Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
File: fc452689-b0a6-4816-a48a-8c8854d225f8.roa (raw, json)
Hash identifier: mNfSlYxgVM8pFfhWUfsDwZTLiN5YOjBHbOeZvV9WOlU=
Subject key identifier: 5B:27:63:09:C0:84:1E:D7:58:AC:BC:85:AB:9C:9F:93:6D:8B:23:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0983637B937354B7DEB91BFFDD9DFFDBBB334EA2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
Signing time: Fri 10 Oct 2025 17:05:04 +0000
ROA not before: Fri 10 Oct 2025 17:05:04 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:83:63:7b:93:73:54:b7:de:b9:1b:ff:dd:9d:ff:db:bb:33:4e:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:05:04 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=66b82f11dd6645c62ce81d2273eed2cc037531c1541ec00b74bcbdfaf418ae55, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:01:ff:db:21:43:58:e2:84:0c:13:b0:d8:27:
5c:df:22:f5:47:4e:fe:2a:f5:12:3f:ed:28:ae:8c:
f6:b3:05:da:82:5f:3e:11:ba:99:2f:ec:2a:17:9a:
80:8b:e6:c8:68:a2:6d:72:b2:0d:e2:2b:b0:6b:aa:
42:d9:4f:35:82:c7:01:32:d8:b5:73:07:1a:5e:7f:
0d:a9:4d:6d:10:95:ad:27:ea:1a:90:83:11:a3:e5:
80:76:2e:26:84:9c:5d:38:fd:50:40:25:91:7b:ab:
05:41:4a:73:73:11:25:db:c0:60:2c:30:5e:86:26:
9b:c9:3a:74:28:0e:b1:e4:69:26:d0:3c:d9:6f:b0:
62:ef:c6:12:c2:20:18:8d:55:23:b2:94:e3:35:87:
85:31:fc:43:82:b1:d4:8f:ba:e5:2f:4d:8c:8a:97:
59:45:1e:e9:e1:ff:82:4c:49:d8:4e:67:3e:99:26:
4a:e3:a8:27:7c:71:a4:cd:c1:fb:39:9f:5d:55:ce:
e7:f1:b8:34:c2:66:80:c9:06:67:c2:5b:ef:23:44:
4b:83:cb:b8:75:a3:62:65:ac:1c:92:67:c1:dc:1b:
b2:cc:1f:5c:7f:a8:30:a7:c3:87:19:25:31:1c:03:
e7:7b:df:a4:bf:9d:de:6c:6e:18:ad:7c:ec:16:ed:
c0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:27:63:09:C0:84:1E:D7:58:AC:BC:85:AB:9C:9F:93:6D:8B:23:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c000::/40
Signature Algorithm: sha256WithRSAEncryption
8a:b4:46:0f:34:f2:c2:fd:fa:00:09:f4:b8:e5:c9:6e:73:55:
c3:fb:7b:18:86:45:cb:55:90:b5:8a:e6:24:c6:5b:e3:34:b1:
16:95:5c:d9:9c:f6:ba:ff:61:ed:45:6a:cc:4e:51:1d:2e:79:
ce:4e:b3:64:e5:ea:42:77:85:35:5a:a9:31:d6:2c:7b:1e:11:
e0:ad:dc:ba:5c:78:9a:79:8e:1a:72:08:c1:bb:59:1e:54:53:
c8:40:60:46:5a:53:1b:1c:5e:26:c2:12:3c:e5:88:dc:f3:93:
3a:5c:c8:8d:67:de:20:0f:ab:3e:a4:55:88:ef:55:9a:a8:a8:
5e:e0:e3:e9:8f:24:3e:65:85:1c:b4:6d:ec:49:f2:8f:44:54:
0a:8d:5d:02:59:0c:a1:29:e9:f3:3b:19:7a:70:53:61:b6:a2:
d4:d3:ac:7d:b3:a3:ed:fe:9c:53:0e:af:77:6d:70:98:fc:14:
a0:7b:c3:88:2a:be:08:a6:01:b0:e2:86:e7:4c:bd:90:65:53:
17:16:e9:39:f7:13:c2:c6:77:26:16:8e:76:01:4e:04:1c:ed:
57:a4:26:3b:2d:28:03:dd:b1:05:a8:8c:b5:4a:e0:e9:a1:90:
62:65:07:cb:42:6b:23:1a:90:ff:fe:2c:12:40:ce:48:cc:1a:
e6:63:bd:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCYNje5NzVLfeuRv/3Z3/27szTqIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzA1MDRaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2YjgyZjExZGQ2NjQ1YzYyY2U4MWQyMjczZWVkMmNjMDM3NTMxYzE1NDFl
YzAwYjc0YmNiZGZhZjQxOGFlNTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOEB/9shQ1jihAwTsNgnXN8i9UdO/ir1Ej/tKK6M9rMF2oJfPhG6mS/sKhea
gIvmyGiibXKyDeIrsGuqQtlPNYLHATLYtXMHGl5/DalNbRCVrSfqGpCDEaPlgHYu
JoScXTj9UEAlkXurBUFKc3MRJdvAYCwwXoYmm8k6dCgOseRpJtA82W+wYu/GEsIg
GI1VI7KU4zWHhTH8Q4Kx1I+65S9NjIqXWUUe6eH/gkxJ2E5nPpkmSuOoJ3xxpM3B
+zmfXVXO5/G4NMJmgMkGZ8Jb7yNES4PLuHWjYmWsHJJnwdwbsswfXH+oMKfDhxkl
MRwD53vfpL+d3mxuGK187BbtwF0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbJ2MJ
wIQe11isvIWrnJ+TbYsjJzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM0NTI2ODktYjBhNi00ODE2LWE0OGEtOGM4ODU0ZDIyNWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTA
MA0GCSqGSIb3DQEBCwUAA4IBAQCKtEYPNPLC/foACfS45cluc1XD+3sYhkXLVZC1
iuYkxlvjNLEWlVzZnPa6/2HtRWrMTlEdLnnOTrNk5epCd4U1Wqkx1ix7HhHgrdy6
XHiaeY4acgjBu1keVFPIQGBGWlMbHF4mwhI85Yjc85M6XMiNZ94gD6s+pFWI71Wa
qKhe4OPpjyQ+ZYUctG3sSfKPRFQKjV0CWQyhKenzOxl6cFNhtqLU06x9s6Pt/pxT
Dq93bXCY/BSge8OIKr4IpgGw4obnTL2QZVMXFuk59xPCxncmFo52AU4EHO1XpCY7
LSgD3bEFqIy1SuDpoZBiZQfLQmsjGpD//iwSQM5IzBrmY736
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:08 2025 by rpki-client