Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
File: d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa (raw, json)
Hash identifier: 1tlW6e9w/K87sqxxcOyUJbqEiEC3Fx61WsC8LbngdK0=
Subject key identifier: 99:B4:CF:EF:1E:E2:D8:05:79:46:94:67:1B:26:55:B3:1E:7A:63:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08B693656870E5776D383BA19A738088F2BC81BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
Signing time: Fri 24 Oct 2025 00:20:32 +0000
ROA not before: Fri 24 Oct 2025 00:20:32 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01f::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:b6:93:65:68:70:e5:77:6d:38:3b:a1:9a:73:80:88:f2:bc:81:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:32 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=dee2243f0295ed26d5a018f0cac3ddf2d4e9aeb39149f208ce647d33b2569162, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:04:20:ac:a1:cc:9b:69:ae:85:37:57:5a:64:
5e:49:00:05:a1:47:4e:82:fe:6c:dd:80:f2:be:66:
27:6f:70:7a:eb:2b:68:ee:2b:99:5d:83:b4:08:ae:
e3:6d:8d:73:9d:43:5d:96:6d:df:1e:98:27:1d:f9:
c8:bf:0c:d9:1a:7c:55:41:1d:23:22:37:f0:be:1e:
23:b2:33:dc:24:55:81:46:8b:ae:b8:81:cf:fa:00:
a2:08:c3:3b:28:cf:4e:17:ee:2d:53:7b:bc:5a:38:
9a:9d:f2:30:58:4a:cd:ca:de:51:38:8c:ff:e1:cd:
db:bf:df:7a:91:22:af:0f:04:ad:22:0f:e8:62:89:
12:00:17:6d:7c:ab:8e:8f:a6:12:74:04:af:e2:a9:
b2:f3:35:3a:06:4b:b6:81:fd:be:00:0d:64:b0:96:
69:d8:38:0d:d3:22:c8:76:f2:cd:7c:51:b4:28:1a:
c0:f5:b1:95:92:e3:75:74:d5:1b:22:5a:c1:85:98:
dc:49:b2:ca:08:b4:2a:ef:3c:ff:50:b1:40:5d:d1:
e1:61:df:09:7f:79:d8:b1:6d:80:e1:fe:5d:3f:e1:
3e:38:cb:4d:55:fc:41:73:a4:5c:35:2c:b5:9e:c6:
7f:ef:40:a0:09:9d:46:ed:db:fd:9c:54:98:00:c8:
29:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B4:CF:EF:1E:E2:D8:05:79:46:94:67:1B:26:55:B3:1E:7A:63:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01f::/37
Signature Algorithm: sha256WithRSAEncryption
c2:df:29:e6:e6:52:a1:4b:c8:ae:6d:c6:fc:33:3d:4a:0e:dd:
a3:f6:9e:d6:84:69:91:3c:b5:5f:ae:71:a9:3b:5f:e4:68:8c:
65:da:71:84:4d:0b:2d:bd:36:8d:c9:17:a9:6d:35:63:1b:26:
8a:02:72:e9:a7:fb:5d:4e:37:40:0b:8a:e7:ef:1b:51:ab:93:
ac:2e:6d:f9:0b:fb:35:0b:ae:23:ad:5e:06:d6:d1:9b:44:ae:
69:7e:b9:9f:90:4b:ed:1f:54:aa:66:0d:3e:64:25:bf:f8:2f:
3d:c8:8c:98:61:4c:18:a2:02:8d:22:6e:7c:7f:4d:78:04:16:
43:60:16:5b:f2:e0:bc:88:ed:55:c8:d8:4b:86:3e:c1:f5:7b:
bb:0f:0d:02:e6:2e:28:b6:fe:e0:4b:ed:a0:8a:ca:2b:b5:e4:
56:53:2a:09:02:6a:8d:55:c0:11:81:b8:b9:ef:c7:9c:cc:5e:
2a:0b:41:9f:ab:4b:2a:ac:32:66:85:2d:3d:d0:3f:af:7f:48:
86:44:4a:22:1a:dd:35:15:ca:92:b7:5e:9a:ff:7d:97:64:1e:
4a:be:92:6f:f6:d8:91:a5:90:af:80:b8:c9:86:12:ed:c6:c4:
24:23:62:fd:a7:b1:d4:cd:e0:77:ef:29:4f:78:7e:a6:5c:da:
f3:3e:fe:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCLaTZWhw5XdtODuhmnOAiPK8gbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMzJaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlZTIyNDNmMDI5NWVkMjZkNWEwMThmMGNhYzNkZGYyZDRlOWFlYjM5MTQ5
ZjIwOGNlNjQ3ZDMzYjI1NjkxNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgEIKyhzJtproU3V1pkXkkABaFHToL+bN2A8r5mJ29weusraO4rmV2DtAiu
422Nc51DXZZt3x6YJx35yL8M2Rp8VUEdIyI38L4eI7Iz3CRVgUaLrriBz/oAogjD
OyjPThfuLVN7vFo4mp3yMFhKzcreUTiM/+HN27/fepEirw8ErSIP6GKJEgAXbXyr
jo+mEnQEr+KpsvM1OgZLtoH9vgANZLCWadg4DdMiyHbyzXxRtCgawPWxlZLjdXTV
GyJawYWY3Emyygi0Ku88/1CxQF3R4WHfCX952LFtgOH+XT/hPjjLTVX8QXOkXDUs
tZ7Gf+9AoAmdRu3b/ZxUmADIKWcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSZtM/v
HuLYBXlGlGcbJlWzHnpjVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJlNWNkMTEtZTMzYi00MDgwLTkxZDUtZjU1MGYxZDdhMGI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B8A
MA0GCSqGSIb3DQEBCwUAA4IBAQDC3ynm5lKhS8iubcb8Mz1KDt2j9p7WhGmRPLVf
rnGpO1/kaIxl2nGETQstvTaNyRepbTVjGyaKAnLpp/tdTjdAC4rn7xtRq5OsLm35
C/s1C64jrV4G1tGbRK5pfrmfkEvtH1SqZg0+ZCW/+C89yIyYYUwYogKNIm58f014
BBZDYBZb8uC8iO1VyNhLhj7B9Xu7Dw0C5i4otv7gS+2gisorteRWUyoJAmqNVcAR
gbi578eczF4qC0Gfq0sqrDJmhS090D+vf0iGREoiGt01FcqSt16a/32XZB5KvpJv
9tiRpZCvgLjJhhLtxsQkI2L9p7HUzeB37ylPeH6mXNrzPv5p
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:21 2025 by rpki-client