Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
File: d58dbbef-7392-498d-b094-189de828de57.roa (raw, json)
Hash identifier: 9LoAVIRPnOT5QTF3RJfYGumQEVgzKxAeB2T9EoeGpXs=
Subject key identifier: A5:66:E1:E6:00:79:62:0C:D8:0F:A9:25:92:A8:06:78:DD:2B:D3:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31281603AA5287906B5B9E41FC22C8B3EF344DB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
Signing time: Fri 31 Oct 2025 01:40:02 +0000
ROA not before: Fri 31 Oct 2025 01:40:02 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:28:16:03:aa:52:87:90:6b:5b:9e:41:fc:22:c8:b3:ef:34:4d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 01:40:02 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=038b2f3230f544866db36544e0811ac9d3186b1eb52b1e9f967373c81c9ce12e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d4:c3:29:9b:96:0d:a7:c2:26:84:59:0e:d8:
d4:aa:f7:8b:01:b7:3d:26:f7:05:03:10:ec:7b:52:
7f:98:67:02:39:34:df:f6:37:33:14:fc:10:7b:1b:
19:ea:81:b5:eb:9e:04:98:38:dd:80:67:e1:70:6c:
c1:21:ff:7a:1a:03:06:27:44:05:ea:31:55:49:36:
56:59:f4:31:af:46:97:de:ec:15:2b:44:dd:0f:f0:
56:64:ba:be:18:74:0d:70:bf:28:1e:c8:5d:dd:2e:
d1:ce:9b:53:85:03:f1:35:cf:51:c6:b9:1a:f6:f2:
8c:4d:03:cc:71:5d:06:e5:84:13:b9:21:05:51:a5:
cd:28:47:72:d4:e1:b3:b9:8f:8f:a2:15:19:61:28:
eb:ea:98:e3:e3:f9:1c:ff:73:b2:10:65:5e:b9:73:
c1:55:68:44:1f:b7:b5:df:d3:03:41:e5:5b:3e:bd:
4d:26:36:ec:f8:59:8e:58:68:c7:98:34:bd:a7:d9:
9e:e2:73:42:14:5f:e3:2a:81:8e:71:8b:62:2f:de:
67:89:fd:20:b1:2f:49:1f:9c:02:7f:5c:4d:eb:a9:
45:e4:5f:3d:3b:82:ac:24:72:bd:53:85:5d:9d:6f:
be:97:f3:78:06:fb:5f:e4:ba:6b:76:f6:4f:7a:1b:
4d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:66:E1:E6:00:79:62:0C:D8:0F:A9:25:92:A8:06:78:DD:2B:D3:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c020::/48
Signature Algorithm: sha256WithRSAEncryption
19:48:d5:ff:b3:c9:b5:ff:87:cd:87:92:10:02:4d:a2:6a:54:
7c:ce:26:36:ae:6c:f1:c7:72:01:ab:bb:bb:db:88:d5:f2:b4:
d6:2f:45:70:6b:32:09:c7:67:73:82:89:8f:5f:c9:d7:3c:0d:
b3:14:83:ee:4f:29:18:8e:70:73:76:39:80:e2:05:3f:44:71:
2a:d1:65:2c:64:3d:24:f3:ac:b4:f3:2c:47:ae:97:3f:b8:eb:
ba:23:ee:d6:85:f4:07:fa:8c:4c:fc:cf:98:44:26:28:88:e9:
b1:3a:dc:49:64:25:78:54:85:75:3e:50:a7:2e:7d:2e:90:96:
9b:7c:ed:3a:1b:58:e3:65:ba:e4:be:6a:9e:98:68:93:ab:7a:
11:c4:7b:99:d9:31:10:e2:49:5b:c1:a5:83:b2:9c:6b:4a:8c:
bf:0e:e7:ed:c2:50:aa:09:3b:e1:60:b3:fd:16:97:99:01:37:
8f:85:b3:fc:a0:ce:a8:d0:f7:2f:93:3b:1b:16:26:33:10:15:
7f:35:a8:22:c7:ef:78:86:aa:7b:a4:2c:9d:e5:2e:7a:34:72:
fc:9f:38:3b:71:19:2b:86:de:86:21:99:b6:c7:6e:22:26:6b:
2a:08:b9:de:e9:fa:87:ac:86:f4:94:6b:9b:ee:5e:48:63:b9:
ae:10:fa:d8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMSgWA6pSh5BrW55B/CLIs+80TbcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMTQwMDJaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzOGIyZjMyMzBmNTQ0ODY2ZGIzNjU0NGUwODExYWM5ZDMxODZiMWViNTJi
MWU5Zjk2NzM3M2M4MWM5Y2UxMmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzUwymblg2nwiaEWQ7Y1Kr3iwG3PSb3BQMQ7HtSf5hnAjk03/Y3MxT8EHsb
GeqBteueBJg43YBn4XBswSH/ehoDBidEBeoxVUk2Vln0Ma9Gl97sFStE3Q/wVmS6
vhh0DXC/KB7IXd0u0c6bU4UD8TXPUca5GvbyjE0DzHFdBuWEE7khBVGlzShHctTh
s7mPj6IVGWEo6+qY4+P5HP9zshBlXrlzwVVoRB+3td/TA0HlWz69TSY27PhZjlho
x5g0vafZnuJzQhRf4yqBjnGLYi/eZ4n9ILEvSR+cAn9cTeupReRfPTuCrCRyvVOF
XZ1vvpfzeAb7X+S6a3b2T3obTZECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSlZuHm
AHliDNgPqSWSqAZ43SvTJzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDU4ZGJiZWYtNzM5Mi00OThkLWIwOTQtMTg5ZGU4MjhkZTU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
IDANBgkqhkiG9w0BAQsFAAOCAQEAGUjV/7PJtf+HzYeSEAJNompUfM4mNq5s8cdy
Aau7u9uI1fK01i9FcGsyCcdnc4KJj1/J1zwNsxSD7k8pGI5wc3Y5gOIFP0RxKtFl
LGQ9JPOstPMsR66XP7jruiPu1oX0B/qMTPzPmEQmKIjpsTrcSWQleFSFdT5Qpy59
LpCWm3ztOhtY42W65L5qnphok6t6EcR7mdkxEOJJW8Glg7Kca0qMvw7n7cJQqgk7
4WCz/RaXmQE3j4Wz/KDOqND3L5M7GxYmMxAVfzWoIsfveIaqe6QsneUuejRy/J84
O3EZK4behiGZtsduIiZrKgi53un6h6yG9JRrm+5eSGO5rhD62A==
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:14:21 2025 by rpki-client