Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
File: be1170a3-5a68-4c9c-8b51-b7efde64b945.roa (raw, json)
Hash identifier: vFq5xua7VBARHpwhAlfRWxBEd/Z/n4h5S/cRInmd/Hs=
Subject key identifier: 64:15:AF:93:DB:70:E1:EE:74:09:DE:DC:66:32:22:A2:94:47:51:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 527911E875F267289AD7BE39B2CC7D479DE0155E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
Signing time: Sat 15 Nov 2025 05:30:33 +0000
ROA not before: Sat 15 Nov 2025 05:30:33 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 14:56:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:79:11:e8:75:f2:67:28:9a:d7:be:39:b2:cc:7d:47:9d:e0:15:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 05:30:33 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=88fadd0e4e2173bd6b4274e854a7e4670cadfb859dfca3f281835afcb3facf46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:00:de:6f:c9:93:bf:34:ab:e3:2f:d5:d0:eb:
c5:4d:30:cc:4d:e2:b7:03:00:35:86:fa:03:9e:8c:
06:7f:81:aa:5d:21:00:73:41:ab:82:da:ea:cb:26:
42:92:e8:ee:4f:13:f5:ac:a8:09:e4:ef:02:7e:8e:
5a:75:fc:90:84:48:6f:a0:b1:93:ce:66:a7:cb:a3:
72:f8:da:9f:ea:99:66:26:0f:39:b5:85:f3:be:41:
8e:3d:b9:2d:08:8c:cf:88:3f:81:a5:d8:d8:ee:ab:
33:0f:bd:65:a3:ec:07:29:f5:fe:53:80:6b:80:52:
00:e6:75:01:b6:f0:46:a1:f0:06:6b:1c:8a:c8:f6:
bd:f0:50:68:7f:5c:4c:1b:6c:29:f9:23:88:e1:32:
ed:6d:1d:a7:04:61:7b:9c:63:3d:42:b7:06:17:14:
c5:c2:92:9b:05:aa:e6:3a:6f:7f:f4:85:82:0a:f8:
76:72:6c:f8:3f:43:cd:54:56:0f:48:c2:c2:5b:56:
a6:61:9f:a9:15:5c:a9:3c:bc:9f:7e:36:f5:ce:82:
83:01:5d:af:de:0b:ef:34:25:de:0f:59:d8:a4:bf:
d9:8d:2d:79:4d:72:15:60:02:80:06:06:a0:46:d2:
c4:27:6b:7c:17:4d:03:77:d4:cd:14:9e:e8:22:ec:
38:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:15:AF:93:DB:70:E1:EE:74:09:DE:DC:66:32:22:A2:94:47:51:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:6000::/40
Signature Algorithm: sha256WithRSAEncryption
bc:5f:86:16:f3:f7:be:10:22:f5:01:a4:3e:92:bb:3e:33:75:
78:ec:f9:fc:a5:47:12:dc:b4:6f:94:20:00:76:ae:4e:43:95:
5c:dc:35:55:df:a8:3e:1c:b5:0f:8a:68:e4:38:03:31:99:72:
70:0e:2c:eb:50:59:87:cf:0f:0b:8a:95:e6:7c:ed:27:8d:a9:
ba:86:d8:eb:24:3c:60:84:f7:87:6d:01:b1:03:b3:ed:fc:76:
56:de:1d:a9:08:8b:a8:43:e5:c2:52:97:10:49:b2:76:a0:62:
ca:7b:8b:87:01:e6:d5:cd:da:75:1e:15:37:5f:68:64:d0:32:
ef:05:ba:d4:75:b7:0d:ad:28:d5:e6:74:04:18:85:39:29:f5:
42:30:59:94:1f:9c:ea:5a:27:43:c3:e1:8d:18:8b:a1:02:ea:
e4:6f:0d:79:f8:ca:9d:a4:f2:83:fe:bd:ce:2d:07:5a:7f:a0:
4f:7e:44:52:68:12:aa:29:28:59:ee:c1:e7:7b:8b:e3:50:e3:
5d:32:0e:83:b7:ec:05:24:64:f0:18:62:29:d8:bb:0f:65:b5:
37:6b:c8:35:07:05:04:d6:23:37:e4:a5:13:b8:a4:79:12:c1:
22:1c:f9:73:81:bd:68:ad:24:64:e8:df:da:c3:ff:0e:58:b8:
3d:e3:ce:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUnkR6HXyZyia1745ssx9R53gFV4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMTUwNTMwMzNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4ZmFkZDBlNGUyMTczYmQ2YjQyNzRlODU0YTdlNDY3MGNhZGZiODU5ZGZj
YTNmMjgxODM1YWZjYjNmYWNmNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0A3m/Jk780q+Mv1dDrxU0wzE3itwMANYb6A56MBn+Bql0hAHNBq4La6ssm
QpLo7k8T9ayoCeTvAn6OWnX8kIRIb6Cxk85mp8ujcvjan+qZZiYPObWF875Bjj25
LQiMz4g/gaXY2O6rMw+9ZaPsByn1/lOAa4BSAOZ1AbbwRqHwBmscisj2vfBQaH9c
TBtsKfkjiOEy7W0dpwRhe5xjPUK3BhcUxcKSmwWq5jpvf/SFggr4dnJs+D9DzVRW
D0jCwltWpmGfqRVcqTy8n3429c6CgwFdr94L7zQl3g9Z2KS/2Y0teU1yFWACgAYG
oEbSxCdrfBdNA3fUzRSe6CLsONkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRkFa+T
23Dh7nQJ3txmMiKilEdRODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmUxMTcwYTMtNWE2OC00YzljLThiNTEtYjdlZmRlNjRiOTQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFg
MA0GCSqGSIb3DQEBCwUAA4IBAQC8X4YW8/e+ECL1AaQ+krs+M3V47Pn8pUcS3LRv
lCAAdq5OQ5Vc3DVV36g+HLUPimjkOAMxmXJwDizrUFmHzw8LipXmfO0njam6htjr
JDxghPeHbQGxA7Pt/HZW3h2pCIuoQ+XCUpcQSbJ2oGLKe4uHAebVzdp1HhU3X2hk
0DLvBbrUdbcNrSjV5nQEGIU5KfVCMFmUH5zqWidDw+GNGIuhAurkbw15+MqdpPKD
/r3OLQdaf6BPfkRSaBKqKShZ7sHne4vjUONdMg6Dt+wFJGTwGGIp2LsPZbU3a8g1
BwUE1iM35KUTuKR5EsEiHPlzgb1orSRk6N/aw/8OWLg9486m
-----END CERTIFICATE-----
Generated at Mon Nov 17 16:31:19 2025 by rpki-client