Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/715ce244-d76a-4faa-8b30-81259801a7e8.roa
File: 715ce244-d76a-4faa-8b30-81259801a7e8.roa (raw, json)
Hash identifier: TisSmS+1BGBGCUO8Vo/pZDvbpNXJMXkTRLFdMtBwhXY=
Subject key identifier: 35:CC:55:6D:81:D0:3B:14:6D:87:CF:9A:F9:7D:8F:E8:68:71:96:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69D9A64C50C02D76D3C2501CF407DC3A8E28E853
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/715ce244-d76a-4faa-8b30-81259801a7e8.roa
Signing time: Tue 04 Nov 2025 02:50:40 +0000
ROA not before: Tue 04 Nov 2025 02:50:40 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:d9:a6:4c:50:c0:2d:76:d3:c2:50:1c:f4:07:dc:3a:8e:28:e8:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:40 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=e29b304aba092e19bec7fa597f95466576b6951b81f0e4b2b83a3f2ad47b5004, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4f:30:84:38:88:40:ef:96:55:1f:51:51:89:
d0:a2:ad:15:b1:fe:b3:60:4e:0f:95:64:24:4d:7a:
dd:7d:22:0a:1b:e0:67:f1:fe:43:2f:ee:42:e0:95:
0b:a6:b6:5a:91:a3:50:09:17:3a:1c:e6:f2:cc:c3:
c6:2f:88:a2:68:ac:a5:01:e1:fb:bd:df:28:b6:17:
d1:b1:9f:8b:18:36:f0:5b:f3:61:29:5b:42:f4:cd:
a1:19:e5:ac:90:57:82:f1:ad:83:87:fb:68:84:bd:
73:19:9d:d6:a1:b8:2c:ad:84:23:b3:a7:2c:b6:52:
15:ed:91:c3:2d:a0:72:68:62:90:44:23:24:b4:b2:
c9:46:07:93:cd:72:ae:7b:34:4c:10:6c:7d:9f:ee:
ee:dd:ff:eb:68:74:34:95:c7:13:99:ef:f9:90:6c:
8d:f8:d3:65:77:25:94:30:f1:e4:bd:1c:49:e9:da:
80:0f:b4:ad:1a:cc:98:b8:f5:7e:f3:c8:36:35:e9:
72:7e:28:5a:7d:7c:ec:05:75:c8:37:2a:c2:c0:7a:
23:92:9e:c7:32:cc:44:6e:3b:1f:59:63:2d:82:98:
61:4f:cc:7d:8f:b2:b1:7c:42:1d:6a:c6:5e:e2:25:
94:3d:80:40:66:19:c8:9a:a6:20:ba:fe:bb:41:b8:
ad:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CC:55:6D:81:D0:3B:14:6D:87:CF:9A:F9:7D:8F:E8:68:71:96:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/715ce244-d76a-4faa-8b30-81259801a7e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:6000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:5e:86:00:33:65:d5:0c:ea:e2:ee:bc:d7:e2:78:99:8d:2a:
be:b0:92:87:27:31:48:af:e9:a9:25:56:bb:5b:d2:23:e3:dd:
f5:4e:59:c5:a2:25:44:c6:9a:83:65:1d:9f:8e:b2:c2:1c:2d:
66:6f:51:dc:a3:03:9f:c2:f2:bd:a2:60:70:fc:cf:24:76:f1:
ea:30:97:be:9f:cd:b1:5d:56:56:59:17:b6:5c:61:68:6b:3d:
2d:21:2c:1b:f7:51:e8:44:1a:44:c9:1f:b4:4b:fc:02:01:b3:
5c:49:db:54:cf:a3:2d:5f:a1:1f:b1:05:b0:83:e0:dc:68:3a:
f6:0f:67:18:f8:0f:79:32:20:95:7f:02:8d:26:61:b3:21:2e:
2c:85:6e:22:29:62:0a:cb:73:70:e8:03:63:bd:0c:4c:c3:8d:
8c:86:8a:81:6b:d4:29:31:d5:3f:75:ad:f9:c9:8e:57:12:26:
f0:7b:a2:a1:b8:48:c7:85:c3:43:a9:c6:60:32:d1:cd:25:e5:
69:82:ec:f4:b3:53:04:e5:6a:2c:54:74:0f:2a:bc:4f:19:21:
dd:df:9e:8d:55:55:9b:05:05:71:4c:e0:b5:08:95:c3:bf:fd:
31:88:24:4b:8e:0f:e4:a6:fe:bc:19:2c:b7:25:15:db:16:aa:
2c:70:7d:a3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUadmmTFDALXbTwlAc9AfcOo4o6FMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwNDBaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyOWIzMDRhYmEwOTJlMTliZWM3ZmE1OTdmOTU0NjY1NzZiNjk1MWI4MWYw
ZTRiMmI4M2EzZjJhZDQ3YjUwMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdPMIQ4iEDvllUfUVGJ0KKtFbH+s2BOD5VkJE163X0iChvgZ/H+Qy/uQuCV
C6a2WpGjUAkXOhzm8szDxi+IomispQHh+73fKLYX0bGfixg28FvzYSlbQvTNoRnl
rJBXgvGtg4f7aIS9cxmd1qG4LK2EI7OnLLZSFe2Rwy2gcmhikEQjJLSyyUYHk81y
rns0TBBsfZ/u7t3/62h0NJXHE5nv+ZBsjfjTZXcllDDx5L0cSenagA+0rRrMmLj1
fvPINjXpcn4oWn187AV1yDcqwsB6I5KexzLMRG47H1ljLYKYYU/MfY+ysXxCHWrG
XuIllD2AQGYZyJqmILr+u0G4rWUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1zFVt
gdA7FG2Hz5r5fY/oaHGW/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzE1Y2UyNDQtZDc2YS00ZmFhLThiMzAtODEyNTk4MDFhN2U4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Flg
MA0GCSqGSIb3DQEBCwUAA4IBAQCPXoYAM2XVDOri7rzX4niZjSq+sJKHJzFIr+mp
JVa7W9Ij4931TlnFoiVExpqDZR2fjrLCHC1mb1HcowOfwvK9omBw/M8kdvHqMJe+
n82xXVZWWRe2XGFoaz0tISwb91HoRBpEyR+0S/wCAbNcSdtUz6MtX6EfsQWwg+Dc
aDr2D2cY+A95MiCVfwKNJmGzIS4shW4iKWIKy3Nw6ANjvQxMw42MhoqBa9QpMdU/
da35yY5XEibwe6KhuEjHhcNDqcZgMtHNJeVpguz0s1ME5WosVHQPKrxPGSHd356N
VVWbBQVxTOC1CJXDv/0xiCRLjg/kpv68GSy3JRXbFqoscH2j
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:52:08 2025 by rpki-client