Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
File: fec4786d-f73f-4e64-99a3-0377bdf5c566.roa (raw, json)
Hash identifier: ShMXpiRnLvG1T9wuBoPFT8xeONYT3d+Qm85fFlryldE=
Subject key identifier: FE:F5:BA:7F:F4:38:9A:94:EE:20:42:B1:1A:5C:96:29:CD:2B:10:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78939AB23030CA8B2D2E892B8C3D3777C9C3EE2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
Signing time: Fri 26 Sep 2025 20:10:03 +0000
ROA not before: Fri 26 Sep 2025 20:10:03 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02e::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:93:9a:b2:30:30:ca:8b:2d:2e:89:2b:8c:3d:37:77:c9:c3:ee:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:10:03 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=335c08b66ecb4c108c46d0dbf6cae639e830508bd29ac8a3232d337454421cf4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:dc:0c:1c:e7:19:55:be:42:ce:39:98:71:de:
0d:65:de:86:a7:49:50:13:0a:0f:5f:93:d1:14:b4:
27:a8:d2:5c:94:1f:5c:4c:b8:c1:a0:61:48:04:14:
03:17:86:41:e5:21:ef:a8:92:17:00:dd:08:50:5a:
cf:d2:5a:3a:c1:63:76:13:0f:09:aa:c1:44:9d:7f:
b3:01:d5:b8:ad:0d:31:3b:7f:bc:55:c5:a8:0d:8e:
53:36:fa:b9:fe:c7:17:1d:df:2b:98:ab:ca:57:a6:
80:87:14:09:97:bb:28:2e:ec:42:13:ba:8a:5d:77:
07:98:b4:50:2b:78:88:2f:55:06:2f:96:07:f5:b7:
0e:3b:64:8a:ad:e3:ae:29:cc:9a:c9:81:0e:20:29:
1e:bf:f9:78:1d:ba:71:66:d1:f0:8b:3a:c2:24:a2:
f9:22:f6:4f:a1:f8:41:69:a6:9b:02:2b:32:4d:10:
2c:fc:05:ae:18:25:d3:6f:0b:3b:1b:ae:86:c6:a3:
ef:f0:a9:77:c1:38:dd:bd:9e:3d:54:5a:50:fc:0a:
50:84:70:4b:63:93:72:aa:d4:29:7a:fd:81:85:69:
25:08:a0:c8:ca:ec:c8:6e:27:5e:5e:e2:50:5a:39:
5c:d7:e4:7b:06:26:b7:ef:af:08:8c:3e:06:45:e0:
3b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:F5:BA:7F:F4:38:9A:94:EE:20:42:B1:1A:5C:96:29:CD:2B:10:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02e::/36
Signature Algorithm: sha256WithRSAEncryption
4d:aa:27:d2:da:fd:37:ba:ab:dd:b2:05:e3:bc:43:9f:64:ff:
18:eb:bd:5b:b8:53:99:96:04:71:b2:46:61:04:ba:0b:f0:ed:
a4:af:2b:af:3d:fe:96:f1:30:a7:c9:50:05:fa:e9:0e:f5:c0:
3a:33:c5:80:c3:df:9f:96:4a:4d:b2:c5:10:94:b0:b2:91:3d:
6d:fa:5d:15:91:ca:1f:fe:84:58:3a:87:6e:f9:bb:33:fd:33:
15:e8:bd:e5:d2:88:fa:31:1a:a1:a6:a8:80:c4:dc:ce:94:4b:
dc:7f:86:8a:6a:1c:55:6b:10:08:39:97:e6:55:84:2a:da:cc:
fa:72:92:26:32:16:29:2a:5e:63:1a:69:4f:59:a1:69:66:c4:
1c:af:e3:36:58:b8:fb:e3:99:69:3b:2a:9c:1a:bf:27:ed:f7:
ea:1a:62:62:60:9e:37:32:4c:7c:4a:6d:f9:e1:19:35:02:4d:
d6:81:73:6d:58:0c:83:89:f6:95:b0:14:dc:79:d4:6a:58:6e:
dc:2c:ad:e0:fd:75:cd:4a:65:dd:09:eb:03:92:d1:30:ab:9f:
05:70:e6:e2:49:b7:f8:65:2f:3b:16:3c:14:e5:30:40:3c:7e:
33:2e:e6:68:8e:25:f0:e5:d6:2e:7c:6b:f2:f8:bf:10:9f:2f:
70:dd:f7:72
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeJOasjAwyostLokrjD03d8nD7i4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDEwMDNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzNWMwOGI2NmVjYjRjMTA4YzQ2ZDBkYmY2Y2FlNjM5ZTgzMDUwOGJkMjlh
YzhhMzIzMmQzMzc0NTQ0MjFjZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKDcDBznGVW+Qs45mHHeDWXehqdJUBMKD1+T0RS0J6jSXJQfXEy4waBhSAQU
AxeGQeUh76iSFwDdCFBaz9JaOsFjdhMPCarBRJ1/swHVuK0NMTt/vFXFqA2OUzb6
uf7HFx3fK5irylemgIcUCZe7KC7sQhO6il13B5i0UCt4iC9VBi+WB/W3Djtkiq3j
rinMmsmBDiApHr/5eB26cWbR8Is6wiSi+SL2T6H4QWmmmwIrMk0QLPwFrhgl028L
Oxuuhsaj7/Cpd8E43b2ePVRaUPwKUIRwS2OTcqrUKXr9gYVpJQigyMrsyG4nXl7i
UFo5XNfkewYmt++vCIw+BkXgO88CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+9bp/
9DialO4gQrEaXJYpzSsQPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmVjNDc4NmQtZjczZi00ZTY0LTk5YTMtMDM3N2JkZjVjNTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C4A
MA0GCSqGSIb3DQEBCwUAA4IBAQBNqifS2v03uqvdsgXjvEOfZP8Y671buFOZlgRx
skZhBLoL8O2kryuvPf6W8TCnyVAF+ukO9cA6M8WAw9+flkpNssUQlLCykT1t+l0V
kcof/oRYOodu+bsz/TMV6L3l0oj6MRqhpqiAxNzOlEvcf4aKahxVaxAIOZfmVYQq
2sz6cpImMhYpKl5jGmlPWaFpZsQcr+M2WLj745lpOyqcGr8n7ffqGmJiYJ43Mkx8
Sm354Rk1Ak3WgXNtWAyDifaVsBTcedRqWG7cLK3g/XXNSmXdCesDktEwq58FcObi
Sbf4ZS87FjwU5TBAPH4zLuZojiXw5dYufGvy+L8Qny9w3fdy
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:17 2025 by rpki-client