Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be43dd39-558d-4a44-9ced-00461f1d4c42.roa
File: be43dd39-558d-4a44-9ced-00461f1d4c42.roa (raw, json)
Hash identifier: MyDUv+Nv/SluLY6onCeaHDGpEQ/4T4mleVUWknkwL04=
Subject key identifier: E7:B2:D3:CB:55:0E:4D:AD:E3:99:F6:F3:FB:A5:1D:13:D9:CD:E3:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B13D7D18C9DE5C418D7184295EE4ED139D2EFDF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be43dd39-558d-4a44-9ced-00461f1d4c42.roa
Signing time: Wed 29 Oct 2025 07:36:47 +0000
ROA not before: Wed 29 Oct 2025 07:36:47 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:13:d7:d1:8c:9d:e5:c4:18:d7:18:42:95:ee:4e:d1:39:d2:ef:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:47 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=418e5f373d715288c241629d772527ade16fdd3a696bba5b42a251ecdfe068d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f2:57:53:ab:23:10:08:c9:86:c6:a1:f8:06:
b1:f1:5e:b7:15:d7:20:c5:b8:67:b6:8f:c4:0d:9c:
81:c7:82:95:b0:45:1c:7a:b1:e9:f2:fd:6c:e3:6a:
a7:e1:73:80:0f:0c:3b:35:c7:41:62:d5:aa:8b:66:
e0:37:6f:3a:0b:f1:ed:83:32:71:9c:10:18:96:38:
c0:42:d9:91:58:eb:5f:42:58:27:98:f4:89:5f:d7:
c9:5c:0f:d2:bf:bb:d5:c2:73:29:d0:c6:3b:83:10:
d6:a5:9b:ca:98:5e:bb:ba:52:76:0f:f7:d2:fc:f8:
ba:d1:57:79:5f:cd:e8:1b:a1:c3:42:36:c4:b2:a4:
90:49:a0:e7:0a:c6:ad:07:33:2d:46:2b:b3:54:38:
a8:99:80:81:9c:f0:1b:44:53:df:02:91:69:8a:7b:
57:99:a7:3e:09:65:5e:db:bf:72:28:9d:7e:e8:97:
fb:41:27:c3:ad:6b:fd:4c:a2:da:60:44:98:38:fd:
3b:4a:5c:d5:e3:f4:5d:54:03:b2:e4:70:6a:9e:65:
15:a2:66:0c:10:09:35:62:db:99:bb:fc:1e:d9:87:
a5:8a:c9:97:71:b3:57:25:6e:78:75:68:52:27:7e:
b7:a9:1b:62:c4:e5:37:b2:05:6f:21:ac:e0:51:52:
ed:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B2:D3:CB:55:0E:4D:AD:E3:99:F6:F3:FB:A5:1D:13:D9:CD:E3:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be43dd39-558d-4a44-9ced-00461f1d4c42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
47:22:d5:e7:e3:74:d1:23:f5:a0:a2:a7:91:31:44:7e:92:ca:
dd:2e:65:d3:13:19:36:48:e4:c8:d5:85:ce:f4:56:ab:52:2b:
22:12:a0:9b:86:f8:64:85:36:a7:45:81:f0:7e:4d:05:a9:ba:
e1:a8:d7:b9:e9:98:32:30:50:ad:e0:7e:12:0e:50:04:a6:d7:
a6:44:a4:ed:19:5d:4d:e7:24:70:12:a3:e0:b9:67:c1:8f:84:
55:d3:22:eb:9e:07:68:dc:35:d0:b3:24:e6:1c:62:51:82:f5:
ad:fd:66:37:1f:57:24:8c:68:4a:a5:82:80:b3:17:c3:c0:b1:
2c:b0:5d:06:c4:b4:86:65:1b:60:aa:4d:73:65:d7:41:15:67:
35:b3:d9:aa:e8:05:65:53:e0:39:f5:31:5f:d0:40:db:d0:52:
e8:8a:9a:0f:62:7b:67:9e:16:b1:4f:33:30:f8:84:bb:1d:71:
cd:08:76:30:d4:e0:d7:7e:ce:41:3f:f1:af:6d:5d:bf:1f:86:
70:81:4f:45:ad:f5:fb:38:bd:8a:60:4f:43:23:96:79:4a:b5:
28:5b:1c:c2:03:7b:ad:da:2f:b6:16:21:42:76:40:e7:13:3d:
e3:4d:ab:51:59:6c:96:6f:f2:6e:1d:2e:32:cf:55:91:64:b5:
64:32:6d:dc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKxPX0Yyd5cQY1xhCle5O0TnS798wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NDdaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxOGU1ZjM3M2Q3MTUyODhjMjQxNjI5ZDc3MjUyN2FkZTE2ZmRkM2E2OTZi
YmE1YjQyYTI1MWVjZGZlMDY4ZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvyV1OrIxAIyYbGofgGsfFetxXXIMW4Z7aPxA2cgceClbBFHHqx6fL9bONq
p+FzgA8MOzXHQWLVqotm4DdvOgvx7YMycZwQGJY4wELZkVjrX0JYJ5j0iV/XyVwP
0r+71cJzKdDGO4MQ1qWbypheu7pSdg/30vz4utFXeV/N6Buhw0I2xLKkkEmg5wrG
rQczLUYrs1Q4qJmAgZzwG0RT3wKRaYp7V5mnPgllXtu/ciidfuiX+0Enw61r/Uyi
2mBEmDj9O0pc1eP0XVQDsuRwap5lFaJmDBAJNWLbmbv8HtmHpYrJl3GzVyVueHVo
Uid+t6kbYsTlN7IFbyGs4FFS7d8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTnstPL
VQ5NreOZ9vP7pR0T2c3jHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU0M2RkMzktNTU4ZC00YTQ0LTljZWQtMDA0NjFmMWQ0YzQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Gog
MA0GCSqGSIb3DQEBCwUAA4IBAQBHItXn43TRI/WgoqeRMUR+ksrdLmXTExk2SOTI
1YXO9FarUisiEqCbhvhkhTanRYHwfk0FqbrhqNe56ZgyMFCt4H4SDlAEptemRKTt
GV1N5yRwEqPguWfBj4RV0yLrngdo3DXQsyTmHGJRgvWt/WY3H1ckjGhKpYKAsxfD
wLEssF0GxLSGZRtgqk1zZddBFWc1s9mq6AVlU+A59TFf0EDb0FLoipoPYntnnhax
TzMw+IS7HXHNCHYw1ODXfs5BP/GvbV2/H4ZwgU9FrfX7OL2KYE9DI5Z5SrUoWxzC
A3ut2i+2FiFCdkDnEz3jTatRWWyWb/JuHS4yz1WRZLVkMm3c
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:17 2025 by rpki-client