Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1d03194-ccbe-4f42-86ad-223ce18146d3.roa
File: a1d03194-ccbe-4f42-86ad-223ce18146d3.roa (raw, json)
Hash identifier: zCD2iZhiIgpwBOMyzqrrsGXbNvPGgr3koujHBYIQFig=
Subject key identifier: DE:04:7C:A6:EA:42:F1:44:48:A7:7A:FB:79:D6:21:D1:31:46:9A:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BB17C3378BEA3B26C6A141877E57BB23F5F00F9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1d03194-ccbe-4f42-86ad-223ce18146d3.roa
Signing time: Wed 29 Oct 2025 07:36:50 +0000
ROA not before: Wed 29 Oct 2025 07:36:50 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:b1:7c:33:78:be:a3:b2:6c:6a:14:18:77:e5:7b:b2:3f:5f:00:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:50 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=b346bc9f9fda997980dbd8ecc52d42298d17c02eff4354baea89b6c41eb7f634, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c0:96:03:3e:33:57:7e:98:cf:72:9e:88:a3:
11:b5:2f:2c:a9:96:5d:31:d4:46:14:4b:2f:d9:36:
f6:fb:0c:0b:f4:88:82:96:b5:cc:2e:65:6a:63:4b:
98:80:62:7f:55:c3:7a:59:43:75:1e:98:51:af:50:
fd:e5:ca:87:20:8d:54:88:3f:74:90:53:1f:0b:32:
d2:85:f7:47:63:f3:3a:e6:80:15:79:5d:c5:86:9b:
5d:23:9b:45:95:92:58:6e:e5:78:7a:80:52:38:8d:
35:4e:bb:fe:1e:0e:2e:18:81:b2:a1:8c:46:c5:7a:
2d:fc:54:ce:57:5e:60:5a:40:53:62:ed:93:63:19:
52:28:fe:ac:f8:f3:2c:2e:3b:49:cf:d7:fa:15:08:
93:01:58:a2:50:e1:9b:6e:61:3c:d6:59:05:31:65:
ff:d6:b3:ae:9b:c5:a8:2c:b8:bd:22:b9:23:4d:18:
57:9c:1f:f0:f9:4d:19:96:0e:4e:0e:d5:39:c7:9c:
c5:b2:11:37:b9:42:9f:11:e1:b1:46:86:9b:01:7e:
4a:60:69:8a:9f:45:c8:d4:78:0e:ad:f6:b2:ed:ff:
45:d4:a0:01:4c:8f:09:02:e8:fe:eb:a7:31:8a:16:
11:78:1e:a6:a6:87:4f:2b:81:53:f2:b6:ea:c9:58:
ba:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:04:7C:A6:EA:42:F1:44:48:A7:7A:FB:79:D6:21:D1:31:46:9A:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1d03194-ccbe-4f42-86ad-223ce18146d3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:9000::/40
Signature Algorithm: sha256WithRSAEncryption
ab:4e:11:ff:de:d4:f9:40:18:71:f3:c9:b1:2f:a6:98:4b:49:
c9:78:ab:85:74:41:87:12:33:7a:81:d3:8e:d6:63:f4:99:25:
59:f0:6b:06:e3:b3:46:8c:e3:a4:f8:45:2b:be:4f:5d:17:30:
52:6a:6a:62:62:cb:ef:e1:e8:3c:25:51:b9:03:06:96:51:23:
7f:fb:69:06:82:5c:14:e5:2f:50:05:2e:9d:16:74:28:49:ac:
e3:e3:13:ce:88:76:09:45:bc:55:db:30:e6:5a:1e:7e:d4:ad:
e1:39:55:39:80:00:96:ac:53:65:5b:e7:c3:d3:13:ba:6f:75:
d9:d0:cd:96:fe:ab:ea:38:b1:2d:e4:c5:6f:a5:2a:37:c6:c9:
1e:c9:dc:cf:35:bc:b1:ee:d4:1a:b4:0d:10:62:59:6e:54:70:
28:c0:20:44:ad:e7:77:e2:32:5b:51:be:71:17:1b:10:60:a3:
ce:69:0f:d5:4f:0e:b0:9a:b0:02:8c:14:bf:49:d4:7d:6b:11:
24:46:a3:9c:c3:96:b4:36:33:86:b9:9d:9e:04:e6:0b:42:32:
5f:49:60:c9:93:41:60:c8:36:5e:e0:64:10:db:4e:0c:58:2f:
59:a8:93:37:6f:3e:12:31:06:a1:2c:a5:3d:20:fb:13:b6:7d:
93:62:cd:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa7F8M3i+o7JsahQYd+V7sj9fAPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NTBaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzNDZiYzlmOWZkYTk5Nzk4MGRiZDhlY2M1MmQ0MjI5OGQxN2MwMmVmZjQz
NTRiYWVhODliNmM0MWViN2Y2MzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHAlgM+M1d+mM9ynoijEbUvLKmWXTHURhRLL9k29vsMC/SIgpa1zC5lamNL
mIBif1XDellDdR6YUa9Q/eXKhyCNVIg/dJBTHwsy0oX3R2PzOuaAFXldxYabXSOb
RZWSWG7leHqAUjiNNU67/h4OLhiBsqGMRsV6LfxUzldeYFpAU2Ltk2MZUij+rPjz
LC47Sc/X+hUIkwFYolDhm25hPNZZBTFl/9azrpvFqCy4vSK5I00YV5wf8PlNGZYO
Tg7VOcecxbIRN7lCnxHhsUaGmwF+SmBpip9FyNR4Dq32su3/RdSgAUyPCQLo/uun
MYoWEXgepqaHTyuBU/K26slYupECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTeBHym
6kLxREinevt51iHRMUaawzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTFkMDMxOTQtY2NiZS00ZjQyLTg2YWQtMjIzY2UxODE0NmQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCrThH/3tT5QBhx88mxL6aYS0nJeKuFdEGHEjN6
gdOO1mP0mSVZ8GsG47NGjOOk+EUrvk9dFzBSampiYsvv4eg8JVG5AwaWUSN/+2kG
glwU5S9QBS6dFnQoSazj4xPOiHYJRbxV2zDmWh5+1K3hOVU5gACWrFNlW+fD0xO6
b3XZ0M2W/qvqOLEt5MVvpSo3xskeydzPNbyx7tQatA0QYlluVHAowCBEred34jJb
Ub5xFxsQYKPOaQ/VTw6wmrACjBS/SdR9axEkRqOcw5a0NjOGuZ2eBOYLQjJfSWDJ
k0FgyDZe4GQQ204MWC9ZqJM3bz4SMQahLKU9IPsTtn2TYs11
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:55:05 2025 by rpki-client