Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8feef1e-9058-4b34-a7f2-24e5e044fea2.roa
File: e8feef1e-9058-4b34-a7f2-24e5e044fea2.roa (raw, json)
Hash identifier: hQQ+glEH6MecVBeGflp7lzb8grZc9xh3eEZAkyxzS3E=
Subject key identifier: 22:42:A5:1F:A8:52:97:9C:F0:41:0B:59:9C:51:05:F8:9A:93:1D:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27C7EDEFE91AB03D9D5192BE13C2FA046ECC8F4E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8feef1e-9058-4b34-a7f2-24e5e044fea2.roa
Signing time: Tue 04 Nov 2025 02:50:45 +0000
ROA not before: Tue 04 Nov 2025 02:50:45 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:c7:ed:ef:e9:1a:b0:3d:9d:51:92:be:13:c2:fa:04:6e:cc:8f:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:45 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=da2c45d0e7018f312a4a5a2c7396857bf34b0bb719b28318c305df8fd5fa2911, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3e:84:4c:cc:8c:f4:99:12:b1:42:f5:be:8a:
93:2b:01:64:3a:6e:f6:9e:23:17:2f:6a:be:fa:a9:
ae:aa:46:83:1d:cf:17:1f:af:b2:60:01:e7:3f:8a:
13:24:55:9f:cf:55:a5:10:7b:84:fd:f0:d5:cb:90:
9a:3e:c9:3d:0d:30:6e:4b:7d:32:a7:71:f9:19:7a:
eb:29:71:a8:a6:08:9e:c1:fb:ec:fd:5f:5c:07:31:
b9:11:1b:e0:7a:91:bc:4d:86:89:0f:15:d9:d1:68:
d9:b8:cb:e2:72:af:25:e1:29:a3:9c:f9:c7:4a:a9:
f9:b6:d1:a9:8d:e5:a1:06:33:1b:96:5a:e0:f2:9e:
e1:94:95:a2:ea:8c:1c:55:af:3e:a1:cc:d2:a8:8c:
7c:db:30:2f:0a:02:8f:09:55:2a:31:56:aa:9f:fb:
b5:2c:d7:0b:94:21:ba:4f:a8:32:22:a3:52:bf:e7:
f8:83:44:b2:72:66:7d:9e:a7:21:d7:41:f4:0e:d6:
9b:d6:14:ec:33:b9:06:30:67:d4:bd:13:db:55:6c:
75:f2:f7:0e:ab:eb:33:c6:21:6b:9e:d3:92:e6:dd:
0c:9a:d9:68:27:b1:f1:77:1d:95:e5:83:75:38:fe:
81:8a:ca:df:2e:9a:e5:bf:9d:aa:fa:a7:19:0d:a8:
9a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:42:A5:1F:A8:52:97:9C:F0:41:0B:59:9C:51:05:F8:9A:93:1D:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8feef1e-9058-4b34-a7f2-24e5e044fea2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:e000::/40
Signature Algorithm: sha256WithRSAEncryption
84:80:ac:be:bb:5f:c4:40:45:ba:fc:fc:6c:e2:88:5d:f2:06:
eb:72:cb:cd:ee:07:8e:d3:23:77:a4:7d:4a:5f:b3:11:1a:c8:
06:e8:42:3c:b8:77:0d:ec:cc:7f:35:6f:93:89:0e:60:86:cb:
5f:5a:8e:6b:5b:c0:7a:34:1b:65:5a:45:ec:d3:13:1c:13:dd:
fc:cc:83:0e:b7:ab:e3:d4:83:80:af:91:e6:6c:33:45:e5:95:
58:c4:92:74:04:1d:29:32:71:c4:dd:8b:f1:db:7b:36:2c:17:
91:c2:dd:11:4d:cd:cb:36:70:ea:45:b5:95:0e:25:b8:20:4c:
aa:4a:d2:a8:89:8a:aa:6b:a0:6e:d6:b8:07:1e:8b:ee:76:8b:
45:b2:14:00:29:9a:fe:1c:44:72:e8:23:19:d8:08:6b:c5:22:
86:4c:46:de:de:6a:24:b8:e6:03:e7:18:04:bc:57:56:5e:c0:
c8:83:8e:c4:03:ab:fb:e0:ec:2b:35:f3:34:f3:ab:d6:0f:d6:
a4:27:04:4f:b9:2d:cf:0c:59:68:fc:ab:d1:a0:5d:99:3c:b9:
35:16:80:fb:36:94:07:8f:0b:e3:1b:4e:52:2f:63:a5:ce:de:
b8:b4:68:92:38:53:7a:4b:d8:28:e5:cc:4e:fc:05:b4:20:df:
b9:47:2f:26
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJ8ft7+kasD2dUZK+E8L6BG7Mj04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwNDVaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhMmM0NWQwZTcwMThmMzEyYTRhNWEyYzczOTY4NTdiZjM0YjBiYjcxOWIy
ODMxOGMzMDVkZjhmZDVmYTI5MTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALw+hEzMjPSZErFC9b6KkysBZDpu9p4jFy9qvvqprqpGgx3PFx+vsmAB5z+K
EyRVn89VpRB7hP3w1cuQmj7JPQ0wbkt9Mqdx+Rl66ylxqKYInsH77P1fXAcxuREb
4HqRvE2GiQ8V2dFo2bjL4nKvJeEpo5z5x0qp+bbRqY3loQYzG5Za4PKe4ZSVouqM
HFWvPqHM0qiMfNswLwoCjwlVKjFWqp/7tSzXC5Qhuk+oMiKjUr/n+INEsnJmfZ6n
IddB9A7Wm9YU7DO5BjBn1L0T21VsdfL3DqvrM8Yha57TkubdDJrZaCex8XcdleWD
dTj+gYrK3y6a5b+dqvqnGQ2omm0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQiQqUf
qFKXnPBBC1mcUQX4mpMdrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZThmZWVmMWUtOTA1OC00YjM0LWE3ZjItMjRlNWUwNDRmZWEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTg
MA0GCSqGSIb3DQEBCwUAA4IBAQCEgKy+u1/EQEW6/Pxs4ohd8gbrcsvN7geO0yN3
pH1KX7MRGsgG6EI8uHcN7Mx/NW+TiQ5ghstfWo5rW8B6NBtlWkXs0xMcE938zIMO
t6vj1IOAr5HmbDNF5ZVYxJJ0BB0pMnHE3Yvx23s2LBeRwt0RTc3LNnDqRbWVDiW4
IEyqStKoiYqqa6Bu1rgHHovudotFshQAKZr+HERy6CMZ2AhrxSKGTEbe3mokuOYD
5xgEvFdWXsDIg47EA6v74OwrNfM086vWD9akJwRPuS3PDFlo/KvRoF2ZPLk1FoD7
NpQHjwvjG05SL2Olzt64tGiSOFN6S9go5cxO/AW0IN+5Ry8m
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:28:34 2025 by rpki-client