Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/26edcf2c-2157-4412-a725-5f726d1db93b.roa
File: 26edcf2c-2157-4412-a725-5f726d1db93b.roa (raw, json)
Hash identifier: HUEzlYbPUZNVnF3KvSwIxQ3WLW/AX9ZRRDw9i/1oBfo=
Subject key identifier: 19:D1:1C:30:19:FB:D1:79:4D:D1:D5:79:8A:CB:71:AB:16:ED:28:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C1E21F7489030A99A32C424A24948E435A5A13F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/26edcf2c-2157-4412-a725-5f726d1db93b.roa
Signing time: Wed 29 Oct 2025 07:36:44 +0000
ROA not before: Wed 29 Oct 2025 07:36:44 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:1e:21:f7:48:90:30:a9:9a:32:c4:24:a2:49:48:e4:35:a5:a1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:44 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=4159364f3072b6a9631eff9072e49f9cc7587687b6526f4f9107ccfc8a90f946, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e5:85:5d:89:de:9e:41:84:18:48:b2:77:38:
6d:0e:8d:d2:38:58:b9:75:a3:de:af:73:1a:c9:cf:
2c:17:24:2f:c5:ec:f0:79:1b:e4:46:94:4e:b9:30:
ee:a4:57:db:e7:50:ce:90:63:40:7c:92:50:d5:8d:
c6:b2:b5:37:d5:33:aa:f6:e6:6a:63:41:63:07:db:
c8:6d:84:93:e3:17:9f:7e:c5:d4:9d:31:bf:e3:5c:
96:55:32:ab:a8:04:5b:d7:58:64:aa:af:b7:62:52:
98:9d:93:8a:cd:2f:1a:59:c1:98:37:f1:1b:76:4e:
84:0f:d0:ab:e7:e6:67:e7:23:d3:74:05:2c:8e:da:
a4:7a:d3:b8:0a:17:c3:d4:50:90:9d:a0:c5:a3:51:
87:83:97:6a:22:f4:53:1c:7a:5d:0d:14:9d:f4:86:
f3:ec:57:e4:0a:b9:47:92:71:bc:d8:68:c0:af:c1:
93:a2:9d:a6:26:6a:17:64:cc:ba:0e:a3:e5:90:c1:
86:96:f7:dd:82:4a:62:49:f0:52:2f:ad:bb:93:46:
d3:00:d9:7a:a7:4b:5e:c7:d4:f4:97:e4:29:4b:09:
cd:cb:b4:73:ce:d5:41:5a:a9:10:cd:6f:15:f2:79:
9f:9f:ed:f3:8a:bd:10:dc:34:8b:11:75:22:04:82:
e2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D1:1C:30:19:FB:D1:79:4D:D1:D5:79:8A:CB:71:AB:16:ED:28:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/26edcf2c-2157-4412-a725-5f726d1db93b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
c8:8c:5e:b7:a4:fe:ca:64:c1:df:a9:2a:c6:e1:c0:06:7d:67:
94:c8:e3:68:9e:46:22:5f:bf:e7:38:34:c0:b4:a5:54:03:c3:
97:46:09:85:fe:1c:73:01:75:e0:57:ec:b1:02:94:bf:f4:10:
c1:aa:84:f2:54:1a:a0:ef:43:88:01:98:90:21:c7:30:27:57:
e1:fd:e6:24:c3:db:62:b8:60:07:63:4e:92:7c:5b:c1:62:ae:
07:33:f9:5b:f9:4e:28:8f:8b:0a:d1:e6:f2:69:99:e6:24:d2:
f9:e0:67:8d:d7:36:0a:b4:ac:98:b0:f3:c3:20:b4:b4:26:6f:
50:02:b1:9d:df:88:b1:b9:5e:7a:73:de:49:8d:1f:1b:73:d4:
16:29:d5:6e:db:64:20:70:84:69:02:7d:33:88:a3:87:6b:38:
26:19:1c:7f:f8:d9:c1:e3:18:5d:a6:9e:56:97:53:c2:35:73:
db:23:48:36:98:78:d3:d0:4f:c8:3a:72:26:c7:50:3d:5d:90:
db:d9:f1:6d:e8:08:4d:16:5c:91:2d:13:ec:01:2d:f0:61:3f:
79:42:7c:a9:55:91:c8:64:49:0d:3a:0a:47:c0:42:74:98:08:
a3:d0:78:33:8d:7d:36:64:3d:9e:40:5f:42:e3:0d:54:4b:73:
17:bd:0f:d0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTB4h90iQMKmaMsQkoklI5DWloT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NDRaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxNTkzNjRmMzA3MmI2YTk2MzFlZmY5MDcyZTQ5ZjljYzc1ODc2ODdiNjUy
NmY0ZjkxMDdjY2ZjOGE5MGY5NDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzlhV2J3p5BhBhIsnc4bQ6N0jhYuXWj3q9zGsnPLBckL8Xs8Hkb5EaUTrkw
7qRX2+dQzpBjQHySUNWNxrK1N9UzqvbmamNBYwfbyG2Ek+MXn37F1J0xv+NcllUy
q6gEW9dYZKqvt2JSmJ2Tis0vGlnBmDfxG3ZOhA/Qq+fmZ+cj03QFLI7apHrTuAoX
w9RQkJ2gxaNRh4OXaiL0Uxx6XQ0UnfSG8+xX5Aq5R5JxvNhowK/Bk6KdpiZqF2TM
ug6j5ZDBhpb33YJKYknwUi+tu5NG0wDZeqdLXsfU9JfkKUsJzcu0c87VQVqpEM1v
FfJ5n5/t84q9ENw0ixF1IgSC4pMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQZ0Rww
GfvReU3R1XmKy3GrFu0oPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjZlZGNmMmMtMjE1Ny00NDEyLWE3MjUtNWY3MjZkMWRiOTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GrA
wDANBgkqhkiG9w0BAQsFAAOCAQEAyIxet6T+ymTB36kqxuHABn1nlMjjaJ5GIl+/
5zg0wLSlVAPDl0YJhf4ccwF14FfssQKUv/QQwaqE8lQaoO9DiAGYkCHHMCdX4f3m
JMPbYrhgB2NOknxbwWKuBzP5W/lOKI+LCtHm8mmZ5iTS+eBnjdc2CrSsmLDzwyC0
tCZvUAKxnd+IsbleenPeSY0fG3PUFinVbttkIHCEaQJ9M4ijh2s4Jhkcf/jZweMY
XaaeVpdTwjVz2yNINph409BPyDpyJsdQPV2Q29nxbegITRZckS0T7AEt8GE/eUJ8
qVWRyGRJDToKR8BCdJgIo9B4M419NmQ9nkBfQuMNVEtzF70P0A==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:45 2025 by rpki-client