Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/80297c9d-2fd7-4e7a-9f18-49ac9b12c680.roa
File: 80297c9d-2fd7-4e7a-9f18-49ac9b12c680.roa (raw, json)
Hash identifier: DJ4YIQwxyTG65i6hL7QxE0bPlXbcK9HKSpzlMmpwd/o=
Subject key identifier: 71:96:49:86:77:FD:7E:9B:87:08:57:77:61:FD:CD:53:EC:8C:CF:5D
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 3FBB582287F0DF064F0FDB2A9EA6C9641FCE8025
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/80297c9d-2fd7-4e7a-9f18-49ac9b12c680.roa
Signing time: Thu 13 Nov 2025 16:51:40 +0000
ROA not before: Thu 13 Nov 2025 16:51:40 +0000
ROA not after: Thu 18 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:bb:58:22:87:f0:df:06:4f:0f:db:2a:9e:a6:c9:64:1f:ce:80:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Nov 13 16:51:40 2025 GMT
Not After : Dec 18 23:59:59 2025 GMT
Subject: serialNumber=6c8f70ddde986255a79a54ad190d3588fbfc573a4c8351cf4c68e6a9ba3e8140, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:74:00:2d:01:d4:38:ec:89:57:10:e3:f0:95:
bd:f5:f1:53:99:f2:2e:e3:be:be:6a:f3:f9:cd:76:
97:be:bb:6d:c3:f9:18:bc:d8:cb:c1:a0:07:1f:bd:
8e:de:7a:3b:fb:14:33:25:ac:24:9a:ee:cb:a8:23:
1b:66:0d:c7:26:39:7f:e2:0e:89:42:27:eb:8a:79:
e9:7d:2a:4a:2b:bb:9b:85:ab:ac:5f:22:58:df:b8:
77:87:a1:fc:c1:84:8d:39:8e:6a:c1:05:18:44:20:
6f:29:fc:cb:20:fb:26:6b:4a:14:5a:89:f2:7d:42:
d9:f9:1a:73:6d:e0:83:fd:b4:e2:aa:4e:6f:20:d6:
c7:b1:05:4d:97:84:3e:9f:5c:cb:de:3e:58:b7:6b:
5d:29:c0:82:9b:ec:6e:77:ce:8c:da:16:4a:d0:eb:
07:8b:2d:b8:5d:19:83:5a:89:6d:f7:6e:59:1e:35:
51:c2:1c:71:6a:df:db:f5:19:4a:d0:57:a6:74:85:
a9:c9:5e:59:cc:45:f6:76:c0:b1:d3:a9:7e:a6:cd:
1d:60:c4:68:10:84:83:32:c9:c5:8d:6f:27:d4:54:
3c:8c:c4:48:c0:17:94:67:76:c9:5f:26:c6:dd:fe:
c7:5e:e2:6b:92:ea:0e:ab:2f:12:67:35:e9:0c:b0:
31:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:96:49:86:77:FD:7E:9B:87:08:57:77:61:FD:CD:53:EC:8C:CF:5D
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/80297c9d-2fd7-4e7a-9f18-49ac9b12c680.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.240.0/20
Signature Algorithm: sha256WithRSAEncryption
4d:7d:e6:5f:53:6a:de:ef:29:0e:b4:3f:13:95:5d:9d:28:43:
7b:ac:07:a3:21:5c:72:80:ba:26:7c:5f:11:86:2f:54:02:67:
a3:06:92:2d:09:24:e9:64:8b:3e:6a:bf:c4:f0:74:8d:ed:35:
c6:3e:ac:af:3f:59:15:1b:c9:df:35:63:01:a4:54:b0:17:d9:
59:39:68:fb:a2:68:b2:f3:85:4c:d5:e2:b6:8b:18:03:fd:23:
9a:ba:94:db:8c:a3:ab:3c:72:83:18:82:95:41:a4:96:df:93:
27:f9:6d:af:b0:12:77:2d:3d:58:c0:8d:9b:f1:6f:95:61:a1:
9d:bd:7b:dc:cb:2b:e5:df:ca:74:9c:e8:27:8f:68:6b:bb:3a:
c1:e9:42:39:db:e0:aa:da:0e:f4:8f:48:f6:92:90:c9:51:9d:
dd:f7:8c:93:5f:a9:56:d1:9f:f7:2a:df:9e:d5:1f:ab:b2:0c:
f3:3b:13:1e:58:54:dd:69:76:8a:5e:c0:35:c4:18:c6:08:e0:
59:22:38:44:83:c7:7e:52:7c:ee:fc:ea:8f:ee:df:ef:a7:3a:
50:fc:6a:b2:87:bf:0d:78:dd:ed:06:db:c5:de:23:86:a1:51:
85:1f:d8:cb:53:f2:6b:60:04:90:ca:0f:6a:51:7e:13:cc:e8:
06:88:0b:80
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP7tYIofw3wZPD9sqnqbJZB/OgCUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNTExMTMxNjUxNDBaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjOGY3MGRkZGU5ODYyNTVhNzlhNTRhZDE5MGQzNTg4ZmJmYzU3M2E0Yzgz
NTFjZjRjNjhlNmE5YmEzZTgxNDAxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANV0AC0B1DjsiVcQ4/CVvfXxU5nyLuO+vmrz+c12l767bcP5GLzYy8GgBx+9
jt56O/sUMyWsJJruy6gjG2YNxyY5f+IOiUIn64p56X0qSiu7m4WrrF8iWN+4d4eh
/MGEjTmOasEFGEQgbyn8yyD7JmtKFFqJ8n1C2fkac23gg/204qpObyDWx7EFTZeE
Pp9cy94+WLdrXSnAgpvsbnfOjNoWStDrB4stuF0Zg1qJbfduWR41UcIccWrf2/UZ
StBXpnSFqcleWcxF9nbAsdOpfqbNHWDEaBCEgzLJxY1vJ9RUPIzESMAXlGd2yV8m
xt3+x17ia5LqDqsvEmc16QywMRECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRxlkmG
d/1+m4cIV3dh/c1T7IzPXTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ODAyOTdjOWQtMmZkNy00ZTdhLTlmMTgtNDlhYzliMTJjNjgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFN28DAN
BgkqhkiG9w0BAQsFAAOCAQEATX3mX1Nq3u8pDrQ/E5VdnShDe6wHoyFccoC6Jnxf
EYYvVAJnowaSLQkk6WSLPmq/xPB0je01xj6srz9ZFRvJ3zVjAaRUsBfZWTlo+6Jo
svOFTNXitosYA/0jmrqU24yjqzxygxiClUGklt+TJ/ltr7ASdy09WMCNm/FvlWGh
nb173Msr5d/KdJzoJ49oa7s6welCOdvgqtoO9I9I9pKQyVGd3feMk1+pVtGf9yrf
ntUfq7IM8zsTHlhU3Wl2il7ANcQYxgjgWSI4RIPHflJ87vzqj+7f76c6UPxqsoe/
DXjd7Qbbxd4jhqFRhR/Yy1Pya2AEkMoPalF+E8zoBogLgA==
-----END CERTIFICATE-----
Generated at Tue Nov 18 06:47:21 2025 by rpki-client