Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
File: fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa (raw, json)
Hash identifier: L3i2ZB4KnX+ietx156MqwTzepGVBSXm+tzfMJUJNbDY=
Subject key identifier: F3:91:72:4C:16:53:9C:EF:61:B8:CF:D8:3E:EA:85:7A:89:ED:59:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FAB059FEC4C59CFBDA4A741F3BB7B2BEC891EFD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
Signing time: Mon 01 Sep 2025 20:01:40 +0000
ROA not before: Mon 01 Sep 2025 20:01:40 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:ab:05:9f:ec:4c:59:cf:bd:a4:a7:41:f3:bb:7b:2b:ec:89:1e:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:01:40 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=b22fa8aa210c56f694ce4bb7bb2e3852e337882718ed202f66cf7e3378e14755, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ec:eb:17:8f:b0:eb:29:dc:f3:05:7e:eb:45:
7d:52:d9:1c:a6:cd:38:da:8b:b7:79:73:77:d0:50:
b9:bc:c6:05:9c:97:4f:bd:be:16:8d:ca:3c:5b:4a:
3c:e5:60:e0:d8:22:45:c8:c3:f1:2a:33:4a:11:14:
ae:f9:8c:d8:fe:5c:b9:a7:f1:d1:ea:b8:5e:b5:52:
b4:04:a7:97:ed:5b:bd:2a:06:2a:ce:8d:61:a3:e1:
c8:7b:d4:14:b3:9c:ab:8e:88:a4:2e:76:d5:12:4f:
25:39:44:97:30:3d:6e:50:80:03:c9:d9:ad:fb:38:
7f:cc:66:6d:fc:86:cc:e3:2a:70:c3:75:de:b7:af:
4e:2f:7e:37:d5:f4:e5:ce:63:8c:08:d8:b0:57:15:
29:1f:a2:14:cd:61:71:98:88:cd:ae:4a:14:ae:5f:
fb:07:24:c7:71:18:71:91:74:4d:9d:bf:74:5e:92:
1f:f6:94:f1:7a:00:c4:96:e3:5f:63:d4:a0:46:7e:
2b:c6:54:ed:a7:e5:36:cc:a7:ea:a3:cf:a1:0c:ac:
b8:ad:7e:47:3f:cd:c1:c0:87:9b:77:1b:bc:6b:d1:
bc:e7:da:c3:0e:90:b3:0b:9a:14:d0:db:7c:5b:9d:
87:2b:e7:ac:2b:9e:98:8b:f4:5a:36:8f:65:68:6b:
22:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:91:72:4C:16:53:9C:EF:61:B8:CF:D8:3E:EA:85:7A:89:ED:59:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
8c:2f:f9:86:51:e0:cf:d7:81:2d:84:b2:f1:ff:eb:00:a2:da:
34:72:36:fe:a9:91:1d:46:71:49:f5:66:f4:cd:f4:03:e7:00:
e8:8a:83:b2:ed:8a:01:bc:90:ec:28:34:92:f8:9f:31:70:9c:
5d:97:aa:d0:bc:64:3a:40:5d:84:c8:63:cf:b0:d3:50:bb:eb:
fb:96:d7:35:c4:70:95:68:c5:46:7d:21:74:40:da:d8:34:1f:
b0:b4:c9:ff:c6:c1:f0:93:46:d8:31:19:4c:27:1d:b6:44:ce:
bf:c7:0a:1d:b3:13:d4:56:25:9a:2b:95:53:29:bf:4e:77:37:
a0:9b:23:88:aa:be:24:72:21:7c:b1:9f:9f:3a:c8:c9:e3:48:
15:7c:d0:87:14:e1:f2:ed:5b:d4:0b:29:76:2c:b2:6d:bd:3f:
02:66:06:52:c6:43:37:ae:e1:37:ab:c2:06:be:c8:93:d3:bc:
e9:0e:33:e9:61:a4:c4:8c:e9:9b:4f:59:c2:07:8e:0d:60:69:
21:31:2b:a8:71:84:dd:1e:72:ef:c3:96:c1:80:78:b5:48:3f:
2d:f9:77:5c:7e:6b:a4:0f:2c:9b:fe:2f:66:cc:56:78:00:4d:
21:ff:d0:ee:7c:23:68:02:78:82:a9:78:6d:f1:de:cb:72:b6:
20:1a:66:29
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUf6sFn+xMWc+9pKdB87t7K+yJHv0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAxNDBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyMmZhOGFhMjEwYzU2ZjY5NGNlNGJiN2JiMmUzODUyZTMzNzg4MjcxOGVk
MjAyZjY2Y2Y3ZTMzNzhlMTQ3NTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKPs6xePsOsp3PMFfutFfVLZHKbNONqLt3lzd9BQubzGBZyXT72+Fo3KPFtK
POVg4NgiRcjD8SozShEUrvmM2P5cuafx0eq4XrVStASnl+1bvSoGKs6NYaPhyHvU
FLOcq46IpC521RJPJTlElzA9blCAA8nZrfs4f8xmbfyGzOMqcMN13revTi9+N9X0
5c5jjAjYsFcVKR+iFM1hcZiIza5KFK5f+wckx3EYcZF0TZ2/dF6SH/aU8XoAxJbj
X2PUoEZ+K8ZU7aflNsyn6qPPoQysuK1+Rz/NwcCHm3cbvGvRvOfaww6QswuaFNDb
fFudhyvnrCuemIv0WjaPZWhrIlsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTzkXJM
FlOc72G4z9g+6oV6ie1Z3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNlN2EwM2ItOWU5MC00OTIxLTljNTYtNWIwYmQ0ZTYwZWQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
wDANBgkqhkiG9w0BAQsFAAOCAQEAjC/5hlHgz9eBLYSy8f/rAKLaNHI2/qmRHUZx
SfVm9M30A+cA6IqDsu2KAbyQ7Cg0kvifMXCcXZeq0LxkOkBdhMhjz7DTULvr+5bX
NcRwlWjFRn0hdEDa2DQfsLTJ/8bB8JNG2DEZTCcdtkTOv8cKHbMT1FYlmiuVUym/
Tnc3oJsjiKq+JHIhfLGfnzrIyeNIFXzQhxTh8u1b1Aspdiyybb0/AmYGUsZDN67h
N6vCBr7Ik9O86Q4z6WGkxIzpm09ZwgeODWBpITErqHGE3R5y78OWwYB4tUg/Lfl3
XH5rpA8sm/4vZsxWeABNIf/Q7nwjaAJ4gql4bfHey3K2IBpmKQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:26 2025 by rpki-client