Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
File: b83c6ff3-492f-409c-86bf-cb90ca64f452.roa (raw, json)
Hash identifier: juACVZWQygUBrlrbxuC3HBMayga6dNs+qSwSrWIbS0o=
Subject key identifier: A5:19:33:D5:65:00:06:35:69:7C:A8:D0:BD:8D:21:F8:66:60:81:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CDC40AD83C9F106A8172F931C0546A22A289FAF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
Signing time: Tue 04 Nov 2025 03:00:05 +0000
ROA not before: Tue 04 Nov 2025 03:00:05 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:dc:40:ad:83:c9:f1:06:a8:17:2f:93:1c:05:46:a2:2a:28:9f:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 03:00:05 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=1c28244c6d53c51db92f9f14aef60b3feb33e0eb33d0824f934d95ea97349cc5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:44:bc:65:3c:0b:87:43:ad:ee:ef:f9:39:59:
ce:1b:12:1a:8e:32:ee:c1:9d:73:a8:03:69:63:20:
40:3a:4c:3f:01:35:2f:00:a4:87:41:ce:38:d7:14:
24:d9:eb:52:66:d9:28:cb:6e:60:ae:15:d8:bd:c5:
1c:23:4d:74:b7:ec:3e:ee:ff:60:b3:86:69:78:fe:
6c:5f:3a:2b:41:97:43:c4:2c:14:7e:48:d2:ee:88:
f9:55:e3:62:39:04:7b:75:0b:02:74:26:a6:65:34:
c2:fc:9f:63:0f:4b:70:f8:b6:c5:0b:a7:e4:aa:a9:
61:e5:d1:23:07:9b:ee:fe:1b:f8:9b:c9:5b:42:6c:
f0:93:0d:fb:63:6c:ee:c9:65:13:91:c7:12:48:ce:
ce:e0:88:66:fa:47:36:55:b5:e7:6b:9a:74:e1:80:
40:87:45:fe:08:03:a2:8c:8e:38:d8:4e:f1:c2:4e:
be:a6:7a:2a:be:d8:f0:03:30:6d:d3:4c:76:ef:b2:
e4:06:0d:86:99:3b:c5:ab:99:b1:ae:dc:f4:74:19:
7d:9c:f2:72:0b:67:2c:d2:6f:77:1a:3e:85:b9:2c:
29:76:2f:6b:9a:7d:a9:fa:29:b0:e4:b7:13:ec:a9:
29:27:14:9e:88:8d:0d:30:36:d2:b1:e6:03:c9:f9:
ba:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:19:33:D5:65:00:06:35:69:7C:A8:D0:BD:8D:21:F8:66:60:81:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:da:99:fd:87:49:35:2d:09:c5:10:ac:95:60:08:b9:f1:24:
82:2a:0e:cf:1e:d5:b2:5e:7e:a7:82:f7:6f:aa:62:59:8b:0c:
51:68:65:c7:b8:6d:14:60:65:31:5d:9e:64:7b:8c:ca:45:8d:
8e:59:b5:29:cf:b2:83:04:cf:0f:6f:03:ec:86:80:90:52:03:
10:17:34:a5:df:d3:be:5d:76:a5:57:21:82:ec:e7:6c:e5:8e:
57:58:28:eb:76:90:9f:cf:22:f1:f2:a3:78:e8:fc:30:77:0c:
cf:26:6f:9b:d9:10:2a:29:cf:32:97:79:d5:72:02:e3:e0:e9:
0d:c8:0b:3f:22:cc:40:0e:29:a4:3e:53:f0:d2:86:29:e2:6e:
3c:1b:c4:1b:f2:e6:a0:ed:c4:31:5a:2d:6f:83:2f:29:cd:de:
8c:4f:7a:40:ce:75:26:8d:37:f6:09:3b:a0:2b:fa:a8:d0:bf:
55:f4:25:a7:98:18:a5:a8:1b:84:94:23:8f:12:8e:4b:f3:4f:
7c:01:97:98:85:eb:4b:99:2e:11:b4:0d:de:92:c2:3c:37:82:
eb:2b:e6:bc:4b:1e:23:73:4e:45:b7:3b:41:f0:45:c9:65:e8:
13:8e:be:33:92:a3:9e:60:4e:c0:78:bd:53:6e:8a:28:3b:e5:
02:94:5f:b2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfNxArYPJ8QaoFy+THAVGoioon68wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMzAwMDVaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjMjgyNDRjNmQ1M2M1MWRiOTJmOWYxNGFlZjYwYjNmZWIzM2UwZWIzM2Qw
ODI0ZjkzNGQ5NWVhOTczNDljYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdEvGU8C4dDre7v+TlZzhsSGo4y7sGdc6gDaWMgQDpMPwE1LwCkh0HOONcU
JNnrUmbZKMtuYK4V2L3FHCNNdLfsPu7/YLOGaXj+bF86K0GXQ8QsFH5I0u6I+VXj
YjkEe3ULAnQmpmU0wvyfYw9LcPi2xQun5KqpYeXRIweb7v4b+JvJW0Js8JMN+2Ns
7sllE5HHEkjOzuCIZvpHNlW152uadOGAQIdF/ggDooyOONhO8cJOvqZ6Kr7Y8AMw
bdNMdu+y5AYNhpk7xauZsa7c9HQZfZzycgtnLNJvdxo+hbksKXYva5p9qfopsOS3
E+ypKScUnoiNDTA20rHmA8n5uvUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSlGTPV
ZQAGNWl8qNC9jSH4ZmCBRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjgzYzZmZjMtNDkyZi00MDljLTg2YmYtY2I5MGNhNjRmNDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQCi2pn9h0k1LQnFEKyVYAi58SSCKg7PHtWyXn6n
gvdvqmJZiwxRaGXHuG0UYGUxXZ5ke4zKRY2OWbUpz7KDBM8PbwPshoCQUgMQFzSl
39O+XXalVyGC7Ods5Y5XWCjrdpCfzyLx8qN46PwwdwzPJm+b2RAqKc8yl3nVcgLj
4OkNyAs/IsxADimkPlPw0oYp4m48G8Qb8uag7cQxWi1vgy8pzd6MT3pAznUmjTf2
CTugK/qo0L9V9CWnmBilqBuElCOPEo5L8098AZeYhetLmS4RtA3eksI8N4LrK+a8
Sx4jc05FtztB8EXJZegTjr4zkqOeYE7AeL1TboooO+UClF+y
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:28:32 2025 by rpki-client