Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fa19511-0738-48ff-a25a-e667f5ca90f8.roa
File: 9fa19511-0738-48ff-a25a-e667f5ca90f8.roa (raw, json)
Hash identifier: z3XIDBwKhUHu/6GCo4DB5npAR7bRqVe3Ymbv9xSKilk=
Subject key identifier: 46:6E:42:2D:2F:1B:3C:78:FD:DB:B7:FC:CD:8D:FB:3C:D8:3A:62:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 482725C5BCC44CA25A5E6DA8F07CD1975C6500B2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fa19511-0738-48ff-a25a-e667f5ca90f8.roa
Signing time: Mon 03 Nov 2025 20:06:37 +0000
ROA not before: Mon 03 Nov 2025 20:06:37 +0000
ROA not after: Mon 08 Dec 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d077::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:27:25:c5:bc:c4:4c:a2:5a:5e:6d:a8:f0:7c:d1:97:5c:65:00:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 3 20:06:37 2025 GMT
Not After : Dec 8 23:59:59 2025 GMT
Subject: serialNumber=1df18f25feb6258598073f935b19e65aaf1c1585554c114b296201e914782c59, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:05:90:6e:21:ea:5d:80:be:e3:c0:0d:f3:cf:
6e:f9:07:c7:57:60:23:65:c1:07:a1:31:c2:e8:a0:
71:7c:6a:42:3e:8f:23:ec:27:e6:ac:9a:35:2d:fb:
e3:85:39:95:32:95:00:73:c7:fc:aa:2b:71:1e:56:
58:a1:3b:20:30:b9:c3:07:47:c8:1d:ab:b3:cc:44:
05:b3:78:91:ac:38:13:3b:f6:00:82:77:62:ed:45:
c6:a8:e8:b4:3a:94:f1:be:f5:67:de:27:f4:33:aa:
ce:72:91:d1:6c:77:c6:3b:98:97:ba:d1:8d:36:23:
43:72:be:4d:f3:c5:d8:dd:a1:20:bd:3f:0c:8d:da:
f1:af:02:5f:05:7f:ec:30:c1:90:9f:b5:7b:23:1b:
d0:82:88:bd:33:7f:1e:f3:c3:f9:26:41:66:cf:87:
6d:7a:20:e8:3b:ad:81:a6:b6:37:7a:82:c9:04:17:
4c:e3:26:6a:95:0f:e4:05:43:f1:e0:1d:19:bf:ee:
10:13:d2:d3:8d:00:6c:bb:13:04:70:b8:b1:6c:97:
68:c4:d3:be:9f:53:88:8d:b7:30:db:4f:39:97:5a:
fc:98:cd:04:23:46:8d:cd:6e:24:5b:cf:5e:54:b9:
62:bd:81:82:99:73:9e:a9:0b:40:65:1f:eb:83:35:
74:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:6E:42:2D:2F:1B:3C:78:FD:DB:B7:FC:CD:8D:FB:3C:D8:3A:62:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fa19511-0738-48ff-a25a-e667f5ca90f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077::/32
Signature Algorithm: sha256WithRSAEncryption
c5:41:ab:3b:75:b3:d2:48:41:6f:46:45:03:f4:d2:fc:f5:92:
11:06:2c:fe:fc:9a:a9:95:a2:75:4f:d2:2c:10:5e:bf:66:37:
de:9a:e0:15:02:86:2d:57:02:a6:8f:55:ae:3f:f9:12:d7:19:
9b:53:91:28:9f:c2:41:4b:45:2e:86:c6:83:89:04:91:f2:fb:
a3:58:69:74:72:0d:85:2c:4f:8b:bd:00:8a:f1:42:37:21:42:
ac:4a:22:a0:60:b0:c9:92:3a:fa:3b:a6:2d:91:0f:5e:b0:f7:
0c:ff:9c:88:06:fe:19:9a:18:63:7e:24:75:8e:ff:4f:48:2b:
ea:d0:dc:5f:90:89:b8:3d:ad:07:c6:d7:4a:a8:88:59:70:7c:
23:71:4b:ef:1e:67:d9:57:9f:7a:d7:b2:75:1e:be:0c:8f:48:
47:f3:89:aa:58:7d:6d:39:49:56:74:a7:8b:0b:03:eb:47:37:
1a:80:88:8c:e7:80:51:96:97:18:97:66:12:38:16:a0:2a:2d:
c1:9a:04:fe:a4:4f:e1:65:3e:34:fe:e2:df:9d:3a:30:2b:e5:
64:59:86:90:21:97:f4:43:ce:bb:7a:c6:0c:f5:b7:11:ac:7b:
6c:0d:13:86:4b:6d:4c:bb:63:3b:6d:b1:16:ae:f8:4d:bd:f4:
16:ab:88:63
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUSCclxbzETKJaXm2o8HzRl1xlALIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDMyMDA2MzdaFw0yNTEyMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkZjE4ZjI1ZmViNjI1ODU5ODA3M2Y5MzViMTllNjVhYWYxYzE1ODU1NTRj
MTE0YjI5NjIwMWU5MTQ3ODJjNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANcFkG4h6l2AvuPADfPPbvkHx1dgI2XBB6ExwuigcXxqQj6PI+wn5qyaNS37
44U5lTKVAHPH/KorcR5WWKE7IDC5wwdHyB2rs8xEBbN4kaw4Ezv2AIJ3Yu1Fxqjo
tDqU8b71Z94n9DOqznKR0Wx3xjuYl7rRjTYjQ3K+TfPF2N2hIL0/DI3a8a8CXwV/
7DDBkJ+1eyMb0IKIvTN/HvPD+SZBZs+HbXog6Dutgaa2N3qCyQQXTOMmapUP5AVD
8eAdGb/uEBPS040AbLsTBHC4sWyXaMTTvp9TiI23MNtPOZda/JjNBCNGjc1uJFvP
XlS5Yr2BgplznqkLQGUf64M1dDUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRGbkIt
Lxs8eP3bt/zNjfs82DpiUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZhMTk1MTEtMDczOC00OGZmLWEyNWEtZTY2N2Y1Y2E5MGY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hcw
DQYJKoZIhvcNAQELBQADggEBAMVBqzt1s9JIQW9GRQP00vz1khEGLP78mqmVonVP
0iwQXr9mN96a4BUChi1XAqaPVa4/+RLXGZtTkSifwkFLRS6GxoOJBJHy+6NYaXRy
DYUsT4u9AIrxQjchQqxKIqBgsMmSOvo7pi2RD16w9wz/nIgG/hmaGGN+JHWO/09I
K+rQ3F+Qibg9rQfG10qoiFlwfCNxS+8eZ9lXn3rXsnUevgyPSEfziapYfW05SVZ0
p4sLA+tHNxqAiIzngFGWlxiXZhI4FqAqLcGaBP6kT+FlPjT+4t+dOjAr5WRZhpAh
l/RDzrt6xgz1txGse2wNE4ZLbUy7YzttsRau+E299BariGM=
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:41 2025 by rpki-client