Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd75b960-96a2-4735-8f78-a99099ccb684.roa
File: bd75b960-96a2-4735-8f78-a99099ccb684.roa (raw, json)
Hash identifier: 3n6t44Nbl1E6sekqQcOszJK599Ox+9Ypr4lyZBRUQ0U=
Subject key identifier: AE:10:B9:87:88:00:CC:65:34:85:B4:F4:91:86:3E:98:D6:FC:B2:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25D17F86FE50D957FF58ED7008FF1BCEDBBE8399
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd75b960-96a2-4735-8f78-a99099ccb684.roa
Signing time: Fri 31 Oct 2025 00:40:07 +0000
ROA not before: Fri 31 Oct 2025 00:40:07 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:d1:7f:86:fe:50:d9:57:ff:58:ed:70:08:ff:1b:ce:db:be:83:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 00:40:07 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=85f24586f4a10e8db88ffb748fc0f1520f1c08cf983a02fee732a664c14caee9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:67:03:66:56:66:20:ce:4e:b3:5f:71:db:fe:
3e:80:d9:44:17:79:68:48:19:04:b5:58:5e:64:6d:
d9:cc:68:0b:ba:4b:90:99:e6:fb:22:b9:1e:2a:c9:
c5:5c:bd:1b:30:1f:de:82:06:d0:a9:54:5d:cf:ec:
16:85:15:72:72:c6:1a:8c:d5:60:f9:2d:0d:f9:f4:
b1:b1:de:5a:69:09:08:01:a6:af:80:2a:33:54:f1:
bc:f9:ac:44:50:26:6f:a2:07:9b:13:d0:dc:00:48:
2c:d8:60:9d:9f:e3:ca:fe:db:c5:8c:bb:c9:f9:27:
ba:a3:9a:8b:8c:95:e5:ad:eb:6c:a9:28:21:7f:b1:
be:05:45:f4:81:e7:c1:20:cf:e4:1d:71:f3:5c:51:
e8:1f:81:42:be:3e:69:92:52:8e:9d:c2:7c:89:fc:
de:8e:a4:b9:4b:c7:8a:0c:8e:5c:00:87:57:1a:33:
a5:d8:2e:75:d5:38:3e:d5:c9:13:e8:91:84:bc:8c:
2a:ca:f1:07:2f:75:74:da:54:e7:d3:5c:30:37:12:
5c:8f:5f:83:8c:9e:3c:e2:2f:95:e9:4c:b5:7e:0f:
ee:d8:fc:b7:54:57:c6:1a:72:59:00:7d:27:a0:43:
95:39:7a:0d:04:aa:f4:09:c4:19:38:5c:b8:c7:fa:
1c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:10:B9:87:88:00:CC:65:34:85:B4:F4:91:86:3E:98:D6:FC:B2:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd75b960-96a2-4735-8f78-a99099ccb684.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:1000::/40
Signature Algorithm: sha256WithRSAEncryption
2a:f4:bc:2d:c7:85:a4:2d:41:01:f5:69:27:53:43:f2:61:23:
5a:ab:d5:79:38:cb:fd:b9:9f:85:77:48:04:07:6b:d5:f5:96:
09:ae:ad:5c:7f:04:1c:88:c4:17:de:e8:d3:24:59:2f:38:e1:
2d:55:9a:05:3c:d0:60:18:13:54:64:4e:26:03:30:f7:26:20:
ed:4a:76:74:ba:25:59:c1:a5:8f:96:51:e7:aa:2c:0d:f7:07:
b9:80:c2:03:b0:04:17:f9:a0:99:07:b6:c3:96:43:11:3e:2b:
7a:d8:8d:a9:71:5c:19:24:7c:9c:8b:3b:13:77:08:c6:62:f9:
f6:48:8d:a2:8e:f7:75:84:a7:6c:c7:79:d7:08:27:ce:78:0e:
1e:a6:6b:58:07:90:01:3c:d5:b6:ad:67:5f:d1:b6:6e:79:76:
17:af:19:b5:cb:33:9c:a4:8c:93:13:f6:a0:3d:59:44:92:f0:
eb:8d:c1:94:f9:b1:2c:ae:e7:b5:94:fb:9b:8e:c5:de:31:36:
0c:e6:ad:44:9b:a8:ef:2e:d9:db:9b:75:e8:0a:35:2e:9f:00:
f5:fe:f9:7d:60:22:ee:8a:54:6f:ad:82:46:5e:d7:6e:47:f2:
da:35:fe:df:11:75:ce:42:bd:f3:52:27:7b:a6:03:fa:4c:14:
44:f1:90:1c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJdF/hv5Q2Vf/WO1wCP8bztu+g5kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMDQwMDdaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1ZjI0NTg2ZjRhMTBlOGRiODhmZmI3NDhmYzBmMTUyMGYxYzA4Y2Y5ODNh
MDJmZWU3MzJhNjY0YzE0Y2FlZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIRnA2ZWZiDOTrNfcdv+PoDZRBd5aEgZBLVYXmRt2cxoC7pLkJnm+yK5HirJ
xVy9GzAf3oIG0KlUXc/sFoUVcnLGGozVYPktDfn0sbHeWmkJCAGmr4AqM1TxvPms
RFAmb6IHmxPQ3ABILNhgnZ/jyv7bxYy7yfknuqOai4yV5a3rbKkoIX+xvgVF9IHn
wSDP5B1x81xR6B+BQr4+aZJSjp3CfIn83o6kuUvHigyOXACHVxozpdguddU4PtXJ
E+iRhLyMKsrxBy91dNpU59NcMDcSXI9fg4yePOIvlelMtX4P7tj8t1RXxhpyWQB9
J6BDlTl6DQSq9AnEGThcuMf6HBsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuELmH
iADMZTSFtPSRhj6Y1vyyPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmQ3NWI5NjAtOTZhMi00NzM1LThmNzgtYTk5MDk5Y2NiNjg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HMQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAq9Lwtx4WkLUEB9WknU0PyYSNaq9V5OMv9uZ+F
d0gEB2vV9ZYJrq1cfwQciMQX3ujTJFkvOOEtVZoFPNBgGBNUZE4mAzD3JiDtSnZ0
uiVZwaWPllHnqiwN9we5gMIDsAQX+aCZB7bDlkMRPit62I2pcVwZJHycizsTdwjG
Yvn2SI2ijvd1hKdsx3nXCCfOeA4epmtYB5ABPNW2rWdf0bZueXYXrxm1yzOcpIyT
E/agPVlEkvDrjcGU+bEsrue1lPubjsXeMTYM5q1Em6jvLtnbm3XoCjUunwD1/vl9
YCLuilRvrYJGXtduR/LaNf7fEXXOQr3zUid7pgP6TBRE8ZAc
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:21:38 2025 by rpki-client