Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a103a3a0-ff03-4978-a976-55516478c88b.roa
File: a103a3a0-ff03-4978-a976-55516478c88b.roa (raw, json)
Hash identifier: TxosGYmQm9isnKt0YztBNP6I2i49WZErCSBA1aGt5e8=
Subject key identifier: 3F:B0:D3:08:C5:93:68:27:11:AA:5D:A0:10:D6:2F:88:B2:04:72:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 047FB648BDD7F954BF2CB7DE117FE6651F11E9C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a103a3a0-ff03-4978-a976-55516478c88b.roa
Signing time: Wed 29 Oct 2025 07:28:19 +0000
ROA not before: Wed 29 Oct 2025 07:28:19 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:7f:b6:48:bd:d7:f9:54:bf:2c:b7:de:11:7f:e6:65:1f:11:e9:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:28:19 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=1c460e583ba40e3212fd12e836f236226c487d27a9f0b38ffe741339ce5dfb40, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2f:b8:a4:51:ac:53:ac:53:13:28:43:ee:f7:
10:d8:90:60:45:33:2b:a4:23:50:19:7f:ee:b9:a7:
6c:77:6b:73:5e:79:dd:f8:6a:e2:e5:7f:a9:eb:f6:
82:e0:97:56:40:1b:5f:de:73:15:95:6e:46:c9:22:
10:79:f9:bd:e7:dc:e6:80:3c:80:c2:17:3f:ce:dc:
91:54:aa:fb:7c:34:97:a6:4e:23:c8:d5:32:dd:81:
ea:e5:32:57:3f:81:5f:6a:c6:bd:e5:6a:9e:52:e9:
0d:2d:44:cf:6c:54:17:26:9d:39:ff:7e:ea:13:ac:
15:ef:fd:0b:50:43:0b:b9:97:42:52:a5:a1:5e:ba:
c0:bc:e8:e5:a7:46:10:b5:6f:fb:a8:95:84:80:22:
fc:16:52:c0:56:71:fe:4d:c0:0b:71:f3:71:6e:fb:
4d:1f:cf:1e:56:05:51:b5:08:ff:83:e8:a4:23:98:
4e:2c:53:1f:90:f6:fd:d6:88:89:8b:8b:5f:8a:a1:
9b:ba:af:0b:3a:9f:f4:23:91:6f:19:39:cb:be:ee:
d1:8d:d7:8a:f0:35:20:48:c9:2b:85:16:9a:c9:14:
ec:52:62:f2:46:d8:5f:35:84:df:37:14:f5:5f:52:
59:08:01:49:49:9b:dc:c3:19:3e:04:6b:5e:e8:15:
7e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:B0:D3:08:C5:93:68:27:11:AA:5D:A0:10:D6:2F:88:B2:04:72:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a103a3a0-ff03-4978-a976-55516478c88b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:6040::/48
Signature Algorithm: sha256WithRSAEncryption
7a:72:81:7e:c5:64:07:76:00:1c:21:58:26:6e:7d:ca:cf:41:
8e:ce:b0:64:6d:a5:b3:ab:9e:ff:94:8c:1d:89:3c:16:63:f9:
ed:79:7f:07:e4:16:e8:87:eb:2d:3c:73:d3:da:c7:10:8e:d0:
a8:0d:b6:d2:df:d1:ba:43:e4:eb:3b:18:8c:ba:04:4d:40:c3:
31:95:67:70:c6:33:c8:28:b1:65:e5:db:2a:1d:b9:7e:e2:01:
68:27:6c:2e:c3:fc:dc:ac:e3:b2:9e:4e:d4:d1:4b:1a:60:34:
93:63:c4:0a:a9:79:a7:0b:8c:9a:fb:bc:97:b4:c9:bf:0f:6a:
4f:2a:82:4c:08:1e:6f:e8:b6:da:ae:f8:df:b4:04:a2:ca:52:
21:1c:a8:d0:30:fb:01:7e:9c:b0:3f:80:14:8d:84:7d:99:12:
2f:e6:b3:86:60:58:2d:a8:bd:98:5f:91:8f:a5:fe:ac:98:ac:
b4:95:86:9e:7e:c2:55:33:ea:72:5a:5e:35:b0:b1:13:41:00:
b0:71:2b:97:88:b3:90:df:e8:eb:36:e1:7e:32:93:a9:f9:75:
66:e2:32:e9:72:17:30:96:1d:e8:e2:54:d0:13:e2:fe:6f:66:
87:70:72:d6:25:e9:9e:15:a5:c9:ac:47:7c:f5:80:98:34:e0:
b5:3a:67:a4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBH+2SL3X+VS/LLfeEX/mZR8R6cgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzI4MTlaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjNDYwZTU4M2JhNDBlMzIxMmZkMTJlODM2ZjIzNjIyNmM0ODdkMjdhOWYw
YjM4ZmZlNzQxMzM5Y2U1ZGZiNDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4vuKRRrFOsUxMoQ+73ENiQYEUzK6QjUBl/7rmnbHdrc1553fhq4uV/qev2
guCXVkAbX95zFZVuRskiEHn5vefc5oA8gMIXP87ckVSq+3w0l6ZOI8jVMt2B6uUy
Vz+BX2rGveVqnlLpDS1Ez2xUFyadOf9+6hOsFe/9C1BDC7mXQlKloV66wLzo5adG
ELVv+6iVhIAi/BZSwFZx/k3AC3HzcW77TR/PHlYFUbUI/4PopCOYTixTH5D2/daI
iYuLX4qhm7qvCzqf9CORbxk5y77u0Y3XivA1IEjJK4UWmskU7FJi8kbYXzWE3zcU
9V9SWQgBSUmb3MMZPgRrXugVfrUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ/sNMI
xZNoJxGqXaAQ1i+IsgRybzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTEwM2EzYTAtZmYwMy00OTc4LWE5NzYtNTU1MTY0NzhjODhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gpg
QDANBgkqhkiG9w0BAQsFAAOCAQEAenKBfsVkB3YAHCFYJm59ys9Bjs6wZG2ls6ue
/5SMHYk8FmP57Xl/B+QW6IfrLTxz09rHEI7QqA220t/RukPk6zsYjLoETUDDMZVn
cMYzyCixZeXbKh25fuIBaCdsLsP83Kzjsp5O1NFLGmA0k2PECql5pwuMmvu8l7TJ
vw9qTyqCTAgeb+i22q7437QEospSIRyo0DD7AX6csD+AFI2EfZkSL+azhmBYLai9
mF+Rj6X+rJistJWGnn7CVTPqclpeNbCxE0EAsHErl4izkN/o6zbhfjKTqfl1ZuIy
6XIXMJYd6OJU0BPi/m9mh3By1iXpnhWlyaxHfPWAmDTgtTpnpA==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:43 2025 by rpki-client