Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
File: 0ca11d15-d37b-4319-9b90-152e667f85ef.roa (raw, json)
Hash identifier: ZosyoG5nCPfTGkiUF7iyJcJJe21Es1WrrvEDVTNAbu8=
Subject key identifier: B6:A1:F8:F3:81:1D:49:95:97:30:99:45:89:1E:74:6B:F0:12:23:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C3AAF582F6C4C1C663AE58A36B6D69B3351B281
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
Signing time: Mon 29 Sep 2025 15:24:05 +0000
ROA not before: Mon 29 Sep 2025 15:24:05 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:3a:af:58:2f:6c:4c:1c:66:3a:e5:8a:36:b6:d6:9b:33:51:b2:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 29 15:24:05 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=15d5c0eb74a0154f9aa1be5bc0f8700b256a2b425489a4fc7138225aa5949147, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e1:ab:09:bc:19:bd:25:67:50:b6:5b:32:30:
24:ea:28:69:be:14:60:87:85:40:4d:29:8c:81:d7:
5c:78:0d:2d:a8:c7:8b:ee:bc:cc:ff:9d:09:c2:14:
ac:99:de:f7:62:e9:c7:34:96:7c:8d:b8:7e:43:fb:
23:5b:e2:97:3d:0f:a7:bb:54:65:4e:a8:b0:b8:c4:
58:18:55:ca:54:1f:27:64:ef:ff:15:2d:b5:b5:d6:
d1:a9:40:bf:9a:68:7b:46:e8:d6:48:f1:b6:7d:6e:
f5:08:aa:55:a9:ee:9d:e4:82:59:41:c3:7c:99:87:
f4:4f:76:99:71:82:44:c4:b9:dd:30:e4:c3:aa:8a:
17:3d:06:d0:8b:cc:c2:2f:6f:12:67:43:87:81:02:
6a:98:73:f4:85:c2:ab:35:a4:47:5f:d7:d0:5f:2f:
78:c6:77:76:d9:9f:2b:b3:80:8a:84:45:24:41:ec:
6c:53:3a:ed:e3:3c:6e:e4:71:0a:66:57:6c:0c:7a:
79:48:12:b7:c0:9a:9c:55:b1:0e:38:46:57:dc:36:
3f:e2:37:9e:0a:52:ff:a0:93:a7:e6:05:62:e9:69:
84:31:bf:4f:ce:84:93:70:43:18:bd:59:55:2c:6e:
cd:53:38:c4:9c:7b:4c:61:9d:02:c3:bd:14:cf:bd:
78:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:A1:F8:F3:81:1D:49:95:97:30:99:45:89:1E:74:6B:F0:12:23:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:98:ad:69:8f:df:cc:ec:70:6f:0d:5f:0b:40:a6:aa:94:18:
12:00:7f:c4:da:9a:f1:87:2f:ac:d1:12:8d:5e:3a:25:1b:ad:
b3:74:a4:8a:eb:bb:20:51:b8:0d:93:e7:99:f9:02:bc:fc:c2:
e3:62:89:1e:39:7f:af:99:47:e8:d2:96:91:4e:32:51:04:50:
b9:75:c6:be:09:f4:09:36:9d:01:e5:5b:4a:1a:3b:3d:48:92:
d9:6e:88:22:07:65:4e:e2:7e:10:12:64:18:7f:3c:1a:50:c1:
ac:0b:11:9b:b4:93:2e:27:a8:e1:ac:4d:54:96:93:b9:7d:c6:
18:b4:a0:ed:e3:b6:ab:1d:f2:3f:fc:b5:4b:10:87:ec:10:20:
87:40:c1:93:a1:f2:d4:11:a1:99:cb:58:f2:97:9b:62:96:ff:
4a:d0:5f:1e:55:d6:48:c5:dd:61:3d:1a:8e:dd:72:84:0f:24:
c0:76:2e:33:bf:8c:19:87:b7:bf:4c:3c:f7:70:3b:87:57:59:
c8:56:6f:e8:78:0c:96:40:91:25:26:14:81:9a:6f:2e:ad:76:
a0:12:7c:7d:7f:3d:60:c1:a5:87:78:9c:17:79:65:21:13:5f:
64:2e:0b:ae:9d:20:93:b5:32:6e:96:ec:ca:7a:54:b2:93:bd:
bf:25:63:fc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPDqvWC9sTBxmOuWKNrbWmzNRsoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjkxNTI0MDVaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1ZDVjMGViNzRhMDE1NGY5YWExYmU1YmMwZjg3MDBiMjU2YTJiNDI1NDg5
YTRmYzcxMzgyMjVhYTU5NDkxNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrhqwm8Gb0lZ1C2WzIwJOooab4UYIeFQE0pjIHXXHgNLajHi+68zP+dCcIU
rJne92LpxzSWfI24fkP7I1vilz0Pp7tUZU6osLjEWBhVylQfJ2Tv/xUttbXW0alA
v5poe0bo1kjxtn1u9QiqVanuneSCWUHDfJmH9E92mXGCRMS53TDkw6qKFz0G0IvM
wi9vEmdDh4ECaphz9IXCqzWkR1/X0F8veMZ3dtmfK7OAioRFJEHsbFM67eM8buRx
CmZXbAx6eUgSt8CanFWxDjhGV9w2P+I3ngpS/6CTp+YFYulphDG/T86Ek3BDGL1Z
VSxuzVM4xJx7TGGdAsO9FM+9eGkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS2ofjz
gR1JlZcwmUWJHnRr8BIjRzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNhMTFkMTUtZDM3Yi00MzE5LTliOTAtMTUyZTY2N2Y4NWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1g
MA0GCSqGSIb3DQEBCwUAA4IBAQComK1pj9/M7HBvDV8LQKaqlBgSAH/E2prxhy+s
0RKNXjolG62zdKSK67sgUbgNk+eZ+QK8/MLjYokeOX+vmUfo0paRTjJRBFC5dca+
CfQJNp0B5VtKGjs9SJLZbogiB2VO4n4QEmQYfzwaUMGsCxGbtJMuJ6jhrE1UlpO5
fcYYtKDt47arHfI//LVLEIfsECCHQMGTofLUEaGZy1jyl5tilv9K0F8eVdZIxd1h
PRqO3XKEDyTAdi4zv4wZh7e/TDz3cDuHV1nIVm/oeAyWQJElJhSBmm8urXagEnx9
fz1gwaWHeJwXeWUhE19kLguunSCTtTJuluzKelSyk72/JWP8
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:25 2025 by rpki-client