Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
File: f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa (raw, json)
Hash identifier: 7FW22PO/xArC44HjqMZQSYtm1dvm/6YvfvlolLYGcBI=
Subject key identifier: BE:40:3D:55:22:D8:49:54:0E:24:4C:BF:82:81:68:A1:0D:E0:87:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A39247FC8C373B41219DFDBE18ECC674CA1A5D8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
Signing time: Tue 21 Oct 2025 13:20:07 +0000
ROA not before: Tue 21 Oct 2025 13:20:07 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:39:24:7f:c8:c3:73:b4:12:19:df:db:e1:8e:cc:67:4c:a1:a5:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:07 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=9fd9369ee6e471a57065244a5a78de44b6a23831da0d981309b8f0cd504c7e6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:87:43:7b:38:28:84:dc:49:c3:ce:c5:b4:b8:
1a:ce:7f:63:9b:a5:9b:2e:c5:16:ac:ea:1b:b3:1d:
dc:90:ab:8c:62:fa:d1:ab:11:27:45:db:af:ac:a9:
5c:09:7a:05:5f:3c:98:35:85:aa:f1:e5:2e:e3:33:
ef:c0:3f:65:04:0f:20:11:87:ed:74:be:32:7e:03:
63:f4:87:8d:b6:a5:0a:73:3f:be:cd:ab:cd:f2:66:
e3:20:55:1b:e5:37:5f:8f:10:82:61:f2:fc:19:3b:
a7:0d:2e:1d:90:97:da:9a:8c:11:01:b8:4e:85:6b:
3c:f4:3d:68:5e:f2:6e:5d:9e:a5:76:21:2b:9e:c9:
c4:df:38:07:0d:79:31:20:9b:12:db:b8:46:c9:cc:
5c:37:3a:17:71:a3:ce:73:8b:7a:50:1c:7d:0c:93:
f1:6f:a3:7f:ee:2c:37:db:0b:cd:3e:29:13:98:30:
07:de:dd:dd:a6:4e:5e:5f:a8:ba:14:66:2b:fd:1e:
70:8e:db:07:a5:0c:c2:b2:a9:47:0a:4b:dd:58:47:
55:84:50:5e:59:6a:36:2f:0f:12:93:19:d1:a8:a7:
00:14:d4:2c:56:4a:0b:f9:64:0d:4e:35:7d:56:ea:
e7:8b:ea:58:6d:3d:fe:63:7f:41:31:4d:db:74:65:
e3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:40:3D:55:22:D8:49:54:0E:24:4C:BF:82:81:68:A1:0D:E0:87:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/36
Signature Algorithm: sha256WithRSAEncryption
56:02:d9:bc:b9:01:14:6a:29:5a:86:94:d1:7c:7d:7a:88:ce:
95:af:50:79:2e:41:46:de:7e:99:1b:d0:06:81:1b:71:9c:a3:
ce:fb:18:8e:00:00:3e:b1:33:c3:a5:3a:a3:94:6e:8d:f4:c9:
e8:78:01:e4:60:6d:0b:f3:39:d3:73:d0:71:e6:c1:50:7c:b3:
0a:ca:45:4a:c5:a9:83:02:05:c1:64:44:a6:dd:b5:cc:6c:0c:
ad:d0:2a:85:2b:f2:a4:65:9c:62:4b:3a:61:ba:9e:00:aa:fb:
6f:d9:39:63:7d:72:a9:75:6d:32:ce:de:f8:61:06:44:83:a5:
8f:cc:ef:85:89:fb:e7:57:49:ec:d1:60:52:ea:82:7a:f3:c7:
6c:26:a1:65:6d:fe:cc:8f:96:1b:c4:1a:50:93:6f:d1:30:e1:
33:29:f9:e4:ef:1e:93:ef:0a:47:e8:a5:f6:9e:4a:ad:f6:83:
e8:82:d3:eb:80:4a:f1:26:ae:31:48:47:37:08:bf:16:ec:8c:
aa:95:98:e0:bf:aa:b5:9b:4c:9c:e7:71:a5:fc:1b:34:19:aa:
cc:f4:d5:8f:fa:7d:ef:da:32:58:b6:8d:a4:97:d2:de:86:71:
72:b7:27:e5:a7:33:ea:dc:1c:fd:7c:c6:16:8b:13:44:2e:ac:
d4:c3:7c:c5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCjkkf8jDc7QSGd/b4Y7MZ0yhpdgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwMDdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmZDkzNjllZTZlNDcxYTU3MDY1MjQ0YTVhNzhkZTQ0YjZhMjM4MzFkYTBk
OTgxMzA5YjhmMGNkNTA0YzdlNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKHQ3s4KITcScPOxbS4Gs5/Y5ulmy7FFqzqG7Md3JCrjGL60asRJ0Xbr6yp
XAl6BV88mDWFqvHlLuMz78A/ZQQPIBGH7XS+Mn4DY/SHjbalCnM/vs2rzfJm4yBV
G+U3X48QgmHy/Bk7pw0uHZCX2pqMEQG4ToVrPPQ9aF7ybl2epXYhK57JxN84Bw15
MSCbEtu4RsnMXDc6F3GjznOLelAcfQyT8W+jf+4sN9sLzT4pE5gwB97d3aZOXl+o
uhRmK/0ecI7bB6UMwrKpRwpL3VhHVYRQXllqNi8PEpMZ0ainABTULFZKC/lkDU41
fVbq54vqWG09/mN/QTFN23Rl42kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS+QD1V
IthJVA4kTL+CgWihDeCHDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdmY2NjMmEtYWE4YS00Y2JjLTg5ZDctZDZhOGNhMTIxYmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQBWAtm8uQEUailahpTRfH16iM6Vr1B5LkFG3n6Z
G9AGgRtxnKPO+xiOAAA+sTPDpTqjlG6N9MnoeAHkYG0L8znTc9Bx5sFQfLMKykVK
xamDAgXBZESm3bXMbAyt0CqFK/KkZZxiSzphup4Aqvtv2TljfXKpdW0yzt74YQZE
g6WPzO+FifvnV0ns0WBS6oJ688dsJqFlbf7Mj5YbxBpQk2/RMOEzKfnk7x6T7wpH
6KX2nkqt9oPogtPrgErxJq4xSEc3CL8W7IyqlZjgv6q1m0yc53Gl/Bs0GarM9NWP
+n3v2jJYto2kl9LehnFytyflpzPq3Bz9fMYWixNELqzUw3zF
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:28 2025 by rpki-client