Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b163c4ff-990b-4080-b1ba-e854e6bb4cb1.roa
File: b163c4ff-990b-4080-b1ba-e854e6bb4cb1.roa (raw, json)
Hash identifier: toEBSh3TVdFWeNyIrx5WWe3pku9zm8kh/JX9fknsjxk=
Subject key identifier: 82:BA:61:00:0E:94:11:8A:6C:6E:30:E6:7D:19:C4:11:C7:40:DA:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 207BB43E2C60CEEFDBF8081620F2240BA2BA0204
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b163c4ff-990b-4080-b1ba-e854e6bb4cb1.roa
Signing time: Wed 29 Oct 2025 07:36:47 +0000
ROA not before: Wed 29 Oct 2025 07:36:47 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:7b:b4:3e:2c:60:ce:ef:db:f8:08:16:20:f2:24:0b:a2:ba:02:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:47 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=4ac4590113cc9284e273da823224ae7d7535fcab5e44dc10021ac3d00dbdd44c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c3:77:0e:e3:3c:3a:5a:80:f8:06:f2:95:9b:
16:0f:6c:62:88:2c:01:a0:09:53:ef:86:2f:6f:c1:
17:75:b4:9c:c6:5d:0a:da:13:88:27:28:ec:a0:09:
2c:93:53:bd:ef:f8:a4:f5:cc:3e:e4:bb:56:af:8a:
4d:87:0e:ed:0c:2a:f7:50:27:e2:83:0c:7f:1d:93:
a3:85:df:cb:b7:64:c7:c6:5c:fd:9d:e8:fe:0b:9e:
a7:63:a8:f0:d1:44:d7:39:a3:67:76:6a:f4:e6:db:
7d:59:40:b8:3d:9b:c9:ed:c6:ff:c9:46:e2:91:4b:
4e:ac:36:fe:af:41:50:e6:6a:3b:c3:e4:3e:59:77:
6f:55:f6:ef:8c:93:7a:99:4f:d3:86:3c:05:99:68:
a4:32:4e:86:f1:9a:67:95:37:18:5d:f5:11:d0:cc:
3b:bc:73:39:13:a8:12:3c:29:d7:05:67:a0:c3:b1:
6b:c4:33:8b:26:1e:1a:e3:b1:03:da:a2:b2:61:09:
fc:3e:1d:f8:ba:52:c8:dd:7e:52:2b:aa:f0:49:7d:
b5:0f:e6:3d:c7:82:b8:6a:d0:c9:93:ca:93:a0:a4:
62:a9:98:51:91:9c:27:18:3d:3e:ac:26:a2:8e:c0:
17:34:3b:0d:92:b2:a0:e8:4a:71:de:b2:49:68:a3:
b0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:BA:61:00:0E:94:11:8A:6C:6E:30:E6:7D:19:C4:11:C7:40:DA:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b163c4ff-990b-4080-b1ba-e854e6bb4cb1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
84:e3:6e:98:aa:d9:6f:a7:6e:b3:f7:97:12:23:81:5b:55:1d:
0a:ce:64:04:0d:6f:b4:1b:67:4b:36:9c:2f:e4:2e:4b:91:3b:
77:a4:f3:9d:5d:83:c6:e7:75:e9:69:f0:8d:03:7a:ff:0f:b5:
02:ff:5f:d7:05:12:9c:c8:6f:19:cb:32:9b:ae:36:c4:57:8c:
2b:e4:a5:cc:97:71:6f:11:5f:95:59:94:07:57:6a:e5:4b:09:
59:76:6b:13:9d:8b:e8:20:bb:90:b4:14:e2:a5:d5:c5:12:cc:
e3:79:60:7d:eb:29:43:a6:76:2b:59:fc:5c:e7:90:e4:35:64:
7b:04:d5:14:47:ea:71:22:94:fb:c7:46:d0:5e:80:ef:8a:e7:
1d:ad:dd:82:83:0f:be:50:88:2e:ac:ca:88:e5:39:1c:c5:05:
d1:3b:22:ed:25:be:5f:75:f1:21:8c:d5:0e:19:59:5d:97:6d:
f3:8d:6a:ca:fe:f2:ea:49:51:cd:66:98:74:ff:7a:5e:e5:64:
85:3a:30:99:ff:87:5a:77:65:8b:03:b3:e1:43:69:01:fc:77:
9b:da:07:60:56:05:7f:00:95:0c:28:05:3a:c3:dd:a7:90:43:
05:1a:37:87:96:fe:1b:4a:90:ed:69:b9:07:72:17:5b:f5:d3:
f7:ed:a1:2c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIHu0Pixgzu/b+AgWIPIkC6K6AgQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NDdaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhYzQ1OTAxMTNjYzkyODRlMjczZGE4MjMyMjRhZTdkNzUzNWZjYWI1ZTQ0
ZGMxMDAyMWFjM2QwMGRiZGQ0NGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMfDdw7jPDpagPgG8pWbFg9sYogsAaAJU++GL2/BF3W0nMZdCtoTiCco7KAJ
LJNTve/4pPXMPuS7Vq+KTYcO7Qwq91An4oMMfx2To4Xfy7dkx8Zc/Z3o/guep2Oo
8NFE1zmjZ3Zq9ObbfVlAuD2bye3G/8lG4pFLTqw2/q9BUOZqO8PkPll3b1X274yT
eplP04Y8BZlopDJOhvGaZ5U3GF31EdDMO7xzOROoEjwp1wVnoMOxa8QziyYeGuOx
A9qismEJ/D4d+LpSyN1+Uiuq8El9tQ/mPceCuGrQyZPKk6CkYqmYUZGcJxg9Pqwm
oo7AFzQ7DZKyoOhKcd6ySWijsCUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSCumEA
DpQRimxuMOZ9GcQRx0DanTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE2M2M0ZmYtOTkwYi00MDgwLWIxYmEtZTg1NGU2YmI0Y2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GpA
MA0GCSqGSIb3DQEBCwUAA4IBAQCE426Yqtlvp26z95cSI4FbVR0KzmQEDW+0G2dL
Npwv5C5LkTt3pPOdXYPG53XpafCNA3r/D7UC/1/XBRKcyG8ZyzKbrjbEV4wr5KXM
l3FvEV+VWZQHV2rlSwlZdmsTnYvoILuQtBTipdXFEszjeWB96ylDpnYrWfxc55Dk
NWR7BNUUR+pxIpT7x0bQXoDviucdrd2Cgw++UIgurMqI5TkcxQXROyLtJb5fdfEh
jNUOGVldl23zjWrK/vLqSVHNZph0/3pe5WSFOjCZ/4dad2WLA7PhQ2kB/Heb2gdg
VgV/AJUMKAU6w92nkEMFGjeHlv4bSpDtabkHchdb9dP37aEs
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:45 2025 by rpki-client