Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa
File: 11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa (raw, json)
Hash identifier: oVGMRPM5d0czYEoJrzp3IzCulyFFeS3AFoI4Nstb7Iw=
Subject key identifier: 51:EC:F5:7D:BD:1F:8D:67:5D:F7:E3:B9:1F:EC:1D:6E:E2:22:1A:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32D2396F449AE547B98F325AAED9BE260E5EDD41
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa
Signing time: Tue 21 Oct 2025 14:31:11 +0000
ROA not before: Tue 21 Oct 2025 14:31:11 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:d2:39:6f:44:9a:e5:47:b9:8f:32:5a:ae:d9:be:26:0e:5e:dd:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:31:11 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=44f2988001aea50a9553d9459a85fd9ba2c96a3c02a1c1e08e421f630a0c8a4f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8a:27:04:72:12:cf:ec:a6:63:aa:4e:6d:a1:
98:ee:bd:c4:44:2e:8d:35:14:43:d1:0e:f6:1a:10:
7c:5a:f7:f9:80:11:e7:bd:db:31:7c:a7:1b:68:5b:
fd:83:d0:7e:18:2b:6b:37:68:64:7c:8d:57:96:51:
ce:e8:39:98:fd:ae:68:0b:85:39:ad:75:53:4b:f1:
23:24:6e:81:c5:0c:48:7d:95:6e:11:4b:9b:fd:34:
a3:a0:d0:5d:0e:72:ea:36:c7:b9:0d:8e:bc:86:73:
c1:eb:5e:ea:66:f9:98:4b:9d:40:1c:62:96:44:4d:
93:ae:e2:5c:db:92:8f:a6:cc:81:bb:c9:c6:c7:1e:
58:5d:1c:f2:8f:7f:88:89:42:69:0d:b9:eb:62:5a:
3d:0c:2a:58:a4:81:3c:2d:12:6c:16:45:b4:36:f2:
01:ed:81:35:e4:2e:18:41:61:23:09:20:6d:20:8b:
30:46:f6:7a:f3:68:8f:1f:0e:34:79:a9:8a:03:57:
07:fd:07:94:33:0f:bf:ef:f8:f3:6e:25:88:22:11:
a5:74:c9:45:d6:db:68:a6:50:b4:c7:01:37:34:b5:
e6:a0:7f:08:9f:64:ed:2e:90:1c:d3:26:c8:73:2d:
43:c8:00:80:a0:bd:40:94:7a:f1:25:c5:3c:00:4c:
63:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:EC:F5:7D:BD:1F:8D:67:5D:F7:E3:B9:1F:EC:1D:6E:E2:22:1A:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b:800::/37
Signature Algorithm: sha256WithRSAEncryption
98:8c:03:97:fd:3e:41:f5:df:9e:ba:47:a1:05:12:95:0c:0d:
66:05:03:f9:ee:99:b5:76:b8:59:85:cf:89:86:e0:ca:42:41:
a0:ed:33:53:e2:73:ae:61:76:f2:5f:f7:e7:1d:ed:f4:96:a1:
ed:c6:1c:4f:f4:ea:ea:82:b8:c9:d0:48:f8:b0:26:15:f6:a7:
5c:40:fa:0b:9c:7a:19:4d:3e:e9:43:e5:54:fb:25:62:91:2a:
8f:73:8f:c1:b2:d2:e1:f0:0e:bd:96:84:85:b2:81:d0:db:88:
ed:89:6b:36:53:2f:1c:22:81:88:a9:62:f4:c7:78:43:06:31:
fb:e5:17:60:f2:5b:a4:fc:12:cd:b9:b0:99:8e:99:9b:a3:d0:
0e:87:6e:d8:59:76:31:60:d5:a5:e9:43:67:05:3a:5a:25:10:
e8:bd:b6:d9:7f:13:00:0c:5d:89:a4:d4:e2:7b:88:1b:11:3e:
01:be:ad:3c:58:a3:52:a9:3a:9b:ff:e6:9f:be:f0:a5:3d:2e:
57:3b:b9:75:72:d9:76:2a:27:6b:59:71:13:9d:f1:64:50:19:
1a:17:3e:a2:eb:55:60:5f:5e:c0:30:a1:c7:1e:c4:17:7c:e7:
3e:b7:ec:be:95:aa:a6:62:7d:32:cf:88:6d:3e:07:5d:b7:fc:
dd:ec:c4:28
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMtI5b0Sa5Ue5jzJartm+Jg5e3UEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMxMTFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0ZjI5ODgwMDFhZWE1MGE5NTUzZDk0NTlhODVmZDliYTJjOTZhM2MwMmEx
YzFlMDhlNDIxZjYzMGEwYzhhNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeKJwRyEs/spmOqTm2hmO69xEQujTUUQ9EO9hoQfFr3+YAR573bMXynG2hb
/YPQfhgrazdoZHyNV5ZRzug5mP2uaAuFOa11U0vxIyRugcUMSH2VbhFLm/00o6DQ
XQ5y6jbHuQ2OvIZzwete6mb5mEudQBxilkRNk67iXNuSj6bMgbvJxsceWF0c8o9/
iIlCaQ2562JaPQwqWKSBPC0SbBZFtDbyAe2BNeQuGEFhIwkgbSCLMEb2evNojx8O
NHmpigNXB/0HlDMPv+/4824liCIRpXTJRdbbaKZQtMcBNzS15qB/CJ9k7S6QHNMm
yHMtQ8gAgKC9QJR68SXFPABMY2sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRR7PV9
vR+NZ13347kf7B1u4iIa9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFjMTUwZmMtZGNiNS00MDJjLTliZjAtNWE0NmMyYjU4ZDM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsI
MA0GCSqGSIb3DQEBCwUAA4IBAQCYjAOX/T5B9d+eukehBRKVDA1mBQP57pm1drhZ
hc+JhuDKQkGg7TNT4nOuYXbyX/fnHe30lqHtxhxP9OrqgrjJ0Ej4sCYV9qdcQPoL
nHoZTT7pQ+VU+yVikSqPc4/BstLh8A69loSFsoHQ24jtiWs2Uy8cIoGIqWL0x3hD
BjH75Rdg8luk/BLNubCZjpmbo9AOh27YWXYxYNWl6UNnBTpaJRDovbbZfxMADF2J
pNTie4gbET4Bvq08WKNSqTqb/+afvvClPS5XO7l1ctl2KidrWXETnfFkUBkaFz6i
61VgX17AMKHHHsQXfOc+t+y+laqmYn0yz4htPgddt/zd7MQo
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:21 2025 by rpki-client