Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
File: 533769c8-002c-491c-9b99-324fe9f5743c.roa (raw, json)
Hash identifier: S0AwU5M663JcHM9kyPfIE8VpaBAYx4OEIARmbGQvBSU=
Subject key identifier: EF:CA:AC:AA:54:B6:00:19:70:31:EF:D5:B3:38:1B:DC:1C:60:D3:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AF1AD481EEC1412E541E7B9B275C3D8D89AF814
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
Signing time: Sat 15 Nov 2025 05:40:48 +0000
ROA not before: Sat 15 Nov 2025 05:40:48 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d022::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:f1:ad:48:1e:ec:14:12:e5:41:e7:b9:b2:75:c3:d8:d8:9a:f8:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 05:40:48 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=a4ba6c5710e91fd758ea83a4f725895562ae2aa542ef8cc33689bd06a2eb44c4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c1:fb:4b:ef:1a:dd:6b:a2:60:10:e7:b3:13:
04:fe:6e:88:78:9e:86:75:40:27:33:6d:f8:b7:b3:
bd:d1:db:2b:42:59:43:c1:bf:b3:16:f2:8a:36:eb:
8f:c3:9c:9a:42:9f:ee:a3:b8:36:e7:49:9c:22:f7:
9b:42:92:81:32:ae:5d:28:b6:c7:f2:ee:1c:e0:13:
39:ec:d7:5d:4d:1e:1a:1e:3d:8b:b1:a1:48:d6:ac:
d3:ca:eb:57:08:7a:35:e9:f1:2a:6e:7c:65:4f:0c:
00:83:3b:06:c8:d0:8c:08:00:09:e4:e1:ea:88:4d:
e7:ab:cf:77:5b:04:65:f3:5f:8a:79:34:d4:ad:f9:
3a:c3:7b:6e:fb:26:88:6c:55:9c:c4:bd:58:ca:ec:
f4:b2:08:a4:7d:1a:9d:1f:8f:30:28:c1:d6:f9:9c:
5b:81:e3:79:ee:c7:15:98:0d:cc:b3:06:ef:4a:19:
6d:ba:18:56:43:5d:eb:51:a4:e4:bf:69:57:28:b4:
e1:fd:c8:66:0f:ea:2a:03:93:bd:e6:99:bd:be:ce:
43:ce:30:cc:93:e4:89:bf:f3:44:0a:16:01:97:99:
a2:99:e5:2b:3f:29:1a:17:51:48:0a:75:d6:22:93:
5b:53:3e:06:c0:3f:85:2a:ed:b5:d2:06:8c:5e:7a:
1a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:CA:AC:AA:54:B6:00:19:70:31:EF:D5:B3:38:1B:DC:1C:60:D3:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d022::/36
Signature Algorithm: sha256WithRSAEncryption
8e:5d:f9:a4:4a:27:86:f3:55:f2:39:98:8f:60:7d:67:e3:d1:
1c:dd:b4:0a:0a:2d:cb:d6:60:e3:c1:5a:17:6a:fd:15:e1:93:
07:a7:e2:78:13:6a:95:24:d8:f9:6f:df:7e:d1:b5:0f:5d:85:
64:69:d3:0a:77:85:bc:6a:04:c2:b1:f8:d1:5b:22:88:9d:bf:
1b:73:71:f3:fb:c5:33:18:e4:5a:53:fc:74:cc:8f:4f:b6:00:
8d:8c:44:fd:10:6c:94:7a:71:20:2f:a4:2d:4d:ba:a6:4d:42:
70:8a:d3:b8:18:dc:e8:10:68:33:ea:2f:f1:66:09:ae:00:4b:
30:12:54:cf:eb:8d:8d:8f:00:28:da:8f:ed:94:46:5f:4e:2a:
2f:87:4b:d8:8e:f8:71:1f:d8:5c:1e:a4:51:dc:83:42:50:bd:
82:a7:ca:61:d0:a3:63:51:fd:09:5b:ba:28:a7:5d:11:bc:5f:
dc:23:15:73:5a:2e:1a:3c:81:52:96:39:d4:91:ef:fe:54:16:
74:9a:8d:46:58:63:4c:98:ca:e9:72:75:3b:21:63:49:2b:04:
0e:5f:f7:b0:80:77:03:a7:6e:9f:95:4f:79:b6:d7:85:7b:61:
ae:fc:55:8f:d8:0a:e4:36:61:76:4a:2e:f4:29:01:d1:a4:34:
14:1f:e0:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOvGtSB7sFBLlQee5snXD2Nia+BQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMTUwNTQwNDhaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0YmE2YzU3MTBlOTFmZDc1OGVhODNhNGY3MjU4OTU1NjJhZTJhYTU0MmVm
OGNjMzM2ODliZDA2YTJlYjQ0YzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLB+0vvGt1romAQ57MTBP5uiHiehnVAJzNt+LezvdHbK0JZQ8G/sxbyijbr
j8OcmkKf7qO4NudJnCL3m0KSgTKuXSi2x/LuHOATOezXXU0eGh49i7GhSNas08rr
Vwh6NenxKm58ZU8MAIM7BsjQjAgACeTh6ohN56vPd1sEZfNfink01K35OsN7bvsm
iGxVnMS9WMrs9LIIpH0anR+PMCjB1vmcW4Hjee7HFZgNzLMG70oZbboYVkNd61Gk
5L9pVyi04f3IZg/qKgOTveaZvb7OQ84wzJPkib/zRAoWAZeZopnlKz8pGhdRSAp1
1iKTW1M+BsA/hSrttdIGjF56Gl8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTvyqyq
VLYAGXAx79WzOBvcHGDTMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMzNzY5YzgtMDAyYy00OTFjLTliOTktMzI0ZmU5ZjU3NDNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CIA
MA0GCSqGSIb3DQEBCwUAA4IBAQCOXfmkSieG81XyOZiPYH1n49Ec3bQKCi3L1mDj
wVoXav0V4ZMHp+J4E2qVJNj5b99+0bUPXYVkadMKd4W8agTCsfjRWyKInb8bc3Hz
+8UzGORaU/x0zI9PtgCNjET9EGyUenEgL6QtTbqmTUJwitO4GNzoEGgz6i/xZgmu
AEswElTP642NjwAo2o/tlEZfTiovh0vYjvhxH9hcHqRR3INCUL2Cp8ph0KNjUf0J
W7oop10RvF/cIxVzWi4aPIFSljnUke/+VBZ0mo1GWGNMmMrpcnU7IWNJKwQOX/ew
gHcDp26flU95tteFe2Gu/FWP2ArkNmF2Si70KQHRpDQUH+BQ
-----END CERTIFICATE-----
Generated at Tue Nov 18 08:51:41 2025 by rpki-client