Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c47d9bf7-3e9b-4ad5-958a-dde7cadfa89f.roa
File: c47d9bf7-3e9b-4ad5-958a-dde7cadfa89f.roa (raw, json)
Hash identifier: bGJubOJvQV6QfQ12EOBDWBMWDBt8lskRGwMVS8W17wk=
Subject key identifier: CA:44:11:68:3A:54:7F:4A:B5:7F:27:92:09:1C:B3:C5:52:51:41:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E9A069996CDD18699F465248E7A0C4E922D1A2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c47d9bf7-3e9b-4ad5-958a-dde7cadfa89f.roa
Signing time: Fri 31 Oct 2025 00:40:08 +0000
ROA not before: Fri 31 Oct 2025 00:40:08 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:40c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:9a:06:99:96:cd:d1:86:99:f4:65:24:8e:7a:0c:4e:92:2d:1a:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 00:40:08 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=f0f3726c17544e652de9553b99ba4ca772356fe7168bddecf228f63fbb51e5db, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:4b:5e:3e:a3:74:81:5f:83:fd:d4:c9:e0:91:
3a:d9:1f:0f:76:cb:39:b1:74:86:ee:12:df:7e:f5:
95:28:61:2d:6e:c9:39:4f:43:b7:86:46:2d:a8:9d:
e9:78:86:8c:3f:08:4c:2b:e3:1d:33:81:71:37:fb:
ed:ca:5d:23:ea:12:9f:78:25:08:c0:ab:db:aa:d4:
2b:65:a0:eb:2f:ad:6b:20:77:68:e2:00:a8:3b:a9:
68:28:54:ea:69:69:91:35:ac:e3:2c:e5:11:7e:f4:
a5:c1:9c:e2:e5:da:ee:cb:ed:fc:50:f0:cb:99:6c:
0c:89:cb:0b:f1:4b:fe:74:b0:56:f1:73:d5:ca:9d:
fb:0e:59:98:97:b0:74:b8:74:be:83:23:26:79:03:
cd:53:ec:7d:e2:1d:5e:e9:05:56:88:9c:1b:19:c2:
f8:e7:61:70:99:24:91:26:d0:0f:fa:3a:99:02:ed:
e9:ec:f9:70:5b:52:f9:39:43:ec:22:48:01:bb:e7:
51:23:a1:fe:8f:bf:2d:14:72:56:11:6d:5d:2b:bc:
c4:b8:b7:cc:9c:bb:24:19:01:b2:14:df:75:26:6c:
91:e7:77:06:fd:bb:e8:5d:a1:e8:54:db:ef:33:78:
cd:2c:dd:7f:ca:82:0b:b9:fe:9d:49:69:db:7b:0c:
9b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:44:11:68:3A:54:7F:4A:B5:7F:27:92:09:1C:B3:C5:52:51:41:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c47d9bf7-3e9b-4ad5-958a-dde7cadfa89f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:40c0::/46
Signature Algorithm: sha256WithRSAEncryption
23:7c:40:25:61:f0:c9:09:b0:bb:06:c4:24:68:65:15:2f:44:
65:20:8e:94:5f:2f:d7:85:a4:5e:54:08:aa:1f:7a:48:fa:a4:
10:f7:3e:e7:9f:46:0b:b5:a3:77:52:87:d3:3e:5b:4e:a5:e3:
5f:7c:92:09:27:b8:0e:fe:c4:fd:73:af:f4:4c:1e:a7:be:09:
82:52:f0:3e:8b:d8:bd:bc:11:e3:2a:9d:af:75:b7:12:26:e6:
32:6d:96:4e:90:dc:81:c4:57:f4:28:fd:d0:f5:ce:67:3c:f1:
3a:e7:a2:90:02:6b:9c:5c:9f:20:40:7f:d1:bf:a2:81:50:ef:
03:d9:50:11:8a:3f:da:c4:0e:c6:30:a2:bf:14:e9:9b:86:52:
18:16:c4:a1:a9:a9:89:5a:c0:d7:1e:d2:bb:8d:f5:2a:77:61:
a6:20:90:5b:50:2d:19:32:ec:f1:cf:8f:19:6a:3f:b7:89:ef:
c9:26:08:a7:7b:9b:63:c7:9a:f6:1d:ec:35:16:b3:20:df:62:
5e:63:4d:84:23:37:fd:ff:1a:74:04:e8:2b:df:80:63:8e:eb:
be:f6:46:17:fb:cc:3e:ea:eb:ec:21:18:88:7a:ae:ce:e4:90:
41:ed:68:a7:50:88:0e:56:78:26:fb:fe:98:73:39:9f:af:97:
66:06:ff:21
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHpoGmZbN0YaZ9GUkjnoMTpItGi4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMDQwMDhaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwZjM3MjZjMTc1NDRlNjUyZGU5NTUzYjk5YmE0Y2E3NzIzNTZmZTcxNjhi
ZGRlY2YyMjhmNjNmYmI1MWU1ZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOBLXj6jdIFfg/3UyeCROtkfD3bLObF0hu4S3371lShhLW7JOU9Dt4ZGLaid
6XiGjD8ITCvjHTOBcTf77cpdI+oSn3glCMCr26rUK2Wg6y+tayB3aOIAqDupaChU
6mlpkTWs4yzlEX70pcGc4uXa7svt/FDwy5lsDInLC/FL/nSwVvFz1cqd+w5ZmJew
dLh0voMjJnkDzVPsfeIdXukFVoicGxnC+OdhcJkkkSbQD/o6mQLt6ez5cFtS+TlD
7CJIAbvnUSOh/o+/LRRyVhFtXSu8xLi3zJy7JBkBshTfdSZsked3Bv276F2h6FTb
7zN4zSzdf8qCC7n+nUlp23sMm/ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTKRBFo
OlR/SrV/J5IJHLPFUlFB0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQ3ZDliZjctM2U5Yi00YWQ1LTk1OGEtZGRlN2NhZGZhODlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNA
wDANBgkqhkiG9w0BAQsFAAOCAQEAI3xAJWHwyQmwuwbEJGhlFS9EZSCOlF8v14Wk
XlQIqh96SPqkEPc+559GC7Wjd1KH0z5bTqXjX3ySCSe4Dv7E/XOv9Ewep74JglLw
PovYvbwR4yqdr3W3EibmMm2WTpDcgcRX9Cj90PXOZzzxOueikAJrnFyfIEB/0b+i
gVDvA9lQEYo/2sQOxjCivxTpm4ZSGBbEoampiVrA1x7Su431KndhpiCQW1AtGTLs
8c+PGWo/t4nvySYIp3ubY8ea9h3sNRazIN9iXmNNhCM3/f8adAToK9+AY47rvvZG
F/vMPurr7CEYiHquzuSQQe1op1CIDlZ4Jvv+mHM5n6+XZgb/IQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:28:08 2025 by rpki-client