Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c167813a-1fe2-4420-897c-8f1cda39d0d3.roa
File: c167813a-1fe2-4420-897c-8f1cda39d0d3.roa (raw, json)
Hash identifier: /oSdAt79Lx1Ydo3hdgi1aVJQ5tZyQbzJeIjssKvbiJg=
Subject key identifier: FA:A0:E8:00:2E:66:2A:B7:85:19:8A:52:14:E0:15:D6:D3:40:A6:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E31E81EEF3C152679F39F1181A7C4197C1B1D34
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c167813a-1fe2-4420-897c-8f1cda39d0d3.roa
Signing time: Wed 29 Oct 2025 07:28:14 +0000
ROA not before: Wed 29 Oct 2025 07:28:14 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:31:e8:1e:ef:3c:15:26:79:f3:9f:11:81:a7:c4:19:7c:1b:1d:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:28:14 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=a9b7808303063257df12825e3fff98ed7a0d465c74ddf23b7848ea1702625e97, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:51:67:46:79:8b:d2:9b:48:45:42:01:34:b2:
0c:18:fb:73:6f:06:fa:04:d0:a9:a9:45:e9:d1:12:
58:d0:8a:0b:7d:d3:e2:e6:ba:b8:10:2b:36:67:98:
35:47:39:c2:38:4e:f0:5b:a4:e3:a3:30:f7:1f:c7:
19:1e:e4:e4:26:e4:c9:fd:09:18:a9:b7:df:14:24:
29:0e:ef:de:3c:5f:70:e7:b4:75:d1:a4:98:06:34:
69:f7:2a:ca:45:b3:d0:80:80:a4:c6:46:2b:82:7b:
82:d4:69:4a:f4:34:79:7d:6c:c5:ba:a8:9d:64:ae:
f7:21:77:e0:da:eb:18:2b:2a:a0:fa:d5:d1:89:1b:
cd:43:a6:6d:8b:bc:51:4f:f5:cb:48:52:4f:b0:0b:
c3:25:b6:19:89:58:b5:8a:68:56:1d:a1:d0:07:dd:
8f:11:44:3d:c9:1b:0b:fe:2c:e8:c2:b6:ca:43:77:
74:53:b0:87:0e:fe:a8:32:e8:7c:bf:c1:81:42:75:
fb:ab:a5:3e:0d:d9:c6:c0:58:f0:75:c7:9d:0f:06:
14:48:d1:84:9f:61:47:4e:85:0f:d2:9a:d0:73:56:
25:0e:d2:d4:be:73:07:b7:10:0a:d9:c5:f4:49:30:
d5:80:2f:a1:39:cc:18:62:37:e9:de:8b:d9:23:91:
2a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A0:E8:00:2E:66:2A:B7:85:19:8A:52:14:E0:15:D6:D3:40:A6:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c167813a-1fe2-4420-897c-8f1cda39d0d3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:1080::/48
Signature Algorithm: sha256WithRSAEncryption
b2:c2:c8:df:bd:47:4c:ef:0f:1f:18:88:04:0a:9b:b8:3d:5a:
8b:5f:ef:ad:7b:11:70:f3:05:fa:ff:e1:9f:77:a0:57:3f:00:
e9:5c:5d:1e:90:a4:c6:0a:47:86:59:63:d7:46:46:5a:f8:53:
34:78:91:71:17:dc:3f:af:3a:da:03:05:d2:27:1f:85:ed:54:
95:c5:5a:e9:b8:18:f4:19:e0:c8:d8:95:7d:36:b3:e0:6d:db:
6d:b9:e5:f2:0c:b8:93:f9:ba:8a:c2:72:a1:e3:ff:db:0e:23:
6e:6b:01:7f:ee:2d:c7:49:93:f1:9e:0b:3f:84:ca:46:55:6e:
27:cd:f1:6b:55:b9:8b:5c:bb:bb:f2:f8:33:12:93:9b:20:86:
bd:d7:c1:22:05:57:f4:24:c9:ef:e0:2f:cc:c9:46:63:ab:4b:
e3:32:44:87:c1:67:b3:49:2a:8a:42:12:85:50:29:fa:60:c5:
60:9e:18:d5:f0:42:f1:8c:81:4a:8c:f6:9d:fc:1b:4f:c0:da:
94:71:17:48:38:64:36:55:89:4d:93:28:3e:07:86:dd:a2:91:
98:2b:d9:34:2e:d3:be:0f:4a:73:7b:8c:df:99:c6:2f:04:81:
b5:91:85:5e:04:9a:85:9a:56:de:32:dc:b3:e8:22:1d:db:f2:
6a:bc:15:6c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTjHoHu88FSZ5858RgafEGXwbHTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzI4MTRaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5Yjc4MDgzMDMwNjMyNTdkZjEyODI1ZTNmZmY5OGVkN2EwZDQ2NWM3NGRk
ZjIzYjc4NDhlYTE3MDI2MjVlOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlRZ0Z5i9KbSEVCATSyDBj7c28G+gTQqalF6dESWNCKC33T4ua6uBArNmeY
NUc5wjhO8Fuk46Mw9x/HGR7k5Cbkyf0JGKm33xQkKQ7v3jxfcOe0ddGkmAY0afcq
ykWz0ICApMZGK4J7gtRpSvQ0eX1sxbqonWSu9yF34NrrGCsqoPrV0YkbzUOmbYu8
UU/1y0hST7ALwyW2GYlYtYpoVh2h0AfdjxFEPckbC/4s6MK2ykN3dFOwhw7+qDLo
fL/BgUJ1+6ulPg3ZxsBY8HXHnQ8GFEjRhJ9hR06FD9Ka0HNWJQ7S1L5zB7cQCtnF
9Ekw1YAvoTnMGGI36d6L2SORKh8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT6oOgA
LmYqt4UZilIU4BXW00CmOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzE2NzgxM2EtMWZlMi00NDIwLTg5N2MtOGYxY2RhMzlkMGQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GoQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAssLI371HTO8PHxiIBAqbuD1ai1/vrXsRcPMF
+v/hn3egVz8A6VxdHpCkxgpHhllj10ZGWvhTNHiRcRfcP6862gMF0icfhe1UlcVa
6bgY9BngyNiVfTaz4G3bbbnl8gy4k/m6isJyoeP/2w4jbmsBf+4tx0mT8Z4LP4TK
RlVuJ83xa1W5i1y7u/L4MxKTmyCGvdfBIgVX9CTJ7+AvzMlGY6tL4zJEh8Fns0kq
ikIShVAp+mDFYJ4Y1fBC8YyBSoz2nfwbT8DalHEXSDhkNlWJTZMoPgeG3aKRmCvZ
NC7Tvg9Kc3uM35nGLwSBtZGFXgSahZpW3jLcs+giHdvyarwVbA==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:50 2025 by rpki-client