Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bc6184b-4b16-4844-96e2-71541ff10974.roa
File: 8bc6184b-4b16-4844-96e2-71541ff10974.roa (raw, json)
Hash identifier: KNzGLMe5LNLAD6ejfy3hhYNm11mNQwYWo+m+C5S8aTQ=
Subject key identifier: 2A:5B:DF:07:14:E1:C5:C4:71:B0:1B:9E:8A:1D:A3:A3:DD:27:08:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D2C52A608C5B1A05189C763E94575B78EBF6B3C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bc6184b-4b16-4844-96e2-71541ff10974.roa
Signing time: Tue 04 Nov 2025 02:50:04 +0000
ROA not before: Tue 04 Nov 2025 02:50:04 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:2c:52:a6:08:c5:b1:a0:51:89:c7:63:e9:45:75:b7:8e:bf:6b:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:04 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=ad722cc2cd0b87d893f073080838f2d818377012a4b82a6bbd50c82e697c50a2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a5:56:04:94:25:74:92:20:cf:50:c4:db:38:
ba:ed:f0:e0:e8:09:a0:60:dd:a6:dc:cb:51:e7:8f:
d3:7f:56:8a:2e:55:d4:13:f9:4b:b9:66:2e:6b:70:
4e:58:3f:0a:17:e7:d9:bd:f4:08:c5:03:c3:8d:71:
9e:d8:30:dd:80:18:d6:a6:6d:a9:d3:f5:7a:47:63:
e4:f6:a3:d5:6b:22:b6:63:03:2f:8b:46:58:ef:6e:
62:d8:88:b1:d3:e3:97:68:9a:da:18:fc:09:44:cc:
65:98:f5:36:d9:b9:63:c6:87:da:4d:12:cb:53:2c:
9c:15:68:4a:6f:fa:1d:b4:a7:6a:88:f3:76:58:f4:
52:e0:85:08:8b:be:f3:72:1f:d4:de:11:01:dc:f8:
18:5e:90:f1:2c:47:32:23:ce:41:a9:7d:45:cd:88:
b4:44:31:1f:f9:ad:14:37:0c:45:b0:27:68:18:27:
46:ae:f2:24:39:18:71:8d:44:b5:46:f6:1e:2c:a8:
49:53:6f:46:ad:f6:e1:90:66:80:4c:e4:d9:ee:bd:
95:d0:5e:43:9d:ae:8d:2f:3e:68:fd:ea:6c:e2:17:
85:ca:81:73:4c:ea:31:57:3f:6d:c4:cd:b1:f9:95:
25:5f:55:d3:d1:9b:ee:bb:1c:40:2d:3d:36:b3:c8:
c5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:5B:DF:07:14:E1:C5:C4:71:B0:1B:9E:8A:1D:A3:A3:DD:27:08:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bc6184b-4b16-4844-96e2-71541ff10974.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c000::/40
Signature Algorithm: sha256WithRSAEncryption
24:9f:6e:96:c9:ad:72:de:63:5a:60:b2:9a:dc:2f:e5:15:5e:
02:58:6f:d6:c1:46:5c:f7:4b:31:ca:33:f3:0a:8e:12:9d:79:
38:c0:13:81:b7:1c:2a:ad:59:f8:c5:20:e9:ec:b2:65:af:74:
b9:92:ad:1c:24:b5:44:6f:3e:25:5d:fd:76:da:24:fb:46:f4:
2d:21:30:4f:31:cf:01:03:48:98:57:e9:be:63:24:51:cb:10:
9d:6a:fc:79:5b:0a:26:3b:01:93:01:4a:ab:b5:7c:cd:18:cc:
58:e6:69:37:0e:31:f2:6c:87:37:6c:49:e3:89:f2:01:a3:25:
43:dc:85:82:32:55:db:03:60:e7:13:8d:0c:47:78:b2:87:90:
af:fa:08:85:99:a3:46:14:b4:0c:2d:af:38:86:f0:8a:8a:61:
9c:9d:ac:5b:e7:c1:6f:65:a7:58:d4:71:c8:df:c7:00:83:9b:
61:7a:8d:72:1d:b8:68:5f:e6:bb:9f:a4:26:8e:01:0f:f9:17:
a6:d9:ff:db:87:4b:4a:4b:cc:d0:d7:d3:57:e5:8f:90:c0:0e:
2b:6d:10:69:cb:30:40:de:bd:bf:15:73:66:91:b5:3f:0d:ab:
71:09:4d:2f:c4:15:a5:c7:cb:ab:b7:94:8d:c6:5e:d1:3b:18:
b5:2a:66:60
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHSxSpgjFsaBRicdj6UV1t46/azwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwMDRaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkNzIyY2MyY2QwYjg3ZDg5M2YwNzMwODA4MzhmMmQ4MTgzNzcwMTJhNGI4
MmE2YmJkNTBjODJlNjk3YzUwYTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqlVgSUJXSSIM9QxNs4uu3w4OgJoGDdptzLUeeP039Wii5V1BP5S7lmLmtw
Tlg/Chfn2b30CMUDw41xntgw3YAY1qZtqdP1ekdj5Paj1WsitmMDL4tGWO9uYtiI
sdPjl2ia2hj8CUTMZZj1Ntm5Y8aH2k0Sy1MsnBVoSm/6HbSnaojzdlj0UuCFCIu+
83If1N4RAdz4GF6Q8SxHMiPOQal9Rc2ItEQxH/mtFDcMRbAnaBgnRq7yJDkYcY1E
tUb2HiyoSVNvRq324ZBmgEzk2e69ldBeQ52ujS8+aP3qbOIXhcqBc0zqMVc/bcTN
sfmVJV9V09Gb7rscQC09NrPIxa8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQqW98H
FOHFxHGwG56KHaOj3ScIMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGJjNjE4NGItNGIxNi00ODQ0LTk2ZTItNzE1NDFmZjEwOTc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTA
MA0GCSqGSIb3DQEBCwUAA4IBAQAkn26Wya1y3mNaYLKa3C/lFV4CWG/WwUZc90sx
yjPzCo4SnXk4wBOBtxwqrVn4xSDp7LJlr3S5kq0cJLVEbz4lXf122iT7RvQtITBP
Mc8BA0iYV+m+YyRRyxCdavx5WwomOwGTAUqrtXzNGMxY5mk3DjHybIc3bEnjifIB
oyVD3IWCMlXbA2DnE40MR3iyh5Cv+giFmaNGFLQMLa84hvCKimGcnaxb58FvZadY
1HHI38cAg5theo1yHbhoX+a7n6QmjgEP+Rem2f/bh0tKS8zQ19NX5Y+QwA4rbRBp
yzBA3r2/FXNmkbU/DatxCU0vxBWlx8urt5SNxl7ROxi1KmZg
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:17:01 2025 by rpki-client