rMXQt
LrSMrxrcWw5ResAOUwqRZXxdWyrr0qlVhIGSoCj7sVl+pTrrlNAGYnAKPVVihLiy
nAl/qku7DcLS7+OMxqXay6XARbUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTyXzaU
XjED/1Z8jX/mVZ2BcyVEJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRkYTczYzgtYzFiYi00MzI5LWExNDEtMWRjYmFiNmIwMjEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
IDANBgkqhkiG9w0BAQsFAAOCAQEARMEYKuINU8OxR/QelPDJI+Ny+L3x8I5Gpk7T
KabcaKVaIKKbMNn1CmjzDkAPzqddFcL6ojTfiHEWHxuQSzqCFAsl/CR2aNpG6Ox4
dQ7WyMK/K55iVI3hncGIjPEwHPbPM60xJPDZ1bduWpte1mPSK1ycatieLannynFH
PII7XZ3HYbycd+Rdif+56Hgteg1tgyYwwRYUggpO4rHvsoHDuMGJnlQIm3exEUsZ
M4MjKo4m2jOdLTQa2meWngt/KZFxT1Qid+MAh50RSS2Xs3xZNTIbywhQ94pBkoRh
2SRk07X6TPmpf0lNXvwmvoVxM12fWKczEi97H+sBJLPdq43r1w==
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:14:32 2025 by rpki-client