Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
File: f7a46ea9-b416-4218-a790-28cf84d702ce.roa (raw, json)
Hash identifier: pJTUoY+xWIo4Cbh55TDY602YFapHJBA/cdzBX0O73V4=
Subject key identifier: CB:44:95:46:62:84:60:E1:AF:10:ED:1A:53:44:25:58:D8:9C:A4:E9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FEABDB26CFE8B7E0C18DC4521FA6A7E6A39BDA3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
Signing time: Tue 21 Oct 2025 13:20:51 +0000
ROA not before: Tue 21 Oct 2025 13:20:51 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d026::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:ea:bd:b2:6c:fe:8b:7e:0c:18:dc:45:21:fa:6a:7e:6a:39:bd:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:51 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=46295ff6fe81b797576aba01834f7496bce81a7040c9600ad7c2b6a692895142, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fd:6e:c6:ee:f1:bc:49:b0:c6:28:db:0b:4f:
06:e2:a5:d4:71:d3:7b:80:58:e8:f8:61:55:e5:51:
54:49:28:12:97:8f:96:72:ee:ff:89:d4:a5:18:52:
1c:8d:79:9d:57:9d:62:11:a3:3c:83:51:06:72:b5:
f1:e2:75:ab:e3:64:7d:8b:be:a1:d3:43:f2:68:38:
a6:67:ed:b0:11:86:1f:1c:88:b0:02:bc:2e:42:0e:
25:b9:e5:64:b7:fe:ad:9b:59:9f:ae:6c:57:42:48:
a7:d1:da:2a:5f:24:28:53:13:69:dd:64:e9:a4:8f:
b2:3b:bc:f5:39:ec:ce:37:2d:02:cd:05:1f:85:27:
7c:81:2d:f2:a0:46:9e:95:61:cd:3d:0b:2e:b7:c6:
93:56:46:e6:12:c8:2b:8e:92:d4:d1:3f:1d:83:6d:
91:f0:61:ee:3b:6d:30:87:c2:7b:ab:e9:73:c0:da:
2c:65:8b:fb:51:13:99:13:09:35:8e:c1:fd:b2:0f:
89:e7:1f:73:33:12:0f:2e:8b:a3:31:19:6c:ce:a0:
e8:dd:cb:66:52:4c:5b:ba:d2:86:44:9a:92:d8:36:
11:67:4d:53:92:be:0a:3e:20:19:4f:cf:26:77:8f:
b9:13:0c:ad:6d:a0:6d:f6:d1:61:61:6c:7d:ff:60:
a0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:44:95:46:62:84:60:E1:AF:10:ED:1A:53:44:25:58:D8:9C:A4:E9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d026::/36
Signature Algorithm: sha256WithRSAEncryption
4a:11:70:d7:18:c1:e2:aa:84:87:b4:83:11:cf:80:0c:2f:09:
35:df:84:f4:f1:e2:36:20:3c:3b:be:de:ab:f5:71:07:24:dd:
0b:0f:1c:ce:d3:c5:c3:63:a4:5a:4e:e1:40:3f:1c:7e:c2:96:
a6:8c:61:7d:f5:62:b7:ec:d7:72:38:0f:63:84:a2:d6:48:db:
1d:a8:b6:17:29:8b:a5:d7:f3:e4:41:2d:73:54:ce:17:7b:6f:
85:d8:8f:b7:1f:da:f0:29:8f:b9:00:a8:fb:84:37:d9:c8:1a:
4c:a4:53:bb:c7:99:cd:fb:6e:44:50:34:ee:8c:7b:66:a4:e0:
97:80:da:23:88:5f:a3:0d:a1:b6:c2:dc:26:e7:6b:a6:77:f7:
4e:b3:dc:a9:b5:d8:e3:b8:f2:fd:7f:92:42:d8:b0:40:85:9b:
8e:31:3a:0b:bf:a2:be:75:a9:c7:22:2f:be:ce:bb:74:64:05:
ee:14:78:66:e6:a6:d5:6f:47:40:59:c4:76:41:3a:b7:35:aa:
ce:89:e6:75:65:37:14:51:ec:8f:cd:6d:85:0a:59:17:82:54:
57:f9:a9:6c:17:61:db:e4:44:ab:56:aa:0a:6b:ab:4e:af:55:
15:75:98:b8:82:f8:0a:1a:b5:08:4f:c2:b5:5a:74:cb:50:16:
a9:6e:8b:33
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP+q9smz+i34MGNxFIfpqfmo5vaMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwNTFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2Mjk1ZmY2ZmU4MWI3OTc1NzZhYmEwMTgzNGY3NDk2YmNlODFhNzA0MGM5
NjAwYWQ3YzJiNmE2OTI4OTUxNDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/9bsbu8bxJsMYo2wtPBuKl1HHTe4BY6PhhVeVRVEkoEpePlnLu/4nUpRhS
HI15nVedYhGjPINRBnK18eJ1q+NkfYu+odND8mg4pmftsBGGHxyIsAK8LkIOJbnl
ZLf+rZtZn65sV0JIp9HaKl8kKFMTad1k6aSPsju89TnszjctAs0FH4UnfIEt8qBG
npVhzT0LLrfGk1ZG5hLIK46S1NE/HYNtkfBh7jttMIfCe6vpc8DaLGWL+1ETmRMJ
NY7B/bIPiecfczMSDy6LozEZbM6g6N3LZlJMW7rShkSaktg2EWdNU5K+Cj4gGU/P
JnePuRMMrW2gbfbRYWFsff9goAsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTLRJVG
YoRg4a8Q7RpTRCVY2Jyk6TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdhNDZlYTktYjQxNi00MjE4LWE3OTAtMjhjZjg0ZDcwMmNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBKEXDXGMHiqoSHtIMRz4AMLwk134T08eI2IDw7
vt6r9XEHJN0LDxzO08XDY6RaTuFAPxx+wpamjGF99WK37NdyOA9jhKLWSNsdqLYX
KYul1/PkQS1zVM4Xe2+F2I+3H9rwKY+5AKj7hDfZyBpMpFO7x5nN+25EUDTujHtm
pOCXgNojiF+jDaG2wtwm52umd/dOs9yptdjjuPL9f5JC2LBAhZuOMToLv6K+danH
Ii++zrt0ZAXuFHhm5qbVb0dAWcR2QTq3NarOieZ1ZTcUUeyPzW2FClkXglRX+als
F2Hb5ESrVqoKa6tOr1UVdZi4gvgKGrUIT8K1WnTLUBapbosz
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:53 2025 by rpki-client