Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe23a487-e74a-4340-a0c6-7710a2393d63.roa
File: fe23a487-e74a-4340-a0c6-7710a2393d63.roa (raw, json)
Hash identifier: D8Gh4G7D7/g1SPEmcf0cw/RDsnILbN5sovITYi1vBkI=
Subject key identifier: 17:DD:8E:EF:77:C1:83:14:CE:25:2F:18:59:FC:1B:90:46:A2:F9:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40155E392FCDAFBBE6C1954849FE4CE80D231DDC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe23a487-e74a-4340-a0c6-7710a2393d63.roa
Signing time: Wed 29 Oct 2025 07:28:18 +0000
ROA not before: Wed 29 Oct 2025 07:28:18 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:15:5e:39:2f:cd:af:bb:e6:c1:95:48:49:fe:4c:e8:0d:23:1d:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:28:18 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=3d3d0138fb665b8b50ea31d3932832b7f98ef59bef4bb310b43288677226f51f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d4:07:a9:90:72:56:9e:39:3c:c8:06:6d:be:
cc:d2:2d:1d:69:11:45:68:83:72:83:76:b9:6c:bf:
0f:57:d6:e3:08:32:36:f3:50:d2:63:b3:8e:9a:b5:
96:85:d9:4b:07:4d:df:09:bb:20:fc:f8:87:2c:d0:
d3:e6:13:07:4b:58:ab:21:db:cc:5a:75:26:8b:e3:
d9:ee:52:c6:6c:5b:55:b1:c6:ad:c1:a1:41:7e:5a:
1c:88:d2:93:61:53:c1:4e:1d:27:8e:a2:00:03:8b:
b8:ac:b0:07:87:23:55:ea:fb:21:52:ef:37:d8:c9:
7a:47:2a:c2:fe:9c:49:26:c9:25:26:28:3c:30:86:
c2:e8:6c:95:13:66:94:27:cf:9c:a5:c5:f2:93:7c:
76:28:ee:e8:d5:0f:c6:6a:30:8e:03:19:71:46:8c:
b6:c4:12:24:92:3b:a0:08:75:85:89:3c:33:c8:f7:
76:b2:19:68:80:39:c6:ed:55:df:d3:fe:bf:e6:5c:
88:6c:f6:e6:1a:2a:89:79:7c:fe:e1:1a:2c:1d:61:
ec:e6:f4:8c:42:ef:1c:18:75:87:bf:2c:c4:a8:57:
e5:89:0e:86:b3:52:20:d8:3f:6d:57:a6:d6:17:7e:
a6:14:28:ff:fc:d8:e0:cb:9c:64:13:24:81:f0:25:
03:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:DD:8E:EF:77:C1:83:14:CE:25:2F:18:59:FC:1B:90:46:A2:F9:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe23a487-e74a-4340-a0c6-7710a2393d63.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:5080::/48
Signature Algorithm: sha256WithRSAEncryption
51:93:ca:f6:95:b9:27:51:21:a6:2c:41:bd:65:1f:90:b3:32:
67:1d:cf:7f:43:9b:ee:c2:54:5e:7f:d2:63:a5:f2:ee:4a:aa:
dc:88:20:69:6a:19:fb:bd:8d:83:c9:0e:a8:f1:b7:75:ec:f8:
12:39:2b:53:76:75:7a:9b:27:24:2a:37:59:11:f5:d8:b3:f0:
66:c0:99:33:3e:5a:a1:2c:83:e3:fa:4c:f7:1e:04:91:4a:37:
ad:88:d6:2e:66:fe:7b:f0:0a:32:c0:b0:58:79:e9:89:1b:9e:
fc:cc:ad:38:ce:1b:49:9b:e4:37:a7:4f:93:4b:a3:ae:9a:38:
be:d6:93:96:e1:20:44:6d:0a:21:76:60:9f:45:2b:bc:30:2a:
d3:4f:32:05:13:76:d1:04:12:0e:aa:6c:4c:f1:eb:bc:52:7b:
82:35:30:0e:21:ca:80:7d:e7:1b:25:9f:b9:b2:aa:40:80:b5:
81:57:16:c5:ca:21:4d:e6:e5:0a:bf:67:02:45:dd:2e:af:e3:
4b:2a:67:be:96:33:cf:8c:cb:0d:85:85:a4:25:ba:3d:de:d3:
17:0a:ed:fa:f5:b1:e5:39:73:36:87:ae:a5:29:3b:3e:c2:13:
64:5e:61:40:34:fc:7b:dd:af:c3:71:91:da:17:2b:4a:49:a5:
a6:43:8e:70
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQBVeOS/Nr7vmwZVISf5M6A0jHdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzI4MThaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkM2QwMTM4ZmI2NjViOGI1MGVhMzFkMzkzMjgzMmI3Zjk4ZWY1OWJlZjRi
YjMxMGI0MzI4ODY3NzIyNmY1MWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3UB6mQclaeOTzIBm2+zNItHWkRRWiDcoN2uWy/D1fW4wgyNvNQ0mOzjpq1
loXZSwdN3wm7IPz4hyzQ0+YTB0tYqyHbzFp1Jovj2e5SxmxbVbHGrcGhQX5aHIjS
k2FTwU4dJ46iAAOLuKywB4cjVer7IVLvN9jJekcqwv6cSSbJJSYoPDCGwuhslRNm
lCfPnKXF8pN8diju6NUPxmowjgMZcUaMtsQSJJI7oAh1hYk8M8j3drIZaIA5xu1V
39P+v+ZciGz25hoqiXl8/uEaLB1h7Ob0jELvHBh1h78sxKhX5YkOhrNSINg/bVem
1hd+phQo//zY4MucZBMkgfAlA8UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQX3Y7v
d8GDFM4lLxhZ/BuQRqL5VjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmUyM2E0ODctZTc0YS00MzQwLWEwYzYtNzcxMGEyMzkzZDYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GpQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAUZPK9pW5J1EhpixBvWUfkLMyZx3Pf0Ob7sJU
Xn/SY6Xy7kqq3IggaWoZ+72Ng8kOqPG3dez4EjkrU3Z1epsnJCo3WRH12LPwZsCZ
Mz5aoSyD4/pM9x4EkUo3rYjWLmb+e/AKMsCwWHnpiRue/MytOM4bSZvkN6dPk0uj
rpo4vtaTluEgRG0KIXZgn0UrvDAq008yBRN20QQSDqpsTPHrvFJ7gjUwDiHKgH3n
GyWfubKqQIC1gVcWxcohTeblCr9nAkXdLq/jSypnvpYzz4zLDYWFpCW6Pd7TFwrt
+vWx5TlzNoeupSk7PsITZF5hQDT8e92vw3GR2hcrSkmlpkOOcA==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:41 2025 by rpki-client