Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
File: f97778b4-85b1-4580-ac38-a4872d19261b.roa (raw, json)
Hash identifier: uUw5tt+uI/JaHgXMe6e016oP9gmdezH1iEtDQReAOJc=
Subject key identifier: 11:54:5C:42:47:E7:43:F5:13:8B:47:7A:71:3F:3F:AB:D4:92:22:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B42D215F8A097D8F85C5177704D677B01BEFE64
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
Signing time: Sat 15 Nov 2025 06:30:34 +0000
ROA not before: Sat 15 Nov 2025 06:30:34 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 21:55:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:42:d2:15:f8:a0:97:d8:f8:5c:51:77:70:4d:67:7b:01:be:fe:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 06:30:34 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=319609dc7eace145ac10d4d457a1b31f421952e4c991768513f32a74f6a8594c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ca:3b:fe:80:b0:9d:4c:d8:5e:8e:e2:b1:bf:
9a:19:5f:54:91:e2:01:aa:3c:7b:3e:0f:e4:91:b7:
5c:69:1d:ae:21:3f:d7:4d:4e:ac:14:4c:be:2a:11:
fe:4d:e2:58:23:58:e3:3f:0e:a8:92:a2:88:2d:8c:
84:63:63:d6:9a:88:7d:6b:1e:4f:75:e7:52:38:bd:
bf:b3:ee:8f:56:f9:39:5e:ed:ef:d5:b4:d0:bb:e9:
3c:6b:d2:a5:f5:13:c8:b9:4e:ab:1e:69:41:fa:e8:
77:be:90:cf:6f:53:ff:fc:a6:e7:0b:50:b3:60:53:
68:f8:76:5d:db:4e:5c:60:70:d1:1f:ee:d0:52:5c:
0d:5a:9d:62:16:70:64:be:62:84:6e:96:48:ed:ac:
ec:04:93:77:19:ed:6a:bb:a8:ed:bc:4a:50:03:1f:
de:19:15:b1:22:54:1f:79:4a:1a:cd:11:9b:13:d2:
eb:92:0c:d9:d0:c6:9f:ee:ef:1b:a9:b2:17:dc:bb:
9e:3a:2f:af:31:fa:26:f0:a5:b2:59:59:e7:ed:7e:
a4:14:77:a7:fa:bb:c5:89:d4:7c:b2:f2:de:ff:30:
94:30:1a:19:38:92:7b:19:30:d7:9f:04:6f:a6:e2:
62:39:2f:f6:0b:ac:30:ff:51:ce:5b:c4:54:57:f4:
8d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:54:5C:42:47:E7:43:F5:13:8B:47:7A:71:3F:3F:AB:D4:92:22:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:5000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:89:4a:2b:6d:e2:8c:09:97:25:01:66:67:ce:f6:3d:67:bf:
34:99:c8:ee:89:65:94:0e:ef:0c:1d:30:15:15:63:fc:3c:f6:
89:e7:a7:35:3e:be:74:f4:b2:bb:cc:82:30:82:64:57:0b:84:
c3:5f:95:bd:a6:0b:d0:7b:62:f3:e1:6a:3f:7e:22:60:a4:ee:
71:00:ab:1f:d0:62:06:09:31:6d:c3:ce:70:91:b0:e6:16:d6:
c0:8f:d2:5e:cf:41:0a:96:f9:11:6a:e5:e1:5f:b8:58:4a:f7:
5a:ed:fe:99:be:c4:36:5d:dc:1d:1e:98:c4:59:9c:10:45:29:
1e:e3:39:d6:e9:70:b1:88:23:7e:5b:4c:54:61:27:80:3a:a8:
c9:2e:7a:08:41:62:3c:48:a3:97:9c:1d:9d:fb:1e:e8:e0:93:
dc:e7:8b:39:81:09:79:af:81:19:98:e8:40:52:0d:c7:8a:3b:
de:d6:b1:72:93:ec:9f:b7:53:2b:90:f3:f7:21:9e:fc:63:a6:
e8:70:2b:c8:88:43:8f:f1:98:99:b5:88:cb:69:d2:3d:ea:7d:
83:df:0c:ad:ab:ba:0c:79:43:81:5e:48:d2:b3:d2:20:87:ac:
4e:6d:79:a1:fc:de:69:4b:2b:27:04:11:54:97:33:1c:83:f7:
13:6d:6d:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS0LSFfigl9j4XFF3cE1newG+/mQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMTUwNjMwMzRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxOTYwOWRjN2VhY2UxNDVhYzEwZDRkNDU3YTFiMzFmNDIxOTUyZTRjOTkx
NzY4NTEzZjMyYTc0ZjZhODU5NGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJnKO/6AsJ1M2F6O4rG/mhlfVJHiAao8ez4P5JG3XGkdriE/101OrBRMvioR
/k3iWCNY4z8OqJKiiC2MhGNj1pqIfWseT3XnUji9v7Puj1b5OV7t79W00LvpPGvS
pfUTyLlOqx5pQfrod76Qz29T//ym5wtQs2BTaPh2XdtOXGBw0R/u0FJcDVqdYhZw
ZL5ihG6WSO2s7ASTdxntaruo7bxKUAMf3hkVsSJUH3lKGs0RmxPS65IM2dDGn+7v
G6myF9y7njovrzH6JvClsllZ5+1+pBR3p/q7xYnUfLLy3v8wlDAaGTiSexkw158E
b6biYjkv9gusMP9RzlvEVFf0jdcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQRVFxC
R+dD9ROLR3pxPz+r1JIidDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjk3Nzc4YjQtODViMS00NTgwLWFjMzgtYTQ4NzJkMTkyNjFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCoiUorbeKMCZclAWZnzvY9Z780mcjuiWWUDu8M
HTAVFWP8PPaJ56c1Pr509LK7zIIwgmRXC4TDX5W9pgvQe2Lz4Wo/fiJgpO5xAKsf
0GIGCTFtw85wkbDmFtbAj9Jez0EKlvkRauXhX7hYSvda7f6ZvsQ2XdwdHpjEWZwQ
RSke4znW6XCxiCN+W0xUYSeAOqjJLnoIQWI8SKOXnB2d+x7o4JPc54s5gQl5r4EZ
mOhAUg3Hijve1rFyk+yft1MrkPP3IZ78Y6bocCvIiEOP8ZiZtYjLadI96n2D3wyt
q7oMeUOBXkjSs9Igh6xObXmh/N5pSysnBBFUlzMcg/cTbW2z
-----END CERTIFICATE-----
Generated at Tue Nov 18 02:30:55 2025 by rpki-client