Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac808304-7110-40ab-b55b-b3af42a90484.roa
File: ac808304-7110-40ab-b55b-b3af42a90484.roa (raw, json)
Hash identifier: 2NvXd1egxDSywqxxBs3D8UrRunphXD52Lj5xwAF8yGg=
Subject key identifier: 03:85:B5:DF:24:74:58:4B:13:28:AE:1F:D3:3B:74:FB:6B:99:23:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 157CEB6CB9018F02B0885129F28089AA84357020
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac808304-7110-40ab-b55b-b3af42a90484.roa
Signing time: Wed 29 Oct 2025 07:28:23 +0000
ROA not before: Wed 29 Oct 2025 07:28:23 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:7c:eb:6c:b9:01:8f:02:b0:88:51:29:f2:80:89:aa:84:35:70:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:28:23 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=464d8f151dd93168f70ad98332b97bd3d416ea33bfe202d894f1449d6a891e84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f0:ae:50:a4:eb:cc:26:8f:c7:71:d3:c3:50:
a2:e0:e6:27:13:e9:00:64:f3:20:30:e6:8a:d7:dc:
76:68:f1:27:b2:65:d9:d0:5c:d3:ec:79:65:5b:71:
f8:95:bf:6c:40:9a:a9:de:7d:41:c0:ae:c7:51:e5:
3a:9f:13:91:db:9e:a4:1a:f3:85:8b:02:67:a0:fe:
43:b2:85:a2:ab:03:86:32:80:50:3d:2b:da:88:24:
71:5c:e2:5c:26:e0:39:89:7c:da:4c:a2:95:b3:f1:
e4:e8:e1:6d:86:de:75:53:13:52:1b:79:1f:15:a3:
81:39:43:29:17:d3:8f:4e:95:19:be:95:1b:22:0e:
b4:8b:cf:74:77:63:74:fb:19:12:e9:60:e8:c2:9a:
7d:50:23:76:c9:67:1f:03:01:ed:0f:f9:42:8a:7b:
69:7e:a1:5d:c7:d1:d7:b1:63:7e:34:89:bf:1d:bb:
47:d7:97:dc:75:25:3e:d6:7d:f6:d9:62:9b:cb:d6:
c2:73:14:69:46:7f:6a:0e:01:5d:ed:c9:f4:f4:bc:
09:fb:e0:3f:5e:d1:41:48:e0:8d:f7:73:0c:ec:21:
34:06:01:18:2b:0a:75:4e:e1:a7:50:0e:5c:dc:a1:
36:63:45:36:17:97:b7:ed:c5:13:30:99:6a:b5:41:
c5:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:85:B5:DF:24:74:58:4B:13:28:AE:1F:D3:3B:74:FB:6B:99:23:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac808304-7110-40ab-b55b-b3af42a90484.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
63:8e:15:be:fe:fa:4b:52:db:be:d1:20:67:f3:5b:a1:d7:f9:
3b:ce:81:1f:d8:16:c5:55:90:0a:50:43:c3:e6:4d:d0:e8:02:
1f:29:aa:bd:d6:18:e3:05:1e:55:a8:5c:75:de:42:a9:12:f2:
9d:84:71:8f:2a:d9:9c:42:58:03:18:cb:ae:93:52:28:a5:b1:
92:88:d1:c0:7c:fe:72:d4:6c:56:9d:b9:d3:a1:d0:33:0e:28:
24:d2:7e:bd:29:cd:2b:f2:25:ae:62:85:29:7a:be:88:fb:16:
34:de:ab:b6:f7:8f:be:e1:c8:db:21:0d:e5:04:13:f2:c1:32:
45:7b:d7:23:f1:fa:25:fe:89:c1:84:0a:ff:f7:28:70:eb:4c:
89:dd:44:b5:1d:9b:98:20:72:78:f4:76:cc:89:9e:4b:14:b4:
d4:fd:58:aa:eb:47:28:55:0a:03:94:22:98:a3:5f:51:f0:00:
a3:af:4b:94:f2:78:45:a8:81:14:6e:c0:2a:5f:a6:8b:99:5c:
30:93:5f:51:72:c5:60:93:e9:f4:63:2d:54:6f:56:bb:94:e7:
e5:9c:6f:0f:f9:cb:a3:76:2a:aa:5e:fd:3b:29:22:a8:34:1b:
6d:64:93:6a:d7:00:56:e2:a1:83:7b:83:2d:96:ad:43:68:5c:
1f:0b:b9:dc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFXzrbLkBjwKwiFEp8oCJqoQ1cCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzI4MjNaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2NGQ4ZjE1MWRkOTMxNjhmNzBhZDk4MzMyYjk3YmQzZDQxNmVhMzNiZmUy
MDJkODk0ZjE0NDlkNmE4OTFlODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/wrlCk68wmj8dx08NQouDmJxPpAGTzIDDmitfcdmjxJ7Jl2dBc0+x5ZVtx
+JW/bECaqd59QcCux1HlOp8TkduepBrzhYsCZ6D+Q7KFoqsDhjKAUD0r2ogkcVzi
XCbgOYl82kyilbPx5OjhbYbedVMTUht5HxWjgTlDKRfTj06VGb6VGyIOtIvPdHdj
dPsZEulg6MKafVAjdslnHwMB7Q/5Qop7aX6hXcfR17FjfjSJvx27R9eX3HUlPtZ9
9tlim8vWwnMUaUZ/ag4BXe3J9PS8CfvgP17RQUjgjfdzDOwhNAYBGCsKdU7hp1AO
XNyhNmNFNheXt+3FEzCZarVBxRMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQDhbXf
JHRYSxMorh/TO3T7a5kjmDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWM4MDgzMDQtNzExMC00MGFiLWI1NWItYjNhZjQyYTkwNDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GoI
wDANBgkqhkiG9w0BAQsFAAOCAQEAY44Vvv76S1LbvtEgZ/Nbodf5O86BH9gWxVWQ
ClBDw+ZN0OgCHymqvdYY4wUeVahcdd5CqRLynYRxjyrZnEJYAxjLrpNSKKWxkojR
wHz+ctRsVp2506HQMw4oJNJ+vSnNK/IlrmKFKXq+iPsWNN6rtvePvuHI2yEN5QQT
8sEyRXvXI/H6Jf6JwYQK//cocOtMid1EtR2bmCByePR2zImeSxS01P1YqutHKFUK
A5QimKNfUfAAo69LlPJ4RaiBFG7AKl+mi5lcMJNfUXLFYJPp9GMtVG9Wu5Tn5Zxv
D/nLo3Yqql79OykiqDQbbWSTatcAVuKhg3uDLZatQ2hcHwu53A==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:55:03 2025 by rpki-client