Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11b6f817-9b7c-4713-a998-67a8a2a5a379.roa
File: 11b6f817-9b7c-4713-a998-67a8a2a5a379.roa (raw, json)
Hash identifier: mZuItSCgYYjQqgKkBZE2I8ZzTPwDQQmxK7cj+HC83CU=
Subject key identifier: 75:79:CA:9C:DE:45:2E:67:C4:1F:18:AB:4A:D3:E2:8C:8D:FB:27:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0BF27539B8ACEC2BC0F6487A10A7098A13A8EA62
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11b6f817-9b7c-4713-a998-67a8a2a5a379.roa
Signing time: Wed 29 Oct 2025 07:36:45 +0000
ROA not before: Wed 29 Oct 2025 07:36:45 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:f2:75:39:b8:ac:ec:2b:c0:f6:48:7a:10:a7:09:8a:13:a8:ea:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:45 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=1ab6ac7b5b16f4b6240795c15ad3939743144916f5fe24d17d267d7e7740bc49, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:70:04:94:e6:9e:01:0f:bf:6c:7d:62:a3:b9:
77:22:34:a3:76:aa:87:77:02:1a:ce:78:c2:f9:20:
33:b3:cc:92:9c:62:94:c2:64:5a:de:ae:b7:c5:f2:
1c:1c:85:6a:e9:ed:e8:dd:e0:e6:6b:81:a5:88:26:
f8:1c:b3:39:53:9f:ce:7a:7e:91:4a:e6:64:e6:00:
24:72:8f:86:2d:41:1b:61:a4:a4:49:7b:8a:94:3e:
56:37:c4:c4:72:72:d1:9a:98:f5:9b:f9:35:ab:96:
f2:21:26:d8:4b:e4:21:b7:94:ab:f7:16:5e:5a:09:
96:97:52:3c:f8:05:5b:b7:1f:12:64:69:52:25:42:
75:81:1a:ca:81:db:ce:51:02:aa:a8:d0:09:d5:8a:
2d:e8:6b:e4:ee:41:f3:b0:99:8c:dc:c7:04:f8:36:
47:48:d7:df:52:b1:af:45:17:5d:4b:08:3a:3c:5d:
fb:d6:aa:21:c1:a3:2e:51:cd:21:12:47:91:64:0e:
d9:a7:6c:fd:11:f7:14:66:d9:ad:46:a5:d8:96:cb:
c6:b9:32:a4:4d:8e:84:f4:1e:2d:c0:fa:c2:ac:0f:
28:4e:2a:86:a0:24:95:df:e2:20:10:9b:23:59:36:
b1:d3:e8:c9:b2:f6:e6:46:62:84:88:25:d5:1a:3b:
44:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:79:CA:9C:DE:45:2E:67:C4:1F:18:AB:4A:D3:E2:8C:8D:FB:27:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11b6f817-9b7c-4713-a998-67a8a2a5a379.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
8d:0a:53:ee:a3:c1:bc:1d:e2:11:07:14:d0:fd:c7:f6:90:46:
bd:de:e9:49:ac:44:96:2f:51:4f:db:ad:a5:6d:b3:1e:91:bb:
50:e7:49:f4:04:03:87:05:68:09:67:7a:09:8c:78:12:95:41:
80:5e:20:5e:09:cd:f6:b2:45:d1:c4:b7:8d:04:5b:23:a1:f5:
3e:62:91:15:9b:74:15:f5:22:b0:e5:c5:79:dc:ff:69:e6:77:
4e:f1:52:7f:f0:cf:3e:ac:21:1f:5c:b9:f7:df:81:b0:59:e7:
fd:e0:a0:34:ee:9a:3f:ee:ca:ad:4b:ff:b1:94:a3:98:6f:80:
71:24:cc:0e:9c:66:3f:5d:29:7b:af:ca:b8:a3:8e:b5:a1:d5:
f4:6a:55:57:53:f2:11:15:ec:f5:54:dc:f2:93:11:24:7b:23:
a4:26:82:36:61:1c:28:58:6c:4d:08:0e:42:3d:c2:15:7d:c7:
f3:7d:06:62:e0:cf:26:05:de:e9:8c:fa:74:4b:99:e6:01:2e:
81:e0:d8:47:f3:b2:8b:42:80:6d:eb:34:23:a3:30:d4:16:a8:
a3:2d:c9:59:a8:72:fb:4f:19:9a:20:cb:a2:8f:31:d4:63:a8:
b2:a6:77:86:a3:3e:49:50:0e:21:2f:35:e1:66:ba:c8:3e:20:
7b:0c:91:e1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUC/J1Obis7CvA9kh6EKcJihOo6mIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NDVaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhYjZhYzdiNWIxNmY0YjYyNDA3OTVjMTVhZDM5Mzk3NDMxNDQ5MTZmNWZl
MjRkMTdkMjY3ZDdlNzc0MGJjNDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5wBJTmngEPv2x9YqO5dyI0o3aqh3cCGs54wvkgM7PMkpxilMJkWt6ut8Xy
HByFaunt6N3g5muBpYgm+ByzOVOfznp+kUrmZOYAJHKPhi1BG2GkpEl7ipQ+VjfE
xHJy0ZqY9Zv5NauW8iEm2EvkIbeUq/cWXloJlpdSPPgFW7cfEmRpUiVCdYEayoHb
zlECqqjQCdWKLehr5O5B87CZjNzHBPg2R0jX31Kxr0UXXUsIOjxd+9aqIcGjLlHN
IRJHkWQO2ads/RH3FGbZrUal2JbLxrkypE2OhPQeLcD6wqwPKE4qhqAkld/iIBCb
I1k2sdPoybL25kZihIgl1Ro7RIECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR1ecqc
3kUuZ8QfGKtK0+KMjfsnBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFiNmY4MTctOWI3Yy00NzEzLWE5OTgtNjdhOGEyYTVhMzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Grg
wDANBgkqhkiG9w0BAQsFAAOCAQEAjQpT7qPBvB3iEQcU0P3H9pBGvd7pSaxEli9R
T9utpW2zHpG7UOdJ9AQDhwVoCWd6CYx4EpVBgF4gXgnN9rJF0cS3jQRbI6H1PmKR
FZt0FfUisOXFedz/aeZ3TvFSf/DPPqwhH1y599+BsFnn/eCgNO6aP+7KrUv/sZSj
mG+AcSTMDpxmP10pe6/KuKOOtaHV9GpVV1PyERXs9VTc8pMRJHsjpCaCNmEcKFhs
TQgOQj3CFX3H830GYuDPJgXe6Yz6dEuZ5gEugeDYR/Oyi0KAbes0I6Mw1Baooy3J
Wahy+08ZmiDLoo8x1GOosqZ3hqM+SVAOIS814Wa6yD4gewyR4Q==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:44 2025 by rpki-client