Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcde19c-85ea-4e4c-b31b-859be4055425.roa
File: 7dcde19c-85ea-4e4c-b31b-859be4055425.roa (raw, json)
Hash identifier: AA27t5fSDJ1Ip6ticsEMTnzua6pMNgQcU2Kp0jTaNsw=
Subject key identifier: 79:5B:B7:EF:07:40:CE:7D:6B:55:63:1C:92:4A:F3:96:CC:A8:C8:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66753FF0201BAC86DE82CBE76017C06B7D01EADB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcde19c-85ea-4e4c-b31b-859be4055425.roa
Signing time: Wed 29 Oct 2025 07:36:46 +0000
ROA not before: Wed 29 Oct 2025 07:36:46 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:8800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:75:3f:f0:20:1b:ac:86:de:82:cb:e7:60:17:c0:6b:7d:01:ea:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:46 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=0f761b17ba9651acb10feb1ac855db152cf686e8bea0e30b511d03ac2d7cdaa1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2a:fd:47:e8:e6:e2:3c:fd:95:46:f5:ac:8f:
2b:90:4d:fa:2d:0a:cd:22:1f:d1:87:29:91:a7:46:
09:79:69:ad:35:d4:be:c0:2c:f3:10:5e:43:c2:c4:
7a:b5:96:6b:92:08:b9:db:f5:fc:6d:8c:04:0b:11:
35:e5:43:35:24:2a:fc:4b:67:87:67:88:96:fc:2a:
c8:90:47:db:f0:f4:11:b3:eb:a7:87:b1:31:24:0a:
0c:e5:ad:2f:94:6c:32:9d:3a:bd:00:61:27:1b:90:
55:a9:f6:2c:e7:80:0b:d8:5f:f3:ea:5f:6f:ae:ee:
6f:3a:dc:94:36:3f:4f:8c:89:11:81:e1:f6:66:19:
18:53:e8:c0:e3:d0:c6:82:49:06:ef:3a:21:a5:64:
66:2b:a6:0c:30:c5:d1:d0:bd:9a:f2:62:fc:9c:15:
92:51:1d:dd:e7:24:61:68:67:1a:28:05:61:29:20:
d1:2e:4d:14:7c:3a:1b:c0:7d:48:bd:38:23:13:31:
04:cc:b9:fc:2b:f4:36:62:9d:ae:eb:0b:04:58:94:
6d:81:8d:66:65:45:7a:76:9e:30:34:43:91:13:f8:
6b:90:47:79:7e:ca:16:0a:f5:ef:2a:a3:ed:c9:d4:
b6:6c:1c:61:c0:86:58:c3:0f:f3:a5:a8:33:e4:33:
dc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:5B:B7:EF:07:40:CE:7D:6B:55:63:1C:92:4A:F3:96:CC:A8:C8:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcde19c-85ea-4e4c-b31b-859be4055425.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:8800::/48
Signature Algorithm: sha256WithRSAEncryption
9d:f7:1a:96:bc:a6:d4:f7:14:29:5b:91:a4:b4:19:ea:3b:6b:
94:12:e6:b7:96:4b:03:65:7f:aa:b6:47:df:b7:05:36:28:d3:
09:f0:55:cf:9d:a4:07:3b:41:80:a1:38:4a:df:83:e8:6f:44:
6d:7c:82:3c:8d:57:2e:6b:70:3c:30:f5:49:0b:5e:b2:1d:ef:
00:30:14:4b:4e:a9:a1:2f:ef:4e:bf:ab:46:62:99:c8:bf:a3:
d1:76:d2:16:5e:a4:7a:6f:3b:f4:8c:95:84:85:55:13:e8:3b:
98:a5:44:bf:9c:20:0e:ed:04:40:91:cc:95:1f:a6:ac:77:20:
28:09:ed:b1:cd:f0:41:7f:39:c0:e0:15:e3:6b:15:e1:ae:f5:
f1:fb:c7:20:09:85:b5:51:81:2b:09:80:ce:3a:04:78:67:12:
98:18:c9:b4:aa:02:a4:b7:52:1e:05:b5:f1:d5:73:1a:2a:44:
50:ad:be:35:14:b7:d7:47:cd:91:6b:c1:c2:c6:e6:90:84:13:
07:28:98:8b:44:fb:5b:92:d5:08:73:68:e5:cc:84:5d:ea:b8:
4f:64:e5:32:3d:21:9b:9c:70:ae:a7:0f:b5:bc:ef:c2:30:08:
f8:0e:e1:8c:4b:14:d0:94:a3:1a:a0:e7:d3:a9:40:24:b8:a8:
ee:c8:b2:a1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZnU/8CAbrIbegsvnYBfAa30B6tswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NDZaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNzYxYjE3YmE5NjUxYWNiMTBmZWIxYWM4NTVkYjE1MmNmNjg2ZThiZWEw
ZTMwYjUxMWQwM2FjMmQ3Y2RhYTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0q/Ufo5uI8/ZVG9ayPK5BN+i0KzSIf0YcpkadGCXlprTXUvsAs8xBeQ8LE
erWWa5IIudv1/G2MBAsRNeVDNSQq/Etnh2eIlvwqyJBH2/D0EbPrp4exMSQKDOWt
L5RsMp06vQBhJxuQVan2LOeAC9hf8+pfb67ubzrclDY/T4yJEYHh9mYZGFPowOPQ
xoJJBu86IaVkZiumDDDF0dC9mvJi/JwVklEd3eckYWhnGigFYSkg0S5NFHw6G8B9
SL04IxMxBMy5/Cv0NmKdrusLBFiUbYGNZmVFenaeMDRDkRP4a5BHeX7KFgr17yqj
7cnUtmwcYcCGWMMP86WoM+Qz3D8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR5W7fv
B0DOfWtVYxySSvOWzKjIzDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RjZGUxOWMtODVlYS00ZTRjLWIzMWItODU5YmU0MDU1NDI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GyI
ADANBgkqhkiG9w0BAQsFAAOCAQEAnfcalrym1PcUKVuRpLQZ6jtrlBLmt5ZLA2V/
qrZH37cFNijTCfBVz52kBztBgKE4St+D6G9EbXyCPI1XLmtwPDD1SQtesh3vADAU
S06poS/vTr+rRmKZyL+j0XbSFl6kem879IyVhIVVE+g7mKVEv5wgDu0EQJHMlR+m
rHcgKAntsc3wQX85wOAV42sV4a718fvHIAmFtVGBKwmAzjoEeGcSmBjJtKoCpLdS
HgW18dVzGipEUK2+NRS310fNkWvBwsbmkIQTByiYi0T7W5LVCHNo5cyEXeq4T2Tl
Mj0hm5xwrqcPtbzvwjAI+A7hjEsU0JSjGqDn06lAJLio7siyoQ==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:48 2025 by rpki-client