Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
File: f7a46ea9-b416-4218-a790-28cf84d702ce.roa (raw, json)
Hash identifier: Wl2N+osz/f0PqTzF7naxkz6xFqIQlumI9vsfJhwDJok=
Subject key identifier: 85:B5:17:99:DF:D9:B1:4F:43:3C:EA:4F:4D:82:B4:2B:FF:A1:28:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C59B0768F66EB89388E6842B00275D2E293FB87
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
Signing time: Fri 26 Sep 2025 20:11:29 +0000
ROA not before: Fri 26 Sep 2025 20:11:29 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d026::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:59:b0:76:8f:66:eb:89:38:8e:68:42:b0:02:75:d2:e2:93:fb:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:11:29 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=879444e78084d87ae00e8e398219be23b0bf9fb64510ce66d4a07799991d75db, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:dd:50:2e:57:e9:b5:5a:8d:22:bf:37:ec:59:
b5:a0:56:1c:b1:7d:c5:6b:0f:e3:b1:28:22:42:db:
b0:99:0a:3f:0c:39:7d:7c:d9:96:13:2a:5c:21:51:
d5:11:76:a3:cf:23:d4:83:f7:b4:6f:ff:71:90:a7:
c5:78:d3:1a:f2:7a:02:23:dc:85:50:f7:91:5f:59:
7e:e4:f1:0f:62:04:b6:19:71:5f:ca:0f:1f:76:33:
0c:e4:48:5d:66:97:c3:92:5f:5b:da:ba:49:58:b3:
81:05:0b:4c:27:0c:f1:16:8d:c8:f4:75:02:49:81:
6b:1a:cc:5f:d3:1b:1b:b3:8d:df:22:f0:c1:44:47:
42:eb:d8:c2:42:c8:be:bb:5c:10:1b:5e:75:15:c6:
1c:c3:d8:fe:a8:9a:c0:54:59:10:1a:b1:f2:94:9b:
ae:98:aa:e5:df:4c:93:00:ac:e6:e4:32:cc:8d:4e:
54:16:69:4c:15:a0:b9:ed:b4:4c:df:12:76:9b:bf:
81:f6:84:22:ab:a1:88:17:e8:b8:56:42:ea:8d:7c:
00:dc:b4:49:4e:39:ca:11:77:c7:df:d1:16:16:76:
6f:c4:fc:5d:a2:32:ad:4c:d9:b7:0d:8b:14:1e:3d:
90:da:93:d8:cb:6f:19:fb:ee:bf:90:2a:e6:72:34:
04:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B5:17:99:DF:D9:B1:4F:43:3C:EA:4F:4D:82:B4:2B:FF:A1:28:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d026::/36
Signature Algorithm: sha256WithRSAEncryption
9b:a7:12:0c:c2:c3:61:c1:d6:c3:8f:a6:8e:38:b9:2d:03:f6:
c9:8e:29:96:e2:4b:9f:c9:25:1e:be:47:36:2f:ac:a6:85:78:
59:69:50:9c:ee:6a:87:7c:f1:9d:a3:23:d4:0d:69:5e:bb:e7:
b3:bb:17:ef:b8:64:18:47:22:19:79:15:b2:00:f6:59:74:f0:
17:38:42:0a:3f:09:a9:ac:84:3a:f2:f6:59:b8:e5:06:dd:8f:
01:90:d2:0f:07:dc:eb:b6:81:e2:02:62:63:0c:b2:e7:c5:54:
3b:e7:30:4d:2b:7b:9d:3a:5d:c9:7e:19:b4:d1:45:86:81:4a:
28:17:d6:e7:37:cf:57:e7:74:92:88:53:e0:9e:68:19:5e:f3:
88:f1:ca:ea:36:76:04:61:cb:79:98:d4:92:78:66:55:f8:7e:
8c:ac:86:c9:69:6a:b5:80:07:27:34:aa:14:ba:d5:52:9c:31:
c2:06:b3:a2:14:a6:9f:0a:85:e4:ad:fc:ce:8b:78:75:08:e3:
29:a7:0b:c9:9f:a4:a8:1a:a6:c8:31:08:90:69:36:0a:6b:d6:
2a:6b:f0:9b:72:dd:1f:1f:32:f0:1b:2e:f7:c8:3c:d7:34:bd:
c5:ed:e9:2a:72:90:df:6e:77:43:95:66:d2:85:5d:ca:a2:b5:
4e:9c:fd:3c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfFmwdo9m64k4jmhCsAJ10uKT+4cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDExMjlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3OTQ0NGU3ODA4NGQ4N2FlMDBlOGUzOTgyMTliZTIzYjBiZjlmYjY0NTEw
Y2U2NmQ0YTA3Nzk5OTkxZDc1ZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJndUC5X6bVajSK/N+xZtaBWHLF9xWsP47EoIkLbsJkKPww5fXzZlhMqXCFR
1RF2o88j1IP3tG//cZCnxXjTGvJ6AiPchVD3kV9ZfuTxD2IEthlxX8oPH3YzDORI
XWaXw5JfW9q6SVizgQULTCcM8RaNyPR1AkmBaxrMX9MbG7ON3yLwwURHQuvYwkLI
vrtcEBtedRXGHMPY/qiawFRZEBqx8pSbrpiq5d9MkwCs5uQyzI1OVBZpTBWgue20
TN8Sdpu/gfaEIquhiBfouFZC6o18ANy0SU45yhF3x9/RFhZ2b8T8XaIyrUzZtw2L
FB49kNqT2MtvGfvuv5Aq5nI0BH0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSFtReZ
39mxT0M86k9NgrQr/6EoYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdhNDZlYTktYjQxNi00MjE4LWE3OTAtMjhjZjg0ZDcwMmNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CYA
MA0GCSqGSIb3DQEBCwUAA4IBAQCbpxIMwsNhwdbDj6aOOLktA/bJjimW4kufySUe
vkc2L6ymhXhZaVCc7mqHfPGdoyPUDWleu+ezuxfvuGQYRyIZeRWyAPZZdPAXOEIK
PwmprIQ68vZZuOUG3Y8BkNIPB9zrtoHiAmJjDLLnxVQ75zBNK3udOl3Jfhm00UWG
gUooF9bnN89X53SSiFPgnmgZXvOI8crqNnYEYct5mNSSeGZV+H6MrIbJaWq1gAcn
NKoUutVSnDHCBrOiFKafCoXkrfzOi3h1COMppwvJn6SoGqbIMQiQaTYKa9Yqa/Cb
ct0fHzLwGy73yDzXNL3F7ekqcpDfbndDlWbShV3KorVOnP08
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:42 2025 by rpki-client