Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
File: a472a17f-cded-45fb-a444-3393023f0b36.roa (raw, json)
Hash identifier: tctanUCabg9BDMAUwhGkaSJqGGxnXLTr5lw0csP60uQ=
Subject key identifier: A3:DF:9A:F3:70:FF:B6:2E:1E:98:98:A1:1D:AB:DD:90:18:2E:84:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2AF15A3759218DB7848DC3E24DD7A6023445D641
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
Signing time: Tue 04 Nov 2025 03:00:13 +0000
ROA not before: Tue 04 Nov 2025 03:00:13 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:f1:5a:37:59:21:8d:b7:84:8d:c3:e2:4d:d7:a6:02:34:45:d6:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 03:00:13 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=05280f890e40c1f0ea36fbbb832de6e88c47d8bae28f6a5e9135029d83c4d4ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b3:c4:0e:3d:55:90:7e:00:55:3d:d3:11:22:
84:e5:c9:96:8d:f1:e8:7b:c2:d4:5d:f0:fd:60:09:
ca:b3:34:22:d4:7c:f7:c5:cc:b9:e3:09:b8:15:5f:
d1:18:8f:e3:c8:d0:d5:d7:68:ba:43:a0:eb:06:05:
ba:06:93:49:c0:43:65:2d:92:31:41:c9:c0:c0:0a:
ce:ef:71:a5:fc:70:93:fa:ad:15:be:5d:2d:c7:45:
2d:32:df:1b:c7:ed:f6:3f:6b:58:a3:ad:c3:c5:1a:
af:78:65:0c:23:30:02:c1:e9:45:da:e8:62:37:76:
4c:ab:09:bb:05:b7:9c:b4:73:e9:27:31:45:81:30:
79:ac:b9:76:f3:11:9a:2b:cc:e8:70:5d:24:43:5d:
08:d0:0f:18:16:e4:9c:18:62:7d:c0:96:9a:87:7f:
ab:e9:e3:6c:5d:30:08:cb:17:77:61:db:4b:41:70:
93:6b:1a:d9:62:11:59:a6:48:80:c0:36:6c:29:10:
79:fa:8b:7d:c8:37:88:74:61:74:b2:85:6f:c4:aa:
c1:dd:d6:80:6f:cb:23:b0:3c:37:8e:13:0c:9c:7a:
1a:ab:63:6d:3c:15:38:74:68:e9:87:39:b5:a5:24:
57:16:b7:ca:34:c8:23:c9:7e:3b:a0:82:ba:06:64:
be:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:DF:9A:F3:70:FF:B6:2E:1E:98:98:A1:1D:AB:DD:90:18:2E:84:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:86:a5:47:58:1f:e7:4d:06:74:65:98:ee:2e:1f:5e:f4:4c:
02:6b:b9:b3:e1:11:d9:ba:b7:1c:05:52:d1:8d:5b:5d:d7:ea:
84:b9:cb:78:1c:12:64:12:b0:44:08:df:d1:5b:cd:a5:bf:4b:
41:ad:09:52:09:5b:fb:aa:f8:8a:87:de:db:73:dd:c3:bc:1d:
aa:81:69:8e:aa:09:4b:9a:a8:34:6f:c1:12:db:af:b8:1a:0a:
3c:c0:36:33:2a:3a:7a:a4:1e:9e:ff:c8:0c:4d:87:d3:15:2c:
8e:53:67:8b:71:cb:ee:b2:e4:fd:ae:ff:81:60:36:be:b3:81:
2e:ad:70:11:4d:f9:98:1f:7e:71:dd:38:44:5d:0f:7b:20:83:
e3:a5:16:9d:eb:69:a8:d5:0f:ea:b8:67:5d:f5:cb:fe:0f:9f:
f3:e9:a1:bb:0e:b8:70:13:3b:93:6d:2f:3c:6f:95:55:6d:00:
53:ba:3f:fe:f4:49:c4:0a:e3:fd:b5:73:4c:9f:f8:05:e6:3e:
e0:75:64:8e:97:50:da:c7:6a:9d:d3:fb:e1:7c:d1:dc:4b:e0:
ed:5f:93:f3:e3:3b:09:6c:63:b3:93:84:17:df:45:f6:c4:b9:
22:60:9a:92:13:c0:0f:40:ae:99:91:02:04:1f:7b:eb:60:6d:
77:5a:ae:08
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKvFaN1khjbeEjcPiTdemAjRF1kEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMzAwMTNaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1MjgwZjg5MGU0MGMxZjBlYTM2ZmJiYjgzMmRlNmU4OGM0N2Q4YmFlMjhm
NmE1ZTkxMzUwMjlkODNjNGQ0YWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKuzxA49VZB+AFU90xEihOXJlo3x6HvC1F3w/WAJyrM0ItR898XMueMJuBVf
0RiP48jQ1ddoukOg6wYFugaTScBDZS2SMUHJwMAKzu9xpfxwk/qtFb5dLcdFLTLf
G8ft9j9rWKOtw8Uar3hlDCMwAsHpRdroYjd2TKsJuwW3nLRz6ScxRYEweay5dvMR
mivM6HBdJENdCNAPGBbknBhifcCWmod/q+njbF0wCMsXd2HbS0Fwk2sa2WIRWaZI
gMA2bCkQefqLfcg3iHRhdLKFb8Sqwd3WgG/LI7A8N44TDJx6GqtjbTwVOHRo6Yc5
taUkVxa3yjTII8l+O6CCugZkvtECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSj35rz
cP+2Lh6YmKEdq92QGC6E/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ3MmExN2YtY2RlZC00NWZiLWE0NDQtMzM5MzAyM2YwYjM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAwYalR1gf500GdGWY7i4fXvRMAmu5s+ER2bq3HAVS
0Y1bXdfqhLnLeBwSZBKwRAjf0VvNpb9LQa0JUglb+6r4iofe23Pdw7wdqoFpjqoJ
S5qoNG/BEtuvuBoKPMA2Myo6eqQenv/IDE2H0xUsjlNni3HL7rLk/a7/gWA2vrOB
Lq1wEU35mB9+cd04RF0PeyCD46UWnetpqNUP6rhnXfXL/g+f8+mhuw64cBM7k20v
PG+VVW0AU7o//vRJxArj/bVzTJ/4BeY+4HVkjpdQ2sdqndP74XzR3Evg7V+T8+M7
CWxjs5OEF99F9sS5ImCakhPAD0CumZECBB9762Btd1quCA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:29:48 2025 by rpki-client