Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
File: 0ca11d15-d37b-4319-9b90-152e667f85ef.roa (raw, json)
Hash identifier: R2tAiZTPjiK0R+H4ihYR1VpNk+BQeqzI5QEOx1Jgz2o=
Subject key identifier: 9F:8D:42:CF:82:DD:22:BC:6F:10:36:85:0E:DF:00:11:A0:D7:4E:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44EDB48E2C9DCBE14E3347C6EDA3DF1682210EB0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
Signing time: Fri 24 Oct 2025 00:20:10 +0000
ROA not before: Fri 24 Oct 2025 00:20:10 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:ed:b4:8e:2c:9d:cb:e1:4e:33:47:c6:ed:a3:df:16:82:21:0e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:10 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=6f1da5c104c1758860d3b02e2236014cffd53ac546e7a20520f10a6bea9d5ab7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:bf:67:9a:24:34:2d:0c:31:b5:3d:d3:fd:13:
90:ce:3e:96:97:7d:d9:ff:5f:e0:05:db:34:74:cd:
e8:85:5c:fd:e0:37:db:82:e8:2d:6b:5b:3f:9e:57:
92:9c:82:a4:7d:70:6a:26:6c:db:e0:77:44:8d:d9:
7a:c5:e7:5f:0f:eb:ff:bc:a0:46:f7:96:e5:f3:e9:
80:fd:2f:63:de:42:13:3d:1c:80:bf:c9:61:8d:b3:
0e:d7:fd:41:1c:c5:19:14:d4:58:6a:2a:80:b2:6c:
ac:e9:ac:72:a6:f5:bf:b4:68:e5:f0:fe:02:08:86:
68:62:39:05:9a:51:be:60:8a:b4:28:ca:f3:ee:81:
98:9c:f8:a4:5c:92:ca:b8:17:55:be:0c:53:bb:c2:
63:85:37:53:1e:1e:38:70:c5:d3:e2:8c:e1:e3:3d:
85:16:23:67:aa:70:04:12:d6:bb:e7:e2:ad:d7:a1:
bc:56:41:bd:44:14:c4:fc:42:86:1e:b7:3a:38:93:
fa:48:a6:31:f8:9e:7b:22:d3:fb:6d:bc:1f:f2:1c:
cd:0a:93:43:fb:2f:89:86:36:5d:b6:b2:35:46:ff:
d1:1e:df:bc:09:8b:20:db:d0:32:e3:ac:f6:d1:79:
20:a0:e9:f4:e1:c8:0e:59:21:31:d5:50:8f:8d:72:
0f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:8D:42:CF:82:DD:22:BC:6F:10:36:85:0E:DF:00:11:A0:D7:4E:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6000::/40
Signature Algorithm: sha256WithRSAEncryption
4a:c0:b3:e4:04:11:3c:1e:9e:30:70:2d:65:69:dd:fb:aa:6e:
3c:1e:56:67:1a:88:87:70:87:76:05:02:e6:71:62:53:a5:18:
6f:bc:f7:e6:3e:05:8e:8c:4c:1e:9c:3f:a5:3f:ce:79:49:0d:
fa:e6:90:5d:61:4d:6a:c8:c2:f4:ad:e4:92:8d:af:f7:ef:d8:
da:59:0f:2a:ad:c3:2e:29:a1:3b:fe:7d:c8:07:16:0f:20:03:
2f:3d:ab:a3:b2:0b:53:f7:fa:6e:94:8c:3a:68:02:bb:f1:25:
81:ee:97:35:fa:06:57:0b:8f:7c:27:a2:a1:28:ab:24:34:17:
75:05:df:c9:eb:99:6d:27:cb:79:ee:ff:08:79:43:9a:fe:9d:
39:00:2c:0d:cc:46:01:a4:c4:22:f0:66:cb:8a:2c:d0:f5:a7:
bd:75:65:79:af:45:5b:4d:9a:b3:ad:b3:85:ae:b2:dd:4f:8f:
be:41:d6:a6:0f:19:9a:3e:c9:89:ff:ae:7a:11:eb:6a:35:01:
6d:13:46:00:ea:60:21:93:02:66:86:79:24:a4:98:52:91:a8:
70:8f:93:6d:1e:74:1f:87:b1:fa:03:8a:68:69:41:54:7c:77:
01:b5:5b:39:2c:4e:c4:7b:e2:98:dc:dd:24:cb:33:07:fb:62:
b3:71:46:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURO20jiydy+FOM0fG7aPfFoIhDrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMTBaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmMWRhNWMxMDRjMTc1ODg2MGQzYjAyZTIyMzYwMTRjZmZkNTNhYzU0NmU3
YTIwNTIwZjEwYTZiZWE5ZDVhYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOG/Z5okNC0MMbU90/0TkM4+lpd92f9f4AXbNHTN6IVc/eA324LoLWtbP55X
kpyCpH1waiZs2+B3RI3ZesXnXw/r/7ygRveW5fPpgP0vY95CEz0cgL/JYY2zDtf9
QRzFGRTUWGoqgLJsrOmscqb1v7Ro5fD+AgiGaGI5BZpRvmCKtCjK8+6BmJz4pFyS
yrgXVb4MU7vCY4U3Ux4eOHDF0+KM4eM9hRYjZ6pwBBLWu+firdehvFZBvUQUxPxC
hh63OjiT+kimMfieeyLT+228H/IczQqTQ/sviYY2XbayNUb/0R7fvAmLINvQMuOs
9tF5IKDp9OHIDlkhMdVQj41yD08CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSfjULP
gt0ivG8QNoUO3wARoNdOPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNhMTFkMTUtZDM3Yi00MzE5LTliOTAtMTUyZTY2N2Y4NWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1g
MA0GCSqGSIb3DQEBCwUAA4IBAQBKwLPkBBE8Hp4wcC1lad37qm48HlZnGoiHcId2
BQLmcWJTpRhvvPfmPgWOjEwenD+lP855SQ365pBdYU1qyML0reSSja/379jaWQ8q
rcMuKaE7/n3IBxYPIAMvPaujsgtT9/pulIw6aAK78SWB7pc1+gZXC498J6KhKKsk
NBd1Bd/J65ltJ8t57v8IeUOa/p05ACwNzEYBpMQi8GbLiizQ9ae9dWV5r0VbTZqz
rbOFrrLdT4++QdamDxmaPsmJ/656EetqNQFtE0YA6mAhkwJmhnkkpJhSkahwj5Nt
HnQfh7H6A4poaUFUfHcBtVs5LE7Ee+KY3N0kyzMH+2KzcUZ3
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:34 2025 by rpki-client