Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
File: fec4786d-f73f-4e64-99a3-0377bdf5c566.roa (raw, json)
Hash identifier: 48DNNWtduOCbnHTJ3fLmXkDViAdCJiT91gzMNIMSipc=
Subject key identifier: 16:72:77:1B:20:DB:13:3B:8F:63:47:3A:58:5A:66:D1:3F:14:44:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A4A4B00F8B8C180E835A38506CE22E44DBD3C14
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
Signing time: Tue 21 Oct 2025 13:30:39 +0000
ROA not before: Tue 21 Oct 2025 13:30:39 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02e::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:4a:4b:00:f8:b8:c1:80:e8:35:a3:85:06:ce:22:e4:4d:bd:3c:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:30:39 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=456f62065b07abdda1392c662d1f7b430ffbbfb7ee21c64abc40135fe8bd7bfd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:73:7c:58:74:e9:05:77:85:dc:84:4b:18:ae:
69:eb:f7:57:01:17:ee:08:bc:4b:18:94:6b:5e:a1:
40:5a:3b:e5:52:22:43:98:9e:34:17:2f:97:7c:8c:
d7:6a:25:56:60:07:53:38:88:be:77:cd:dd:21:fd:
f3:e9:30:bf:b3:29:68:4c:90:3e:d1:38:ea:95:3e:
d2:2b:32:e4:0a:e6:9a:70:04:a1:dd:c1:5c:5d:dd:
36:ce:33:6b:d7:9a:89:ad:74:fc:8b:34:ae:68:60:
4e:cb:c9:4c:cb:cf:43:fd:88:e7:63:c3:fb:b9:d3:
5c:eb:f2:f6:54:8f:39:ec:58:c5:47:24:67:9f:38:
42:ad:10:76:e8:f1:a8:3f:64:40:5a:93:47:38:30:
31:8e:9f:7d:5b:56:2c:f8:65:03:fe:2b:d1:d1:36:
25:db:0f:9d:4a:1f:0a:19:5a:d7:18:e8:40:08:78:
63:05:55:f7:3e:d1:e0:6a:6d:71:ce:b6:9b:93:b5:
54:66:3d:42:3e:a8:e8:fa:49:d7:b6:85:1a:61:9c:
88:60:2f:3d:ea:47:ec:86:c7:29:f2:ae:3b:60:31:
12:70:1c:8b:6d:27:5a:ca:8a:49:03:7b:84:5a:de:
8d:d2:4c:7a:c4:d9:c8:2d:a6:f7:2b:5a:b9:85:ce:
f5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:72:77:1B:20:DB:13:3B:8F:63:47:3A:58:5A:66:D1:3F:14:44:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02e::/36
Signature Algorithm: sha256WithRSAEncryption
7e:0f:ec:ba:51:77:27:84:fa:cf:f3:b3:0f:a6:1f:44:93:5a:
a4:9a:95:e7:7d:a6:7c:96:d2:7d:44:60:77:79:47:45:4c:88:
97:a5:41:21:b9:7b:ad:16:88:cc:ef:35:3e:52:c3:ff:e0:00:
80:ef:a1:2e:8a:40:29:03:5c:71:62:71:40:50:87:35:28:26:
36:a4:b8:cd:38:e6:d0:b0:cb:32:a6:1e:5a:fd:7b:45:ef:60:
3c:3b:c9:86:23:6b:f2:cf:0d:a4:fc:ed:27:a2:19:f9:19:45:
8d:74:1e:ea:d3:54:8f:a8:36:b8:3a:17:ff:0f:a5:c6:e3:7d:
b5:2f:8b:27:82:40:8c:f9:78:30:82:fb:58:c2:9a:57:7b:1f:
f9:b7:c8:75:2c:ae:09:4d:ed:51:69:35:7d:27:d1:3e:85:ac:
54:8b:09:53:08:56:4f:ff:a4:ee:a6:78:71:ee:20:e3:70:a0:
42:9a:fb:47:0d:9b:41:d7:1f:d5:e4:27:5f:43:03:83:45:86:
87:bd:4c:67:30:17:52:2a:39:fe:b9:a4:39:8f:f7:6f:06:2e:
6a:11:34:5e:ef:46:4f:d5:62:3d:39:15:2a:5c:e5:ac:6e:d6:
ca:dd:2b:5e:da:84:00:8d:d2:a1:53:47:6c:41:29:a0:ba:5e:
3a:e3:b1:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOkpLAPi4wYDoNaOFBs4i5E29PBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMwMzlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1NmY2MjA2NWIwN2FiZGRhMTM5MmM2NjJkMWY3YjQzMGZmYmJmYjdlZTIx
YzY0YWJjNDAxMzVmZThiZDdiZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNzfFh06QV3hdyESxiuaev3VwEX7gi8SxiUa16hQFo75VIiQ5ieNBcvl3yM
12olVmAHUziIvnfN3SH98+kwv7MpaEyQPtE46pU+0isy5ArmmnAEod3BXF3dNs4z
a9eaia10/Is0rmhgTsvJTMvPQ/2I52PD+7nTXOvy9lSPOexYxUckZ584Qq0Qdujx
qD9kQFqTRzgwMY6ffVtWLPhlA/4r0dE2JdsPnUofChla1xjoQAh4YwVV9z7R4Gpt
cc62m5O1VGY9Qj6o6PpJ17aFGmGciGAvPepH7IbHKfKuO2AxEnAci20nWsqKSQN7
hFrejdJMesTZyC2m9ytauYXO9bkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWcncb
INsTO49jRzpYWmbRPxRE5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmVjNDc4NmQtZjczZi00ZTY0LTk5YTMtMDM3N2JkZjVjNTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C4A
MA0GCSqGSIb3DQEBCwUAA4IBAQB+D+y6UXcnhPrP87MPph9Ek1qkmpXnfaZ8ltJ9
RGB3eUdFTIiXpUEhuXutFojM7zU+UsP/4ACA76EuikApA1xxYnFAUIc1KCY2pLjN
OObQsMsyph5a/XtF72A8O8mGI2vyzw2k/O0nohn5GUWNdB7q01SPqDa4Ohf/D6XG
4321L4sngkCM+XgwgvtYwppXex/5t8h1LK4JTe1RaTV9J9E+haxUiwlTCFZP/6Tu
pnhx7iDjcKBCmvtHDZtB1x/V5CdfQwODRYaHvUxnMBdSKjn+uaQ5j/dvBi5qETRe
70ZP1WI9ORUqXOWsbtbK3Ste2oQAjdKhU0dsQSmgul4647ER
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:10 2025 by rpki-client