Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b37c46d-5f10-445b-9772-1120143beab3.roa
File: 8b37c46d-5f10-445b-9772-1120143beab3.roa (raw, json)
Hash identifier: lhhR4pZaONg5Ia56BSa/ed8pjYembi+MxT+hOwqyEwI=
Subject key identifier: 36:D8:26:8F:5B:9B:28:43:28:4D:91:F6:E5:0A:C3:BE:D1:A5:16:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C32FF81124EC4598EA0C3CC94F60A3AB93B77ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b37c46d-5f10-445b-9772-1120143beab3.roa
Signing time: Wed 29 Oct 2025 07:28:25 +0000
ROA not before: Wed 29 Oct 2025 07:28:25 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:32:ff:81:12:4e:c4:59:8e:a0:c3:cc:94:f6:0a:3a:b9:3b:77:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:28:25 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=cb8b98d71087eb88cfd61717924f6cbd0001ab182ab66cdb123f435bdacb9265, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0c:66:31:29:1b:eb:bf:d6:81:5e:64:e9:26:
ec:7c:d1:14:1f:c1:d2:ce:ab:ff:77:49:30:d6:d1:
31:1e:d0:1a:5b:4d:d5:64:b0:69:e4:cd:f9:80:60:
e3:ab:74:43:f3:c5:dd:03:89:0a:73:9c:b0:f9:e5:
c4:ec:36:89:fe:f9:39:02:15:c2:cb:0a:e9:6c:2d:
96:53:23:db:79:36:a7:28:de:56:32:44:d1:a7:9e:
62:b4:ec:da:b0:fb:76:64:2b:e7:ec:c9:60:26:47:
10:3f:c5:db:03:0d:8a:37:46:47:57:5d:98:bd:03:
60:34:32:6a:11:f8:8a:94:6e:f8:1d:c5:c7:f0:6c:
4f:1b:16:c5:0b:82:f7:03:00:71:2b:d6:c8:58:1e:
7d:a3:1f:2a:b0:ce:2d:f5:67:7b:0a:3e:e6:32:95:
58:2c:1b:04:fe:9b:47:33:8c:f6:1a:a3:1b:8e:5b:
cd:a1:54:40:43:17:44:6e:8a:df:5f:d6:e4:46:71:
b7:a3:3e:3d:be:79:c1:87:73:0c:2b:9b:63:fc:d2:
02:08:90:1b:8b:df:b0:73:8f:a7:e1:f6:a7:29:ed:
60:57:16:f6:07:38:26:bb:96:0d:98:f3:cd:2c:cc:
7b:f0:1b:f5:8f:b6:13:d7:86:87:1b:0c:62:75:2b:
c4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D8:26:8F:5B:9B:28:43:28:4D:91:F6:E5:0A:C3:BE:D1:A5:16:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b37c46d-5f10-445b-9772-1120143beab3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:9080::/48
Signature Algorithm: sha256WithRSAEncryption
54:46:3b:b6:b8:f1:f8:c0:9f:f9:e5:a8:87:d7:1d:88:79:b0:
22:58:03:c1:8e:24:82:84:66:a4:63:b9:75:98:08:10:cc:b6:
2e:c7:75:1e:82:c3:39:70:b1:7b:e5:98:cf:78:a6:be:58:a8:
cd:8b:6e:13:0c:8c:50:30:68:d7:bf:f2:22:24:79:b3:1d:99:
ac:8f:2d:c8:00:a4:13:b5:93:7e:f0:89:70:aa:a2:f9:66:5d:
ee:c6:d9:03:80:b2:c0:6e:93:cd:07:63:02:e8:91:03:ab:2e:
f4:88:80:8c:9e:76:4e:c8:7c:16:04:58:ab:0b:23:bc:6d:0b:
92:2e:4a:25:eb:13:cb:17:07:39:f0:80:7e:8e:30:83:4e:72:
ce:dc:ed:a4:8a:b3:ab:46:6a:90:2c:e3:b3:5e:a0:79:b6:89:
d6:2d:df:85:64:22:19:88:cd:c7:f9:5f:5a:8d:c1:f5:aa:5f:
81:11:5e:1a:18:ee:24:70:a9:1b:9d:60:c2:d7:52:27:18:87:
cb:f0:44:04:e9:7b:d0:a6:a4:95:f6:67:ef:be:33:cc:7e:59:
1a:23:b6:00:2a:19:d4:2f:cc:21:07:a2:df:e2:31:43:86:c9:
d0:9a:dc:d7:f9:8f:61:6f:81:59:72:42:bd:98:11:0f:6e:d2:
a5:7b:cb:66
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULDL/gRJOxFmOoMPMlPYKOrk7d+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzI4MjVaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiOGI5OGQ3MTA4N2ViODhjZmQ2MTcxNzkyNGY2Y2JkMDAwMWFiMTgyYWI2
NmNkYjEyM2Y0MzViZGFjYjkyNjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsMZjEpG+u/1oFeZOkm7HzRFB/B0s6r/3dJMNbRMR7QGltN1WSwaeTN+YBg
46t0Q/PF3QOJCnOcsPnlxOw2if75OQIVwssK6WwtllMj23k2pyjeVjJE0aeeYrTs
2rD7dmQr5+zJYCZHED/F2wMNijdGR1ddmL0DYDQyahH4ipRu+B3Fx/BsTxsWxQuC
9wMAcSvWyFgefaMfKrDOLfVnewo+5jKVWCwbBP6bRzOM9hqjG45bzaFUQEMXRG6K
31/W5EZxt6M+Pb55wYdzDCubY/zSAgiQG4vfsHOPp+H2pyntYFcW9gc4JruWDZjz
zSzMe/Ab9Y+2E9eGhxsMYnUrxOkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ22CaP
W5soQyhNkfblCsO+0aUWlzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGIzN2M0NmQtNWYxMC00NDViLTk3NzItMTEyMDE0M2JlYWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GqQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAVEY7trjx+MCf+eWoh9cdiHmwIlgDwY4kgoRm
pGO5dZgIEMy2Lsd1HoLDOXCxe+WYz3imvliozYtuEwyMUDBo17/yIiR5sx2ZrI8t
yACkE7WTfvCJcKqi+WZd7sbZA4CywG6TzQdjAuiRA6su9IiAjJ52Tsh8FgRYqwsj
vG0Lki5KJesTyxcHOfCAfo4wg05yztztpIqzq0ZqkCzjs16gebaJ1i3fhWQiGYjN
x/lfWo3B9apfgRFeGhjuJHCpG51gwtdSJxiHy/BEBOl70KaklfZn774zzH5ZGiO2
ACoZ1C/MIQei3+IxQ4bJ0Jrc1/mPYW+BWXJCvZgRD27SpXvLZg==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:55:01 2025 by rpki-client