Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec66173-52ba-4e6f-b1ec-889563dfb748.roa
File: fec66173-52ba-4e6f-b1ec-889563dfb748.roa (raw, json)
Hash identifier: 50gzJaWgAXMy3nvcPqfMC55S2DegZoB23lV1GeElVtI=
Subject key identifier: E1:E5:1F:18:7D:F6:A3:1B:F9:BB:65:1F:01:57:5E:C0:D5:E7:B8:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60DB79C1C6ACCEF6A6CCCD7B9729B00AC8996ED1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec66173-52ba-4e6f-b1ec-889563dfb748.roa
Signing time: Thu 04 Sep 2025 19:52:09 +0000
ROA not before: Thu 04 Sep 2025 19:52:09 +0000
ROA not after: Thu 09 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:db:79:c1:c6:ac:ce:f6:a6:cc:cd:7b:97:29:b0:0a:c8:99:6e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 19:52:09 2025 GMT
Not After : Oct 9 23:59:59 2025 GMT
Subject: serialNumber=bb9329795befd2720e8556465945f000d4583b94bf22275e654f5865712ec7d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:db:cf:8b:42:de:4f:07:31:e1:fc:0e:25:57:
b6:bd:b4:9d:80:26:4b:b7:46:7f:59:0f:64:f3:b9:
0d:ea:bc:71:2c:c9:dc:98:99:bd:22:9f:44:c8:07:
04:ce:52:41:f1:3c:db:f5:10:2c:10:de:95:9b:52:
6e:11:3f:f5:54:82:b6:2c:c7:c5:cd:d1:7d:42:7a:
cb:ff:27:2e:62:1e:13:ae:8f:2c:61:f0:7a:0e:86:
15:3b:8f:f6:2b:db:d4:75:b0:c5:ef:7c:62:17:bb:
00:62:f5:4d:4d:a2:24:43:29:4d:b7:0a:ac:a6:a1:
52:5b:ac:f2:26:e6:2b:da:b6:16:04:c7:c0:88:b0:
55:9e:de:a6:64:55:b5:dc:ca:c0:8a:a0:95:07:7c:
38:4e:34:fc:b9:3c:d8:d2:a3:24:43:11:ee:d1:f6:
d8:71:6d:a7:fe:99:85:0f:9a:b9:a3:aa:56:b8:db:
b0:d7:bb:2e:71:1b:24:b2:d7:f9:6a:b7:32:9b:7f:
e2:1e:1b:d0:5f:c6:3c:cf:d6:22:e5:17:65:ad:fe:
1e:8f:2d:1f:ac:cc:4e:69:35:1a:59:bf:70:c3:24:
00:3f:74:95:85:7a:3e:a1:d0:ce:34:5c:c5:83:bd:
2b:19:78:8d:77:a9:d8:d5:82:7e:aa:9b:e5:b7:a3:
8c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E5:1F:18:7D:F6:A3:1B:F9:BB:65:1F:01:57:5E:C0:D5:E7:B8:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec66173-52ba-4e6f-b1ec-889563dfb748.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6040::/48
Signature Algorithm: sha256WithRSAEncryption
91:9d:2a:4c:f7:9e:bd:09:ce:c6:99:63:46:1d:80:fa:58:be:
9f:22:ae:f7:a5:1e:60:4b:ad:0a:ef:33:15:2f:10:7b:7c:3b:
83:f8:4f:b5:80:9b:59:2a:c6:51:1e:94:e2:d2:cc:ab:f6:f0:
72:62:fa:71:5b:a8:47:3d:6a:10:8e:b5:3e:a1:85:5d:79:95:
49:0d:73:a4:06:85:be:3b:01:dc:38:22:3c:ff:31:6c:d7:ff:
27:f8:e9:b6:7d:2a:10:89:79:30:07:87:f0:c7:3b:6f:30:42:
81:69:e0:2e:57:3e:85:a2:4f:fe:96:22:a5:14:b4:5c:3e:12:
72:11:6a:8c:ee:99:cf:e1:4d:4b:6f:1d:9d:eb:36:a4:ee:1d:
d4:3d:c3:36:25:9c:65:6e:80:c5:39:58:fb:b9:5f:6e:a6:20:
94:35:fe:9c:e0:b0:56:30:c9:a8:bd:d1:9e:c0:c6:30:63:73:
e9:f8:63:90:ef:e8:3e:43:a1:c7:51:65:3b:da:be:02:2f:16:
0e:11:49:77:31:a7:32:de:6f:63:77:b1:0b:b7:04:aa:fb:d0:
e1:83:fa:75:29:c4:32:21:c0:72:b5:16:85:9d:42:af:02:0c:
49:a2:9c:4d:9a:fc:a7:27:34:5b:23:ab:36:73:d1:17:c7:c4:
d1:0b:e0:87
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYNt5wcaszvamzM17lymwCsiZbtEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDQxOTUyMDlaFw0yNTEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiOTMyOTc5NWJlZmQyNzIwZTg1NTY0NjU5NDVmMDAwZDQ1ODNiOTRiZjIy
Mjc1ZTY1NGY1ODY1NzEyZWM3ZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3bz4tC3k8HMeH8DiVXtr20nYAmS7dGf1kPZPO5Deq8cSzJ3JiZvSKfRMgH
BM5SQfE82/UQLBDelZtSbhE/9VSCtizHxc3RfUJ6y/8nLmIeE66PLGHweg6GFTuP
9ivb1HWwxe98Yhe7AGL1TU2iJEMpTbcKrKahUlus8ibmK9q2FgTHwIiwVZ7epmRV
tdzKwIqglQd8OE40/Lk82NKjJEMR7tH22HFtp/6ZhQ+auaOqVrjbsNe7LnEbJLLX
+Wq3Mpt/4h4b0F/GPM/WIuUXZa3+Ho8tH6zMTmk1Glm/cMMkAD90lYV6PqHQzjRc
xYO9Kxl4jXep2NWCfqqb5bejjD0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTh5R8Y
ffajG/m7ZR8BV17A1ee4jzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmVjNjYxNzMtNTJiYS00ZTZmLWIxZWMtODg5NTYzZGZiNzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
QDANBgkqhkiG9w0BAQsFAAOCAQEAkZ0qTPeevQnOxpljRh2A+li+nyKu96UeYEut
Cu8zFS8Qe3w7g/hPtYCbWSrGUR6U4tLMq/bwcmL6cVuoRz1qEI61PqGFXXmVSQ1z
pAaFvjsB3DgiPP8xbNf/J/jptn0qEIl5MAeH8Mc7bzBCgWngLlc+haJP/pYipRS0
XD4SchFqjO6Zz+FNS28dnes2pO4d1D3DNiWcZW6AxTlY+7lfbqYglDX+nOCwVjDJ
qL3RnsDGMGNz6fhjkO/oPkOhx1FlO9q+Ai8WDhFJdzGnMt5vY3exC7cEqvvQ4YP6
dSnEMiHAcrUWhZ1CrwIMSaKcTZr8pyc0WyOrNnPRF8fE0Qvghw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:27 2025 by rpki-client