Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbee85f-272a-4ae4-8329-48f63bc24277.roa
File: abbee85f-272a-4ae4-8329-48f63bc24277.roa (raw, json)
Hash identifier: IGMkixaMxHq8TNZKvLdN/KDnXq4WnNZeSsXjxBcEXxU=
Subject key identifier: 8C:6D:EC:BE:6E:22:7E:B6:DD:87:2B:EC:35:19:56:91:AE:9F:9F:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 463C9CA0245830BFD3A195DC6BAF66F7B25B4A9B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbee85f-272a-4ae4-8329-48f63bc24277.roa
Signing time: Wed 29 Oct 2025 07:28:26 +0000
ROA not before: Wed 29 Oct 2025 07:28:26 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:3c:9c:a0:24:58:30:bf:d3:a1:95:dc:6b:af:66:f7:b2:5b:4a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:28:26 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=52c0d87f00b31a3e026fb2df4c35ac2848b9640c5def1020d93a199368ae5101, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cb:16:33:ca:ed:99:5e:d7:c7:11:ef:3f:74:
3e:8a:fd:44:50:5e:a0:d5:c8:cb:89:9b:2d:93:db:
80:15:c1:a1:7f:32:0c:49:51:66:ac:ee:ea:13:e5:
9f:97:dc:2f:cb:12:6f:f2:c0:37:76:93:86:eb:81:
2f:7b:7f:1a:68:8e:23:4b:81:9a:37:b9:c1:da:65:
8d:05:ee:6a:7f:fa:df:87:8d:72:2a:bd:28:7d:cb:
16:e4:fa:3d:47:09:5b:0c:13:96:3c:29:3d:9f:6e:
97:c1:8e:6f:82:bc:16:d1:16:bd:e0:9a:8f:a5:33:
6e:62:5f:a2:08:fa:9d:a5:1f:a6:81:52:41:30:46:
92:53:5d:25:9e:01:1e:c7:aa:69:a8:5e:04:68:fa:
58:1b:e8:d3:16:a5:64:20:0a:7e:97:08:55:9a:85:
8c:b8:80:37:d2:d9:c7:9f:1d:bb:36:88:37:0c:3f:
e3:86:9f:20:5c:1e:f6:6d:9e:f9:92:f4:be:59:6d:
ac:4c:fc:01:12:b9:75:ba:20:5e:ed:64:21:8a:26:
eb:83:19:3b:25:10:60:80:64:5f:bc:0c:bc:30:41:
ed:f9:ee:99:1c:7d:1a:29:2c:08:81:86:5e:20:e1:
23:62:6b:c3:2a:af:88:bb:ef:53:c1:17:f7:0e:52:
ef:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:6D:EC:BE:6E:22:7E:B6:DD:87:2B:EC:35:19:56:91:AE:9F:9F:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbee85f-272a-4ae4-8329-48f63bc24277.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:a080::/48
Signature Algorithm: sha256WithRSAEncryption
7a:67:a3:d4:07:fc:24:b6:c8:1c:b0:2c:da:6e:b4:e6:a7:69:
da:c3:ea:a2:86:18:a5:a8:11:dc:4b:9e:49:b0:7c:89:4a:f7:
f4:eb:a9:cf:4b:23:a1:85:7d:5d:1b:e4:10:7e:63:78:63:cb:
27:b5:b4:93:83:6d:1b:4e:f0:e3:29:f3:24:41:1d:36:60:46:
24:e5:7c:19:5a:3b:47:e6:4c:c1:4b:3b:31:e2:b8:46:51:2b:
e3:d7:d4:45:57:be:e9:8e:49:39:0e:67:71:6b:6c:63:67:94:
84:b4:89:49:ea:27:14:e8:f6:e5:f3:8d:39:be:44:21:ed:d5:
d7:1f:80:2a:1f:41:ae:f1:92:3d:9d:23:e4:7e:c1:c4:1c:c6:
73:4b:60:91:ef:f4:d0:bd:c5:c9:2f:f0:0c:ed:fa:2d:dc:a7:
fc:01:95:a1:92:4b:35:82:e0:0f:6e:f3:ff:3d:94:d6:df:36:
6b:39:7b:23:85:c6:01:58:1a:93:20:91:79:3e:bf:1f:aa:61:
bb:2e:c2:10:b9:0d:d7:05:1c:c0:80:3d:99:03:a7:4e:45:29:
8e:a3:85:45:fa:10:fa:ce:e9:ed:2c:08:6a:7c:ef:f0:b4:17:
cf:af:65:d5:37:65:94:97:e1:97:08:04:6f:5a:40:5d:a7:80:
d0:67:23:0e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURjycoCRYML/ToZXca69m97JbSpswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzI4MjZaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyYzBkODdmMDBiMzFhM2UwMjZmYjJkZjRjMzVhYzI4NDhiOTY0MGM1ZGVm
MTAyMGQ5M2ExOTkzNjhhZTUxMDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXLFjPK7Zle18cR7z90Por9RFBeoNXIy4mbLZPbgBXBoX8yDElRZqzu6hPl
n5fcL8sSb/LAN3aThuuBL3t/GmiOI0uBmje5wdpljQXuan/634eNciq9KH3LFuT6
PUcJWwwTljwpPZ9ul8GOb4K8FtEWveCaj6UzbmJfogj6naUfpoFSQTBGklNdJZ4B
HseqaaheBGj6WBvo0xalZCAKfpcIVZqFjLiAN9LZx58duzaINww/44afIFwe9m2e
+ZL0vlltrEz8ARK5dbogXu1kIYom64MZOyUQYIBkX7wMvDBB7fnumRx9GiksCIGG
XiDhI2JrwyqviLvvU8EX9w5S7wUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSMbey+
biJ+tt2HK+w1GVaRrp+frTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWJiZWU4NWYtMjcyYS00YWU0LTgzMjktNDhmNjNiYzI0Mjc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gqg
gDANBgkqhkiG9w0BAQsFAAOCAQEAemej1Af8JLbIHLAs2m605qdp2sPqooYYpagR
3EueSbB8iUr39Oupz0sjoYV9XRvkEH5jeGPLJ7W0k4NtG07w4ynzJEEdNmBGJOV8
GVo7R+ZMwUs7MeK4RlEr49fURVe+6Y5JOQ5ncWtsY2eUhLSJSeonFOj25fONOb5E
Ie3V1x+AKh9BrvGSPZ0j5H7BxBzGc0tgke/00L3FyS/wDO36Ldyn/AGVoZJLNYLg
D27z/z2U1t82azl7I4XGAVgakyCReT6/H6phuy7CELkN1wUcwIA9mQOnTkUpjqOF
RfoQ+s7p7SwIanzv8LQXz69l1TdllJfhlwgEb1pAXaeA0GcjDg==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:54:59 2025 by rpki-client