Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
File: 8553b3da-6a47-43ee-87d3-5259a23c371b.roa (raw, json)
Hash identifier: qN3D5xbam/XISY5dgZ6j3T/+cB6/fwCCOsWl/VCMWPU=
Subject key identifier: 94:E1:17:6E:33:21:56:AB:D2:B0:2B:18:F8:A9:D5:D6:E1:E0:E0:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30B3683F0F58EF16BB7F2F1851D7F6392CD689AC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
Signing time: Sat 15 Nov 2025 06:20:04 +0000
ROA not before: Sat 15 Nov 2025 06:20:04 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:b3:68:3f:0f:58:ef:16:bb:7f:2f:18:51:d7:f6:39:2c:d6:89:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 06:20:04 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=502ceecda9807ac19e6702e2360b45fc1616705dcc46c378c3a600211dc7a4c4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7b:6d:6e:8c:4c:e9:06:57:8b:2a:7a:9f:70:
03:95:e2:23:46:7f:f1:41:13:4d:f3:c5:96:f2:23:
41:96:8b:0a:46:2d:4f:b4:08:e7:dc:64:15:ef:31:
2a:02:63:15:87:65:2a:b0:c7:07:47:d6:8b:98:8e:
06:86:87:45:93:64:c1:4c:65:75:f1:0c:4f:0f:ff:
b3:47:f4:d5:0f:1a:aa:9f:b3:84:34:03:c2:b2:0f:
08:43:90:34:66:b9:5f:af:53:a7:57:bf:bb:91:77:
6b:76:31:d1:69:d9:30:ec:8c:b3:79:71:72:2f:4c:
fa:c2:a8:13:f0:d3:06:67:b1:7e:7c:8d:38:03:51:
aa:97:7f:af:1a:f0:29:88:bf:08:d3:47:30:a9:b7:
44:f4:5d:46:0c:b0:b4:01:4f:8a:c7:d2:30:75:cb:
4d:32:76:1c:c8:c6:87:c6:03:ab:30:f0:9c:81:ed:
b0:6b:39:32:ef:ee:fe:a8:b5:a9:93:26:70:8e:6d:
9d:eb:0b:bd:86:0c:99:ff:14:2c:04:d1:16:2e:d1:
2f:8a:ba:5f:81:ab:8c:ea:7f:30:fb:ac:54:c2:95:
0a:e8:e0:0a:01:e7:6c:eb:41:c0:07:67:8c:33:f1:
fd:5a:1a:d6:dd:b9:d3:a1:ef:06:5f:12:05:20:6d:
14:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E1:17:6E:33:21:56:AB:D2:B0:2B:18:F8:A9:D5:D6:E1:E0:E0:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:2000::/40
Signature Algorithm: sha256WithRSAEncryption
ad:46:c9:24:f6:dc:b5:32:bd:d4:e3:86:6b:aa:44:54:02:52:
c6:0a:e9:c1:4b:7f:e7:b4:4e:1b:17:7d:ec:82:38:fd:01:69:
d3:6c:6a:d1:8b:18:fd:3a:6d:a7:74:94:16:aa:18:3e:7a:9e:
f6:27:83:03:08:3d:27:5a:0e:d4:95:40:ef:85:d8:13:a4:45:
bb:12:e4:59:f2:ae:b3:f4:6f:ba:42:cd:af:53:ca:c6:84:20:
50:d9:f0:db:03:75:db:37:b1:b2:7f:1c:ea:80:33:90:2c:22:
66:0d:61:1a:ec:6a:30:d1:b3:9c:9c:48:e4:e8:af:13:21:f1:
e6:43:b1:d1:e0:09:48:af:0b:cc:af:7e:62:d6:5f:9b:5a:be:
3a:52:ab:c1:36:30:63:d8:29:37:b3:ba:4e:c6:c5:99:49:46:
16:38:3b:95:4a:f2:22:f6:ab:50:10:ec:1c:42:39:a6:09:b0:
ac:5a:0a:20:a5:e1:57:99:43:93:72:4c:4e:61:6f:e2:07:8c:
86:40:1f:48:c3:64:47:5d:c8:b7:1e:6b:30:dd:69:bf:a6:9b:
ba:c3:9d:e4:92:32:6e:f7:b8:60:c8:54:9e:6e:11:98:6e:4b:
87:38:80:99:01:0c:a6:55:28:32:6f:7b:a3:9c:52:57:6d:5a:
4e:b3:01:2c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMLNoPw9Y7xa7fy8YUdf2OSzWiawwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMTUwNjIwMDRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwMmNlZWNkYTk4MDdhYzE5ZTY3MDJlMjM2MGI0NWZjMTYxNjcwNWRjYzQ2
YzM3OGMzYTYwMDIxMWRjN2E0YzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZ7bW6MTOkGV4sqep9wA5XiI0Z/8UETTfPFlvIjQZaLCkYtT7QI59xkFe8x
KgJjFYdlKrDHB0fWi5iOBoaHRZNkwUxldfEMTw//s0f01Q8aqp+zhDQDwrIPCEOQ
NGa5X69Tp1e/u5F3a3Yx0WnZMOyMs3lxci9M+sKoE/DTBmexfnyNOANRqpd/rxrw
KYi/CNNHMKm3RPRdRgywtAFPisfSMHXLTTJ2HMjGh8YDqzDwnIHtsGs5Mu/u/qi1
qZMmcI5tnesLvYYMmf8ULATRFi7RL4q6X4GrjOp/MPusVMKVCujgCgHnbOtBwAdn
jDPx/Voa1t2506HvBl8SBSBtFPsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSU4Rdu
MyFWq9KwKxj4qdXW4eDgJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODU1M2IzZGEtNmE0Ny00M2VlLTg3ZDMtNTI1OWEyM2MzNzFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEg
MA0GCSqGSIb3DQEBCwUAA4IBAQCtRskk9ty1Mr3U44ZrqkRUAlLGCunBS3/ntE4b
F33sgjj9AWnTbGrRixj9Om2ndJQWqhg+ep72J4MDCD0nWg7UlUDvhdgTpEW7EuRZ
8q6z9G+6Qs2vU8rGhCBQ2fDbA3XbN7GyfxzqgDOQLCJmDWEa7Gow0bOcnEjk6K8T
IfHmQ7HR4AlIrwvMr35i1l+bWr46UqvBNjBj2Ck3s7pOxsWZSUYWODuVSvIi9qtQ
EOwcQjmmCbCsWgogpeFXmUOTckxOYW/iB4yGQB9Iw2RHXci3Hmsw3Wm/ppu6w53k
kjJu97hgyFSebhGYbkuHOICZAQymVSgyb3ujnFJXbVpOswEs
-----END CERTIFICATE-----
Generated at Sat Nov 15 17:58:08 2025 by rpki-client