Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
File: f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa (raw, json)
Hash identifier: aINH7ZtG9slX6X6w/E+9LwbEHg+IDXswJ63T/x2HohE=
Subject key identifier: DD:3E:F7:D0:C9:9F:10:9D:53:0F:F3:9D:2B:EA:76:39:B5:5E:8C:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D150B57C6AFDFC3721CB7729C535012141C19E0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
Signing time: Fri 31 Oct 2025 00:40:05 +0000
ROA not before: Fri 31 Oct 2025 00:40:05 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:15:0b:57:c6:af:df:c3:72:1c:b7:72:9c:53:50:12:14:1c:19:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 00:40:05 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=49807568f67fd67a6fefebfd1e746d0c0f1c45c67eab57f863b20c8b7bf2bc4f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3b:d5:25:aa:05:88:f6:1b:ba:0a:e6:9f:5d:
e4:09:00:1e:d3:67:f4:e6:da:ab:b0:f9:21:39:e0:
2f:8f:37:8a:11:b6:ad:39:9f:98:d0:74:4a:b0:88:
d4:00:b9:0b:82:17:cb:6e:a3:61:af:69:3f:7e:f6:
71:26:88:85:6d:6b:88:b6:4b:ac:67:e0:97:7b:ae:
22:c3:80:bf:ff:ab:49:59:50:8d:58:de:32:7d:ed:
8c:9d:6e:c7:f8:01:9f:fd:df:58:36:a4:64:c0:84:
7f:fa:df:9f:75:58:3e:ae:55:d1:bb:a7:40:2b:48:
1a:fe:2b:48:fd:2c:c5:29:62:21:16:4b:85:94:be:
2c:05:6d:eb:58:b3:04:db:fc:ad:8b:67:2b:46:d6:
c0:90:3b:96:92:95:9f:90:eb:79:92:3a:f7:be:ca:
bc:df:35:76:80:20:53:a3:68:21:79:33:b9:80:fa:
0b:92:12:3e:7c:eb:09:cb:28:0c:42:f7:6b:52:02:
4f:8e:ec:db:0e:73:7d:bc:6c:c5:c0:94:56:d8:46:
ff:56:c2:6f:0d:d1:d0:81:bf:10:81:0a:a0:ae:76:
12:ad:95:9a:62:45:b6:9e:77:31:85:4e:4d:e6:7a:
91:01:65:c9:be:c3:02:7a:ed:ff:7f:53:27:b5:bd:
2d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3E:F7:D0:C9:9F:10:9D:53:0F:F3:9D:2B:EA:76:39:B5:5E:8C:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
14:d5:83:5b:3d:43:cd:e2:03:4f:ce:57:da:99:9d:dd:b4:f7:
e6:06:2d:a1:71:b7:47:fd:3d:52:58:69:d8:7d:ee:60:98:03:
30:6b:b3:1f:f0:41:6d:07:d8:e4:10:11:df:50:00:d8:64:8c:
9e:e8:4e:b5:a9:33:a5:9d:90:ae:eb:aa:db:ab:3c:18:a3:69:
b4:f7:f4:98:40:2b:c5:a1:3b:76:ff:d9:65:73:e0:6e:77:7a:
c9:0c:12:48:be:0f:56:8b:fe:55:bc:17:28:3f:59:b9:0c:9e:
20:6d:a1:d3:44:ef:49:e3:01:9e:22:03:a6:1b:fd:89:bb:c2:
f6:ba:71:4c:fb:80:1d:46:74:82:d4:ac:3f:1c:67:06:53:0d:
ab:20:70:01:4c:66:d0:f7:4b:42:47:f5:48:b0:ac:f4:b7:7b:
c8:d7:cc:ae:d9:2e:7c:42:1b:3c:c8:be:50:1a:41:f6:fd:46:
5d:bc:a3:69:88:d4:1a:a5:bf:f3:48:c2:eb:75:ea:c2:c1:e1:
e1:56:47:a2:1a:07:fb:ed:3a:96:7a:b4:39:8a:72:2b:c0:3f:
d3:56:cb:12:17:63:4c:ac:d1:dc:2e:13:69:8c:1a:3b:6c:63:
60:8c:82:8c:38:61:19:ec:c5:9f:e6:d2:53:45:7a:2e:07:68:
f1:bd:b1:c7
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUbRULV8av38NyHLdynFNQEhQcGeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMDQwMDVaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5ODA3NTY4ZjY3ZmQ2N2E2ZmVmZWJmZDFlNzQ2ZDBjMGYxYzQ1YzY3ZWFi
NTdmODYzYjIwYzhiN2JmMmJjNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJM71SWqBYj2G7oK5p9d5AkAHtNn9Obaq7D5ITngL483ihG2rTmfmNB0SrCI
1AC5C4IXy26jYa9pP372cSaIhW1riLZLrGfgl3uuIsOAv/+rSVlQjVjeMn3tjJ1u
x/gBn/3fWDakZMCEf/rfn3VYPq5V0bunQCtIGv4rSP0sxSliIRZLhZS+LAVt61iz
BNv8rYtnK0bWwJA7lpKVn5DreZI6977KvN81doAgU6NoIXkzuYD6C5ISPnzrCcso
DEL3a1ICT47s2w5zfbxsxcCUVthG/1bCbw3R0IG/EIEKoK52Eq2VmmJFtp53MYVO
TeZ6kQFlyb7DAnrt/39TJ7W9LdECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTdPvfQ
yZ8QnVMP850r6nY5tV6MRzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjEzZjU0NDQtMzc3YS00ZTUxLWExYzctMTBjMmEzYTNkNmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBABTVg1s9Q83iA0/OV9qZnd209+YGLaFxt0f9PVJY
adh97mCYAzBrsx/wQW0H2OQQEd9QANhkjJ7oTrWpM6WdkK7rqturPBijabT39JhA
K8WhO3b/2WVz4G53eskMEki+D1aL/lW8Fyg/WbkMniBtodNE70njAZ4iA6Yb/Ym7
wva6cUz7gB1GdILUrD8cZwZTDasgcAFMZtD3S0JH9UiwrPS3e8jXzK7ZLnxCGzzI
vlAaQfb9Rl28o2mI1Bqlv/NIwut16sLB4eFWR6IaB/vtOpZ6tDmKcivAP9NWyxIX
Y0ys0dwuE2mMGjtsY2CMgow4YRnsxZ/m0lNFei4HaPG9scc=
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:28:38 2025 by rpki-client