Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492df7df-ebf8-4fa1-9952-ea9391eed5cc.roa
File: 492df7df-ebf8-4fa1-9952-ea9391eed5cc.roa (raw, json)
Hash identifier: 5I4A5Gbl09TIBFYvrPvyLdJogu/LJPC+zXsWzQ/VInQ=
Subject key identifier: 89:9B:FC:91:82:28:9A:8E:A6:48:7D:5B:F2:70:DE:AA:4F:2D:35:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26580E527D45B7329D0E93B9D9099A71CBF52690
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492df7df-ebf8-4fa1-9952-ea9391eed5cc.roa
Signing time: Wed 29 Oct 2025 07:28:15 +0000
ROA not before: Wed 29 Oct 2025 07:28:15 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:58:0e:52:7d:45:b7:32:9d:0e:93:b9:d9:09:9a:71:cb:f5:26:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:28:15 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=58b4e24210c74122a563830fb078c7a19205e87022a9698fb093140cf08da7e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:29:67:8e:35:73:65:7f:16:7b:c4:6c:68:f3:
99:eb:e2:90:91:99:3a:9a:9e:57:a4:bb:0a:e9:78:
1c:74:47:21:eb:4e:39:b7:39:eb:80:46:d6:b6:f6:
d0:74:de:fe:62:23:5b:e1:d6:9e:c5:aa:ab:af:80:
6b:2e:16:51:9a:76:b9:ba:6f:68:93:44:44:fb:cf:
18:71:b6:c1:4a:47:b6:65:32:86:1d:65:0c:d5:4a:
8c:bf:d0:b2:ca:bc:b7:2d:04:64:1e:82:c1:76:69:
4c:13:5c:22:14:b2:5f:83:43:72:ce:00:21:fd:be:
57:93:9a:e2:2f:c9:75:1b:f6:ec:7e:92:8b:0b:ef:
fc:5c:a6:8d:ea:4c:0c:23:46:b7:ec:cb:11:eb:8f:
bf:f8:c5:be:56:13:6c:d8:99:b9:ce:7b:bf:9c:4f:
b2:7c:2e:50:b8:00:93:a1:2b:cf:34:0c:b1:d6:59:
f4:23:ad:27:da:3a:6f:2a:15:eb:8c:e1:cc:b4:9a:
54:9b:ad:70:84:47:66:2b:4b:a6:82:7a:89:ca:7b:
e0:b0:3d:1e:0d:c1:a3:29:0b:ad:bb:f9:dc:95:e8:
b8:b5:36:17:cc:51:84:f5:e4:b3:16:e2:ee:d4:8b:
86:f4:69:5f:c2:e0:86:39:e6:f1:32:2e:6c:36:30:
30:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9B:FC:91:82:28:9A:8E:A6:48:7D:5B:F2:70:DE:AA:4F:2D:35:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492df7df-ebf8-4fa1-9952-ea9391eed5cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:2080::/48
Signature Algorithm: sha256WithRSAEncryption
81:a4:ea:bd:af:33:ae:84:41:66:18:3e:3b:f2:fa:26:e5:02:
a7:e4:c4:93:d8:9a:97:4e:55:4b:cb:91:4b:4a:c9:3c:ee:bc:
83:eb:d1:97:08:ef:fe:ca:b6:d9:62:b5:db:6c:24:4a:af:c5:
a0:d7:86:6c:9b:cf:b0:d0:3c:20:65:c3:c1:15:a6:69:32:7e:
05:2a:00:88:b5:46:36:52:cd:8c:50:c8:ac:71:8c:9e:f9:1e:
f1:47:e4:75:4b:09:fa:9a:96:58:38:be:31:f0:ff:1c:19:3d:
fa:f8:ea:fc:95:71:6b:12:5e:e6:7f:43:c3:35:5d:18:38:88:
c2:f4:1f:c5:72:24:e2:0d:db:28:d9:da:9d:54:63:53:06:d8:
23:aa:94:67:09:b7:a6:ae:b5:80:8c:5d:05:11:ce:6e:3d:dd:
70:8f:bf:e8:a3:85:cf:12:44:df:dc:63:f4:61:05:8f:37:78:
ee:7a:9c:27:a5:22:6f:61:aa:44:93:21:28:24:de:ff:1e:51:
a3:23:89:be:ba:b4:e7:48:eb:db:b1:96:4d:30:7e:92:96:97:
dc:03:95:8d:87:8f:17:7c:7e:c1:3c:81:a8:12:99:a1:5c:78:
c3:fe:b9:8e:5b:a8:3d:4d:87:b4:90:bf:28:92:bc:4f:c8:ab:
48:e0:fe:4c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJlgOUn1FtzKdDpO52Qmaccv1JpAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzI4MTVaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4YjRlMjQyMTBjNzQxMjJhNTYzODMwZmIwNzhjN2ExOTIwNWU4NzAyMmE5
Njk4ZmIwOTMxNDBjZjA4ZGE3ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0pZ441c2V/FnvEbGjzmevikJGZOpqeV6S7Cul4HHRHIetOObc564BG1rb2
0HTe/mIjW+HWnsWqq6+Aay4WUZp2ubpvaJNERPvPGHG2wUpHtmUyhh1lDNVKjL/Q
ssq8ty0EZB6CwXZpTBNcIhSyX4NDcs4AIf2+V5Oa4i/JdRv27H6Siwvv/FymjepM
DCNGt+zLEeuPv/jFvlYTbNiZuc57v5xPsnwuULgAk6ErzzQMsdZZ9COtJ9o6byoV
64zhzLSaVJutcIRHZitLpoJ6icp74LA9Hg3BoykLrbv53JXouLU2F8xRhPXksxbi
7tSLhvRpX8Lghjnm8TIubDYwMPECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSJm/yR
giiajqZIfVvycN6qTy01WTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkyZGY3ZGYtZWJmOC00ZmExLTk5NTItZWE5MzkxZWVkNWNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gog
gDANBgkqhkiG9w0BAQsFAAOCAQEAgaTqva8zroRBZhg+O/L6JuUCp+TEk9ial05V
S8uRS0rJPO68g+vRlwjv/sq22WK122wkSq/FoNeGbJvPsNA8IGXDwRWmaTJ+BSoA
iLVGNlLNjFDIrHGMnvke8UfkdUsJ+pqWWDi+MfD/HBk9+vjq/JVxaxJe5n9DwzVd
GDiIwvQfxXIk4g3bKNnanVRjUwbYI6qUZwm3pq61gIxdBRHObj3dcI+/6KOFzxJE
39xj9GEFjzd47nqcJ6Uib2GqRJMhKCTe/x5RoyOJvrq050jr27GWTTB+kpaX3AOV
jYePF3x+wTyBqBKZoVx4w/65jluoPU2HtJC/KJK8T8irSOD+TA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:34 2025 by rpki-client