Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
File: fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa (raw, json)
Hash identifier: sfo+oGm9948osK1I5Li5OBTipVXeYzmZcq3S0T0KwSw=
Subject key identifier: B1:4C:72:A8:06:70:D2:1B:EC:09:FB:CC:B2:4A:3C:93:73:73:60:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B03D3E911E0002A2B6AE687A19857E7994854B4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
Signing time: Tue 21 Oct 2025 13:50:43 +0000
ROA not before: Tue 21 Oct 2025 13:50:43 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:03:d3:e9:11:e0:00:2a:2b:6a:e6:87:a1:98:57:e7:99:48:54:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:43 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=5dc86468e2e48cdd73a135cb37f77775c061c2e2a823be4121db08865413348e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:98:a5:80:65:a3:ee:f2:55:48:af:66:47:5c:
e4:90:0d:0b:f8:54:6a:b8:e3:30:93:5e:dc:c4:08:
f0:4e:c4:1c:aa:81:ba:99:21:51:8d:4f:56:be:bb:
c6:69:58:b7:0f:37:c0:ab:ad:71:6d:fa:b0:9b:29:
13:6d:10:6f:6a:9b:b8:58:b4:99:0b:69:b8:19:9a:
0b:22:db:8e:1d:ca:06:92:35:05:e0:e7:f9:a6:f9:
9e:8c:f8:c1:55:c2:29:78:0b:93:cf:f7:41:08:11:
e7:78:96:c9:72:5d:21:f5:c7:07:53:2b:be:63:dd:
16:41:87:cc:03:0a:1f:57:82:73:5e:56:41:01:1c:
86:55:40:f5:c4:a2:50:3b:31:fa:1d:b0:4b:5c:a8:
c5:bd:0c:73:21:93:1f:eb:52:52:5b:44:2c:0b:b1:
a6:5f:0b:eb:86:c2:a2:6f:8f:01:0c:08:82:47:33:
ab:8f:d4:c1:6f:b7:41:cc:57:c8:61:f1:ce:ee:ce:
c2:b6:24:c5:b5:ec:bf:93:c9:7d:9a:80:14:f8:e5:
40:ef:74:1e:98:25:66:df:ab:06:6e:37:39:f1:25:
c2:df:28:a8:3c:76:40:91:c3:ef:f8:26:c8:c8:82:
00:c4:18:d5:e0:95:c5:18:7e:67:10:e8:e1:e4:84:
92:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:4C:72:A8:06:70:D2:1B:EC:09:FB:CC:B2:4A:3C:93:73:73:60:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
4a:a3:a7:52:95:1e:5d:ae:69:f1:30:5a:dd:6b:85:fe:74:d5:
fc:c9:e7:0c:1b:75:01:47:f6:08:2c:5a:37:d3:1f:9b:69:c6:
8d:a7:fb:a5:5e:7e:64:34:27:e7:40:c5:3d:ad:c9:f1:29:39:
65:e4:bb:88:7b:b8:b5:e2:d5:7e:bb:72:34:58:cb:61:e6:07:
10:c0:5d:73:ed:6d:b1:a3:23:7d:c7:7d:a8:3b:76:1e:64:d2:
2d:02:d2:a3:70:e6:4e:b3:d0:99:d1:69:62:62:ba:a7:cf:dc:
bb:d0:17:16:b6:ec:a5:cb:19:64:10:e5:53:be:14:9b:79:f7:
8f:1a:5f:60:ad:69:fb:be:d8:f5:74:a3:26:f5:4d:f2:b1:9b:
f0:ba:ca:bb:fa:6b:ff:be:b2:28:08:bf:4d:c6:4d:a4:ac:9d:
d5:12:92:56:82:69:9d:5c:b2:7c:db:ea:bf:7c:e3:b6:01:6c:
62:6d:d8:6c:c9:ce:64:34:d2:b0:56:1c:5e:0c:56:8e:95:97:
45:b2:95:23:8b:8a:d9:82:7a:0a:f7:b3:c1:8b:c0:41:2e:14:
5b:16:49:ea:c6:41:88:dd:6c:23:ed:a6:5e:82:c6:f4:c3:ce:
e4:2c:32:60:a9:76:a4:3b:db:03:92:12:19:05:72:2b:68:25:
7d:d7:65:ef
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUewPT6RHgACorauaHoZhX55lIVLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwNDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkYzg2NDY4ZTJlNDhjZGQ3M2ExMzVjYjM3Zjc3Nzc1YzA2MWMyZTJhODIz
YmU0MTIxZGIwODg2NTQxMzM0OGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2YpYBlo+7yVUivZkdc5JANC/hUarjjMJNe3MQI8E7EHKqBupkhUY1PVr67
xmlYtw83wKutcW36sJspE20Qb2qbuFi0mQtpuBmaCyLbjh3KBpI1BeDn+ab5noz4
wVXCKXgLk8/3QQgR53iWyXJdIfXHB1MrvmPdFkGHzAMKH1eCc15WQQEchlVA9cSi
UDsx+h2wS1yoxb0McyGTH+tSUltELAuxpl8L64bCom+PAQwIgkczq4/UwW+3QcxX
yGHxzu7OwrYkxbXsv5PJfZqAFPjlQO90HpglZt+rBm43OfElwt8oqDx2QJHD7/gm
yMiCAMQY1eCVxRh+ZxDo4eSEkr8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSxTHKo
BnDSG+wJ+8yySjyTc3Ng2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNlN2EwM2ItOWU5MC00OTIxLTljNTYtNWIwYmQ0ZTYwZWQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
wDANBgkqhkiG9w0BAQsFAAOCAQEASqOnUpUeXa5p8TBa3WuF/nTV/MnnDBt1AUf2
CCxaN9Mfm2nGjaf7pV5+ZDQn50DFPa3J8Sk5ZeS7iHu4teLVfrtyNFjLYeYHEMBd
c+1tsaMjfcd9qDt2HmTSLQLSo3DmTrPQmdFpYmK6p8/cu9AXFrbspcsZZBDlU74U
m3n3jxpfYK1p+77Y9XSjJvVN8rGb8LrKu/pr/76yKAi/TcZNpKyd1RKSVoJpnVyy
fNvqv3zjtgFsYm3YbMnOZDTSsFYcXgxWjpWXRbKVI4uK2YJ6CvezwYvAQS4UWxZJ
6sZBiN1sI+2mXoLG9MPO5CwyYKl2pDvbA5ISGQVyK2glfddl7w==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:26 2025 by rpki-client