Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
File: 5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa (raw, json)
Hash identifier: h0UlSd1mRdn5RRU/T1XjipLIOUzQYk1dnn4tUz6wKbY=
Subject key identifier: 07:57:9E:39:AE:97:BC:50:29:C5:77:E4:C3:21:CF:A1:43:74:09:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F85A5D0C69BE5B9140BF34F3C8B466EF6B8AF36
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
Signing time: Tue 04 Nov 2025 02:50:02 +0000
ROA not before: Tue 04 Nov 2025 02:50:02 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:85:a5:d0:c6:9b:e5:b9:14:0b:f3:4f:3c:8b:46:6e:f6:b8:af:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:02 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=24c3b30846b667d64445e24b6332e6c931c9f9f027b310b84e6c8c54d08587cb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:15:7a:7f:6e:64:8e:1a:fc:76:c0:9c:21:85:
89:4f:6e:55:3d:dd:97:ff:a8:6e:3b:c2:56:02:7a:
0c:ba:8d:30:27:d7:d0:63:8d:b7:f7:36:a6:ba:36:
7a:5c:44:05:f7:3f:aa:fb:76:c3:c0:ba:01:51:51:
bd:4f:66:8e:75:6e:86:80:64:c1:b3:51:66:bd:90:
9a:32:41:8b:2a:61:89:4e:f1:cc:b9:b2:1e:e3:e9:
7a:63:83:22:15:c3:41:87:b0:df:01:78:99:67:a9:
1a:e9:a5:a3:16:d8:91:b9:db:3f:42:07:fe:91:6b:
e2:59:a6:ac:5c:74:a5:e0:03:09:a1:4c:74:9e:89:
aa:b2:d9:63:63:7b:82:b1:2c:37:b9:44:29:03:91:
ea:ee:77:9e:64:a3:37:4f:61:a2:4e:0f:71:98:a7:
dd:a0:03:ca:6b:77:7e:2d:a1:a0:29:f4:ea:1a:16:
78:9f:50:8f:e5:37:dc:6d:03:fc:32:e7:08:b9:5d:
1a:67:b8:ae:6f:0d:52:a0:4d:2d:1d:b3:77:9d:be:
26:13:eb:9a:6b:e2:47:b6:7e:85:58:9b:ae:a7:f5:
df:a7:73:3f:29:3c:21:90:a3:e3:ea:2e:3f:ed:6c:
0e:ea:04:33:01:63:95:06:5d:5e:41:37:88:a5:20:
c5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:57:9E:39:AE:97:BC:50:29:C5:77:E4:C3:21:CF:A1:43:74:09:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:9000::/40
Signature Algorithm: sha256WithRSAEncryption
a1:b3:d1:ee:24:5f:25:0e:18:e9:7e:64:cd:27:74:ea:24:89:
23:a9:2f:75:dc:0e:20:cd:17:6f:0c:53:ed:82:07:fb:01:7c:
ce:5e:c0:91:a5:2f:bd:f9:1f:c3:ef:ef:09:5c:7d:fd:3c:ad:
04:80:b9:4e:f2:87:ae:6c:9a:bd:bb:91:fc:c2:16:11:f2:c8:
c8:80:5a:66:d7:e9:dc:81:3d:0b:69:1e:dd:dc:0b:75:e5:76:
a8:7e:82:59:0a:b8:f3:69:1c:6a:0a:7b:a1:ec:8e:37:0d:7f:
78:49:d8:30:5f:90:32:b5:9b:70:5b:f4:ab:b3:be:49:fe:fc:
37:a1:37:4a:fe:17:8e:11:ac:52:70:9a:27:f6:db:23:35:a2:
4a:23:d5:56:f7:82:f5:c0:f0:eb:e7:4d:43:fe:fd:4a:68:41:
9b:a2:24:67:db:3d:9b:f3:2c:3d:9c:02:3d:42:7b:02:1e:73:
b2:9d:ab:88:6c:f1:16:2f:4a:7e:a5:44:ff:25:72:ad:11:38:
be:75:ae:ec:53:65:1a:85:d9:ed:aa:fb:1f:4d:63:7b:a9:75:
a7:c0:bb:35:55:56:6d:e4:55:7f:19:93:bd:69:31:fb:c8:4e:
de:e1:be:70:95:17:e5:7a:02:37:12:17:e8:ed:6d:63:56:b7:
cc:34:0d:61
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP4Wl0Mab5bkUC/NPPItGbva4rzYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwMDJaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0YzNiMzA4NDZiNjY3ZDY0NDQ1ZTI0YjYzMzJlNmM5MzFjOWY5ZjAyN2Iz
MTBiODRlNmM4YzU0ZDA4NTg3Y2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIkVen9uZI4a/HbAnCGFiU9uVT3dl/+objvCVgJ6DLqNMCfX0GONt/c2pro2
elxEBfc/qvt2w8C6AVFRvU9mjnVuhoBkwbNRZr2QmjJBiyphiU7xzLmyHuPpemOD
IhXDQYew3wF4mWepGumloxbYkbnbP0IH/pFr4lmmrFx0peADCaFMdJ6JqrLZY2N7
grEsN7lEKQOR6u53nmSjN09hok4PcZin3aADymt3fi2hoCn06hoWeJ9Qj+U33G0D
/DLnCLldGme4rm8NUqBNLR2zd52+JhPrmmviR7Z+hVibrqf136dzPyk8IZCj4+ou
P+1sDuoEMwFjlQZdXkE3iKUgxVcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQHV545
rpe8UCnFd+TDIc+hQ3QJKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQzN2RjMTUtMTIyNC00OTAxLWFhYjEtN2Y3ZjMwZmU2MWM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQChs9HuJF8lDhjpfmTNJ3TqJIkjqS913A4gzRdv
DFPtggf7AXzOXsCRpS+9+R/D7+8JXH39PK0EgLlO8oeubJq9u5H8whYR8sjIgFpm
1+ncgT0LaR7d3At15XaofoJZCrjzaRxqCnuh7I43DX94SdgwX5AytZtwW/Srs75J
/vw3oTdK/heOEaxScJon9tsjNaJKI9VW94L1wPDr501D/v1KaEGboiRn2z2b8yw9
nAI9QnsCHnOynauIbPEWL0p+pUT/JXKtETi+da7sU2UahdntqvsfTWN7qXWnwLs1
VVZt5FV/GZO9aTH7yE7e4b5wlRflegI3Ehfo7W1jVrfMNA1h
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:51 2025 by rpki-client