Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd47a5a2-5bb4-4fe1-bd59-7f64ed4bfa2b.roa
File: cd47a5a2-5bb4-4fe1-bd59-7f64ed4bfa2b.roa (raw, json)
Hash identifier: ZGkO5TJ5Cu/QNHJ/PaT9j84RezY+U3ZZMbtBGXfeeDo=
Subject key identifier: 3C:F6:37:ED:F6:00:E8:F5:18:C8:D4:C9:50:57:9C:98:66:30:7C:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B13A6115F9CD3B8098A8F909D16348A7D49D952
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd47a5a2-5bb4-4fe1-bd59-7f64ed4bfa2b.roa
Signing time: Wed 29 Oct 2025 07:36:42 +0000
ROA not before: Wed 29 Oct 2025 07:36:42 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:c020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:13:a6:11:5f:9c:d3:b8:09:8a:8f:90:9d:16:34:8a:7d:49:d9:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:42 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=1663fd945a9b0942a263c76a91d8d5b0fa72ef0446a544265fc33d985072b65a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5a:4c:6c:c3:33:22:68:c1:87:15:98:3b:99:
01:80:07:02:76:43:74:b3:79:12:0a:12:17:3c:b9:
23:50:4f:45:15:38:ab:72:c6:64:c5:bd:11:04:99:
31:84:98:24:05:47:b1:94:95:ca:c2:ff:46:0a:ea:
26:45:1f:19:4f:3f:6a:7b:81:1e:39:3d:cb:77:c1:
dc:1e:29:a0:0d:6e:cb:22:04:85:e2:15:4f:e3:15:
77:2f:12:aa:68:82:c3:8f:84:cb:4a:28:0b:52:96:
9d:90:3b:31:22:34:f6:e3:c2:b9:c5:12:32:90:63:
87:5e:3a:30:29:eb:60:e4:89:7e:29:40:e1:a0:13:
b8:55:4c:c3:85:57:97:8b:40:3d:b7:b9:c2:d4:57:
6c:5c:fd:6e:27:0d:eb:8a:88:0d:f4:b6:bc:f1:11:
41:35:97:b2:2e:31:1d:cd:6d:40:4b:67:1d:ca:30:
43:b1:36:3e:a2:c7:bf:ef:1d:66:56:0e:9c:b7:94:
27:f3:8b:e7:d7:7f:f5:ad:53:d0:64:bb:f6:fc:8a:
8c:06:3a:b9:16:64:74:9d:c9:bf:b1:03:1a:6b:c5:
8d:bb:8e:6c:cc:72:96:8a:95:a4:a0:55:a8:c0:a1:
d0:e6:28:6d:ad:6c:b3:7b:3a:46:5b:4e:3c:22:ca:
fa:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F6:37:ED:F6:00:E8:F5:18:C8:D4:C9:50:57:9C:98:66:30:7C:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd47a5a2-5bb4-4fe1-bd59-7f64ed4bfa2b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:c020::/48
Signature Algorithm: sha256WithRSAEncryption
5e:a6:39:c1:90:60:0a:33:a7:e0:8f:c5:e6:3b:c0:f7:f2:57:
b7:0c:93:75:6a:f5:4d:9d:42:55:04:6d:8f:bf:a9:b1:09:65:
90:d5:51:02:4b:f7:dd:60:94:c3:a9:00:b6:b6:bc:31:49:e5:
a9:11:95:b6:54:d6:87:4d:9f:32:8c:2c:c1:32:58:0e:64:e0:
a0:f1:a8:e6:f0:b3:18:03:77:84:aa:d6:dd:0e:81:2e:81:7c:
40:cf:77:8c:fc:de:a1:34:73:b3:ef:0a:52:c3:7d:a1:6c:81:
b8:be:28:d0:66:e2:ca:5f:97:1a:53:af:04:5b:94:60:ba:f5:
ce:00:6c:aa:5c:26:9f:51:b1:3f:89:d5:b9:e7:ff:ee:2f:35:
13:0d:dd:8e:a9:eb:d2:29:af:ae:aa:90:32:b4:cb:43:4b:9f:
8b:22:4d:be:d4:a4:ea:09:71:de:3b:fe:73:92:ce:ae:c7:6b:
39:d4:4a:68:e2:b4:4a:ec:2f:61:d8:d5:3d:5c:f5:e1:37:ce:
09:3c:9b:60:a4:3f:70:0f:16:14:7f:94:fe:0c:c2:53:b0:ab:
ab:67:95:5f:d7:90:dd:20:29:5f:fb:3b:ed:f7:0f:fe:b1:dd:
60:e6:43:a9:5d:03:3e:1b:d6:87:9b:76:7a:9e:72:65:bb:10:
c1:fd:6c:f7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOxOmEV+c07gJio+QnRY0in1J2VIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NDJaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2NjNmZDk0NWE5YjA5NDJhMjYzYzc2YTkxZDhkNWIwZmE3MmVmMDQ0NmE1
NDQyNjVmYzMzZDk4NTA3MmI2NWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFaTGzDMyJowYcVmDuZAYAHAnZDdLN5EgoSFzy5I1BPRRU4q3LGZMW9EQSZ
MYSYJAVHsZSVysL/RgrqJkUfGU8/anuBHjk9y3fB3B4poA1uyyIEheIVT+MVdy8S
qmiCw4+Ey0ooC1KWnZA7MSI09uPCucUSMpBjh146MCnrYOSJfilA4aATuFVMw4VX
l4tAPbe5wtRXbFz9bicN64qIDfS2vPERQTWXsi4xHc1tQEtnHcowQ7E2PqLHv+8d
ZlYOnLeUJ/OL59d/9a1T0GS79vyKjAY6uRZkdJ3Jv7EDGmvFjbuObMxyloqVpKBV
qMCh0OYoba1ss3s6RltOPCLK+rECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ89jft
9gDo9RjI1MlQV5yYZjB8GzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Q0N2E1YTItNWJiNC00ZmUxLWJkNTktN2Y2NGVkNGJmYTJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GrA
IDANBgkqhkiG9w0BAQsFAAOCAQEAXqY5wZBgCjOn4I/F5jvA9/JXtwyTdWr1TZ1C
VQRtj7+psQllkNVRAkv33WCUw6kAtra8MUnlqRGVtlTWh02fMowswTJYDmTgoPGo
5vCzGAN3hKrW3Q6BLoF8QM93jPzeoTRzs+8KUsN9oWyBuL4o0Gbiyl+XGlOvBFuU
YLr1zgBsqlwmn1GxP4nVuef/7i81Ew3djqnr0imvrqqQMrTLQ0ufiyJNvtSk6glx
3jv+c5LOrsdrOdRKaOK0SuwvYdjVPVz14TfOCTybYKQ/cA8WFH+U/gzCU7Crq2eV
X9eQ3SApX/s77fcP/rHdYOZDqV0DPhvWh5t2ep5yZbsQwf1s9w==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:48 2025 by rpki-client