Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/34c01ebb-9e77-41b5-a2ef-1caa5f389bf1.roa
File: 34c01ebb-9e77-41b5-a2ef-1caa5f389bf1.roa (raw, json)
Hash identifier: cSNZLkcUd3AzobeE7aX08gVM/ZVGP6/neE/an9YXhTQ=
Subject key identifier: A8:F3:AC:8F:59:B2:3A:63:D9:A4:21:FD:D0:B2:DF:97:E4:30:3A:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C0D9576E67A31B4B16BF6D520B37EBC4833356E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/34c01ebb-9e77-41b5-a2ef-1caa5f389bf1.roa
Signing time: Wed 29 Oct 2025 07:28:19 +0000
ROA not before: Wed 29 Oct 2025 07:28:19 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:50c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:0d:95:76:e6:7a:31:b4:b1:6b:f6:d5:20:b3:7e:bc:48:33:35:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:28:19 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=3ae21a4603f4d9b678d220b91984f1cef7f0c790a559e6ff4c003393d3b76646, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bd:21:4e:82:b7:ba:4f:f4:f6:4d:08:a0:c3:
9f:7a:e7:12:0e:ed:ee:ef:b0:ea:f8:55:61:b4:76:
c6:9f:42:ed:22:6e:87:f8:ef:9b:bb:d5:36:06:f6:
4f:9a:4f:0d:fe:73:60:5e:fa:29:32:aa:7d:6e:20:
b6:05:3e:02:f8:a8:bf:48:90:cb:14:3c:f7:f2:c4:
f0:80:95:e8:c3:e9:f6:a3:e3:09:d5:d3:99:f8:1e:
d2:ad:a4:89:ca:87:68:c6:47:b5:37:67:76:19:25:
3b:1d:df:7b:85:8f:ab:33:95:31:45:6d:27:cf:c8:
21:5e:32:ba:96:b2:74:d4:13:0d:6a:13:a3:fc:0d:
6d:0f:32:b3:85:9b:43:90:99:db:3d:ac:ed:78:82:
d8:06:a0:fc:b0:50:fd:44:66:e5:06:36:34:4e:75:
22:c6:a4:e2:5a:e2:b7:d0:f7:32:f3:8c:bc:0a:9a:
9f:f5:c6:c0:af:ca:cc:83:b5:03:d8:56:8f:51:26:
68:5f:c8:7a:b8:9b:e1:44:ff:5f:5f:40:95:15:f7:
c2:41:2f:db:46:c0:b0:70:db:14:3d:27:70:7c:06:
a3:e9:91:48:94:18:4d:57:cf:b8:5f:8e:99:63:d1:
51:84:4f:35:27:8f:85:77:13:3e:16:3f:6f:a8:d6:
af:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F3:AC:8F:59:B2:3A:63:D9:A4:21:FD:D0:B2:DF:97:E4:30:3A:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/34c01ebb-9e77-41b5-a2ef-1caa5f389bf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
10:31:f0:2d:60:4b:7d:01:46:3d:ab:d5:c2:54:5b:db:f8:42:
16:83:03:b7:23:23:fb:4a:2f:49:a0:9a:39:d3:73:90:e3:06:
f9:ad:99:0c:28:ad:df:59:1d:48:e2:70:e3:23:81:b8:d2:69:
eb:3e:f2:9b:3c:70:e9:1c:92:d4:96:20:86:86:e7:8f:9a:35:
4f:28:60:c2:60:da:6f:fc:d7:1a:80:ad:eb:bc:f6:70:f1:3b:
54:8b:57:05:00:8f:72:44:db:98:89:c9:ea:cd:30:e7:ba:4f:
cb:f3:f2:c8:16:a5:4c:f2:de:0e:03:6a:2b:92:a3:bc:ae:13:
76:58:0d:16:47:58:88:3c:af:7c:5f:4b:45:23:45:99:a1:8e:
4d:68:dc:8f:39:8c:87:50:a7:bd:22:13:c5:c8:b2:1b:04:93:
4b:5e:86:74:d6:78:60:f8:78:21:9d:3b:a9:43:8c:42:fb:4a:
cb:e5:c3:bc:f6:40:b2:2f:78:a8:e0:21:ae:0e:0e:14:67:ab:
af:42:8e:10:ce:38:2c:6f:b5:0d:99:6c:56:c3:fd:f5:92:13:
cc:bc:cd:97:27:4e:29:9c:04:99:21:04:3a:a3:9f:0c:f0:5c:
f9:5b:8f:08:90:69:b9:1e:ec:b9:53:5f:fc:32:77:1d:c2:c3:
dc:c9:73:0d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDA2VduZ6MbSxa/bVILN+vEgzNW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzI4MTlaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhZTIxYTQ2MDNmNGQ5YjY3OGQyMjBiOTE5ODRmMWNlZjdmMGM3OTBhNTU5
ZTZmZjRjMDAzMzkzZDNiNzY2NDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKm9IU6Ct7pP9PZNCKDDn3rnEg7t7u+w6vhVYbR2xp9C7SJuh/jvm7vVNgb2
T5pPDf5zYF76KTKqfW4gtgU+Aviov0iQyxQ89/LE8ICV6MPp9qPjCdXTmfge0q2k
icqHaMZHtTdndhklOx3fe4WPqzOVMUVtJ8/IIV4yupaydNQTDWoTo/wNbQ8ys4Wb
Q5CZ2z2s7XiC2Aag/LBQ/URm5QY2NE51Isak4lrit9D3MvOMvAqan/XGwK/KzIO1
A9hWj1EmaF/Ierib4UT/X19AlRX3wkEv20bAsHDbFD0ncHwGo+mRSJQYTVfPuF+O
mWPRUYRPNSePhXcTPhY/b6jWr6sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSo86yP
WbI6Y9mkIf3Qst+X5DA6TDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzRjMDFlYmItOWU3Ny00MWI1LWEyZWYtMWNhYTVmMzg5YmYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GpQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAEDHwLWBLfQFGPavVwlRb2/hCFoMDtyMj+0ov
SaCaOdNzkOMG+a2ZDCit31kdSOJw4yOBuNJp6z7ymzxw6RyS1JYghobnj5o1Tyhg
wmDab/zXGoCt67z2cPE7VItXBQCPckTbmInJ6s0w57pPy/PyyBalTPLeDgNqK5Kj
vK4TdlgNFkdYiDyvfF9LRSNFmaGOTWjcjzmMh1CnvSITxciyGwSTS16GdNZ4YPh4
IZ07qUOMQvtKy+XDvPZAsi94qOAhrg4OFGerr0KOEM44LG+1DZlsVsP99ZITzLzN
lydOKZwEmSEEOqOfDPBc+VuPCJBpuR7suVNf/DJ3HcLD3MlzDQ==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:48 2025 by rpki-client