Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
File: fec4786d-f73f-4e64-99a3-0377bdf5c566.roa (raw, json)
Hash identifier: uv8oT6mVoTPvZY9Zb4kUsSMY3PRnyvzGxs+T8MmZa8g=
Subject key identifier: 56:E4:90:60:00:25:4C:6F:0F:AE:63:12:3A:8B:D1:7C:AD:D3:A8:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DB348D44DE080B7E52F5A0BF3FDB5E9741ACF34
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
Signing time: Mon 01 Sep 2025 21:21:07 +0000
ROA not before: Mon 01 Sep 2025 21:21:07 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02e::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:b3:48:d4:4d:e0:80:b7:e5:2f:5a:0b:f3:fd:b5:e9:74:1a:cf:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:07 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=287ccb2c1c8d74fbea2a16ef2cf3454dac9cbc3faca5f9211330d0dfd240d515, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b0:aa:94:6a:67:39:b8:13:40:da:44:cc:e3:
0e:de:a4:c3:61:a4:bc:64:be:bf:cc:5f:8e:21:48:
31:b4:a9:5d:3c:80:fd:ea:51:40:ee:ec:22:77:01:
19:16:a5:6e:8b:91:50:19:d8:7e:c7:0e:c1:e4:91:
9b:91:b8:8d:79:7a:57:90:d8:bb:ae:a5:46:92:27:
9c:76:22:58:eb:6a:74:bc:2e:e0:cb:60:cb:3e:55:
a8:c5:fb:e6:56:c4:e6:94:30:db:a5:04:78:68:34:
75:e3:00:f7:c7:9e:ee:97:ee:e2:f5:ea:8a:a7:75:
51:7a:31:fb:c8:38:9b:aa:2d:92:de:dc:65:a3:4a:
7c:66:58:25:f6:13:58:c1:53:eb:9a:3d:9e:9d:87:
07:ee:65:63:83:61:6d:be:56:c3:40:ee:30:04:67:
7a:10:44:29:ea:88:4f:40:4c:90:20:1c:e2:18:12:
9b:d2:9a:4b:2e:9b:bc:52:52:f9:0c:d7:22:3b:0e:
fe:30:f7:28:e6:92:0f:cf:e6:2a:93:3d:d4:c1:f0:
26:8f:8b:be:46:fe:64:29:bd:cd:b1:84:e9:04:69:
57:38:51:a0:a1:79:88:56:66:76:c6:a1:48:6a:17:
33:b9:69:37:05:ba:d2:51:b0:b6:24:44:85:e3:84:
7a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E4:90:60:00:25:4C:6F:0F:AE:63:12:3A:8B:D1:7C:AD:D3:A8:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02e::/36
Signature Algorithm: sha256WithRSAEncryption
8e:d0:9b:18:5d:85:5b:f0:38:7f:92:93:b3:bb:ea:fc:24:3d:
a8:76:88:c9:b4:78:ba:60:62:94:b7:d7:14:a0:80:2a:05:21:
5b:44:19:df:65:6e:c3:22:56:e5:98:d7:6a:e4:66:9e:c9:67:
3e:d7:ce:fd:d7:c9:14:08:39:0b:d1:5b:33:bf:2a:29:5a:51:
6f:fc:2a:76:e5:f8:ad:5a:31:6d:e1:bc:d7:17:a9:2d:15:f9:
ab:9f:be:1e:52:d9:b7:91:01:99:00:23:44:2f:ab:ba:b7:4a:
b0:75:64:8f:d1:9e:ca:c8:08:ac:ec:ce:60:e7:36:9e:6f:fb:
cf:02:ec:1b:cd:e2:bd:2f:ec:b8:3b:3f:ab:c9:a4:e9:69:9f:
2e:2a:d0:ce:b1:57:57:07:26:e7:fa:ac:ab:97:56:42:fd:9c:
f0:ae:50:2d:ab:b6:32:f2:ae:5b:dc:ae:29:4e:35:63:50:92:
20:fd:ab:3e:67:90:b8:72:a3:75:64:16:18:41:e0:00:5a:f4:
9a:ab:0d:f9:21:40:4b:f2:88:29:0f:31:0a:16:92:06:75:f5:
44:75:ac:3d:a9:24:c3:c8:5d:a9:3a:9f:f6:0f:96:af:08:a9:
de:b7:4a:60:39:f3:ac:88:4c:4f:bf:a8:5f:74:41:b5:87:3e:
8c:6d:65:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHbNI1E3ggLflL1oL8/216XQazzQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMDdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4N2NjYjJjMWM4ZDc0ZmJlYTJhMTZlZjJjZjM0NTRkYWM5Y2JjM2ZhY2E1
ZjkyMTEzMzBkMGRmZDI0MGQ1MTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKwqpRqZzm4E0DaRMzjDt6kw2GkvGS+v8xfjiFIMbSpXTyA/epRQO7sIncB
GRalbouRUBnYfscOweSRm5G4jXl6V5DYu66lRpInnHYiWOtqdLwu4Mtgyz5VqMX7
5lbE5pQw26UEeGg0deMA98ee7pfu4vXqiqd1UXox+8g4m6otkt7cZaNKfGZYJfYT
WMFT65o9np2HB+5lY4Nhbb5Ww0DuMARnehBEKeqIT0BMkCAc4hgSm9KaSy6bvFJS
+QzXIjsO/jD3KOaSD8/mKpM91MHwJo+Lvkb+ZCm9zbGE6QRpVzhRoKF5iFZmdsah
SGoXM7lpNwW60lGwtiREheOEem0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRW5JBg
ACVMbw+uYxI6i9F8rdOoxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmVjNDc4NmQtZjczZi00ZTY0LTk5YTMtMDM3N2JkZjVjNTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C4A
MA0GCSqGSIb3DQEBCwUAA4IBAQCO0JsYXYVb8Dh/kpOzu+r8JD2odojJtHi6YGKU
t9cUoIAqBSFbRBnfZW7DIlblmNdq5GaeyWc+187918kUCDkL0VszvyopWlFv/Cp2
5fitWjFt4bzXF6ktFfmrn74eUtm3kQGZACNEL6u6t0qwdWSP0Z7KyAis7M5g5zae
b/vPAuwbzeK9L+y4Oz+ryaTpaZ8uKtDOsVdXBybn+qyrl1ZC/ZzwrlAtq7Yy8q5b
3K4pTjVjUJIg/as+Z5C4cqN1ZBYYQeAAWvSaqw35IUBL8ogpDzEKFpIGdfVEdaw9
qSTDyF2pOp/2D5avCKnet0pgOfOsiExPv6hfdEG1hz6MbWWU
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:07 2025 by rpki-client