Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
File: a96d9971-6d4e-47a3-9408-d633699b643b.roa (raw, json)
Hash identifier: sbEASUZlVE8YdNMGheThjoLexbidLTPj+g2L+knF45o=
Subject key identifier: 4D:62:85:52:0D:73:82:6B:A2:17:71:98:8E:43:04:93:7A:51:F9:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0CCEE91AECE4596470E4AFA62A2AFD4293E991C0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
Signing time: Sat 15 Nov 2025 05:31:16 +0000
ROA not before: Sat 15 Nov 2025 05:31:16 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:ce:e9:1a:ec:e4:59:64:70:e4:af:a6:2a:2a:fd:42:93:e9:91:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 05:31:16 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=6cf18f4af8d5447ab1f584a5d44ea2c61ba354f0384f6b98936ea91ecdb611a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:26:81:08:4c:80:55:5e:bd:c4:b2:29:14:af:
06:8c:cd:8f:80:09:c3:3d:23:e1:0c:46:ab:4f:e6:
53:80:8c:2e:d4:7f:20:95:73:15:01:8f:b4:ed:1c:
0d:d1:86:ed:25:85:12:81:95:90:64:5c:bc:d5:ab:
3a:66:ca:0b:b5:c0:11:9b:56:48:ad:4a:e9:dd:fa:
72:72:41:19:7e:80:57:9a:8d:7f:05:10:9a:aa:4a:
a9:4d:d2:de:39:cf:ba:17:59:b7:dd:39:e2:de:b6:
82:8c:7f:41:ec:41:95:09:f5:3d:b2:1d:da:f6:ef:
67:25:45:58:48:02:da:30:76:a1:07:1b:39:b6:41:
78:d4:eb:aa:fc:5d:92:29:1b:f0:fa:45:59:df:c1:
3d:fa:1b:6f:74:d2:96:b4:59:cb:df:2d:9b:69:bd:
dc:d4:4b:1a:06:8b:d3:f1:9c:10:e4:c1:78:5c:d3:
f9:4f:a0:81:44:54:8e:5a:e6:ef:b2:25:eb:08:a5:
c3:88:ea:86:91:a4:48:2c:18:70:fc:fa:d1:27:f9:
4a:71:b0:fe:30:d0:d0:e4:81:a1:19:15:10:9d:4d:
56:bf:ae:9a:34:4a:b4:0e:95:5a:3c:ee:9a:11:13:
51:46:5c:ba:24:90:d4:2f:9a:3f:6a:c0:7b:48:46:
0b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:62:85:52:0D:73:82:6B:A2:17:71:98:8E:43:04:93:7A:51:F9:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:2000::/40
Signature Algorithm: sha256WithRSAEncryption
18:3c:c6:3c:08:46:01:c2:8d:7b:c2:1c:54:56:54:cb:cb:f5:
f9:52:c1:00:00:f6:b5:c9:51:71:4e:c5:0a:c4:84:6c:ea:10:
80:ff:cf:45:b0:28:69:b3:91:fd:63:7b:8d:f7:94:f2:fc:d3:
79:8c:d3:93:37:c7:93:31:0a:11:b0:45:84:5c:1b:af:b4:56:
a7:e2:de:e9:66:5d:0a:30:17:06:67:9e:ea:84:43:ad:f0:76:
a8:05:53:af:84:25:5e:67:5e:1d:59:c2:b4:de:70:e5:e6:c1:
3c:1c:45:57:1a:be:78:3b:0d:61:ee:d4:c0:34:4f:49:86:ef:
51:5f:fb:e7:17:bc:e1:a3:82:a0:ea:36:47:98:f6:fe:7f:d3:
19:2f:27:c8:35:3a:a2:9b:b4:61:77:10:d5:64:ef:d6:f5:79:
3d:28:0b:8c:df:ec:53:6e:14:ef:ca:69:fa:29:92:79:a0:34:
2c:7e:d9:d4:f9:a5:d4:3c:9e:79:80:75:78:29:1e:64:62:e8:
49:03:28:a2:06:ae:fa:5e:7f:e6:86:37:bf:8b:4e:94:e8:67:
b2:2f:6b:4f:6f:66:21:80:aa:bd:9a:8f:b6:38:43:cc:c7:50:
5e:c0:ea:c0:89:ab:6b:5e:6c:e4:6b:05:38:6e:88:f2:d3:f7:
29:a9:40:d5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDM7pGuzkWWRw5K+mKir9QpPpkcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMTUwNTMxMTZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjZjE4ZjRhZjhkNTQ0N2FiMWY1ODRhNWQ0NGVhMmM2MWJhMzU0ZjAzODRm
NmI5ODkzNmVhOTFlY2RiNjExYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEmgQhMgFVevcSyKRSvBozNj4AJwz0j4QxGq0/mU4CMLtR/IJVzFQGPtO0c
DdGG7SWFEoGVkGRcvNWrOmbKC7XAEZtWSK1K6d36cnJBGX6AV5qNfwUQmqpKqU3S
3jnPuhdZt9054t62gox/QexBlQn1PbId2vbvZyVFWEgC2jB2oQcbObZBeNTrqvxd
kikb8PpFWd/BPfobb3TSlrRZy98tm2m93NRLGgaL0/GcEOTBeFzT+U+ggURUjlrm
77Il6wilw4jqhpGkSCwYcPz60Sf5SnGw/jDQ0OSBoRkVEJ1NVr+umjRKtA6VWjzu
mhETUUZcuiSQ1C+aP2rAe0hGC0MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNYoVS
DXOCa6IXcZiOQwSTelH5DTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTk2ZDk5NzEtNmQ0ZS00N2EzLTk0MDgtZDYzMzY5OWI2NDNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4g
MA0GCSqGSIb3DQEBCwUAA4IBAQAYPMY8CEYBwo17whxUVlTLy/X5UsEAAPa1yVFx
TsUKxIRs6hCA/89FsChps5H9Y3uN95Ty/NN5jNOTN8eTMQoRsEWEXBuvtFan4t7p
Zl0KMBcGZ57qhEOt8HaoBVOvhCVeZ14dWcK03nDl5sE8HEVXGr54Ow1h7tTANE9J
hu9RX/vnF7zho4Kg6jZHmPb+f9MZLyfINTqim7RhdxDVZO/W9Xk9KAuM3+xTbhTv
ymn6KZJ5oDQsftnU+aXUPJ55gHV4KR5kYuhJAyiiBq76Xn/mhje/i06U6GeyL2tP
b2YhgKq9mo+2OEPMx1BewOrAiatrXmzkawU4bojy0/cpqUDV
-----END CERTIFICATE-----
Generated at Sat Nov 15 21:46:30 2025 by rpki-client