Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
File: fec4786d-f73f-4e64-99a3-0377bdf5c566.roa (raw, json)
Hash identifier: UmzBII3PTtsP+TheBC5cBRjmCJbgLUZ/o/hT+qRTJZo=
Subject key identifier: 4E:94:4C:18:52:38:BA:DE:94:41:27:E5:A7:88:49:9F:28:45:7E:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2135245D8680AF3FFEA360ECEB31240951DE7401
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
Signing time: Tue 05 Aug 2025 20:20:08 +0000
ROA not before: Tue 05 Aug 2025 20:20:08 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02e::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:35:24:5d:86:80:af:3f:fe:a3:60:ec:eb:31:24:09:51:de:74:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:20:08 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=913fe8c85fd9bb6cb270519081a8b7effbce6b681fca570885ef7a2730296ad6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:02:c6:9d:a4:6a:60:4c:96:ab:36:cf:9c:64:
c4:ea:96:b8:64:ce:2b:9f:a0:70:7e:f4:3a:3d:85:
e8:ae:96:9d:dd:e8:3b:d0:47:bd:97:2e:62:93:d1:
7c:db:61:c6:9c:54:70:50:f0:4f:9b:26:13:6d:63:
c1:c0:3b:8c:c9:0a:81:70:31:38:69:0b:89:d9:a2:
b7:a5:c6:c2:27:b7:1b:56:f1:e8:ec:8a:d9:92:11:
76:57:0a:8d:91:80:7f:6b:1a:26:2f:5f:4d:62:49:
92:13:7c:10:85:fb:5c:08:88:4f:6c:91:9b:d4:73:
28:05:49:9f:bd:f7:34:df:6f:76:18:a8:ea:dc:53:
b3:6f:6d:cb:d2:7d:30:c2:3a:c2:8e:70:77:42:bc:
91:98:ba:a7:84:15:50:b2:78:ad:b6:7a:bc:33:58:
2d:f0:ef:f3:7f:53:43:e8:29:d6:91:f9:c3:5a:e1:
19:e9:da:23:95:12:25:a0:c5:e7:be:ce:63:0c:a6:
54:cb:bc:04:96:e1:d1:f4:b5:3b:f2:52:e2:04:b4:
34:30:e7:d8:e0:7f:de:09:8c:5f:7e:24:fb:55:a1:
70:b9:6c:f0:a4:75:3a:ed:ed:c4:00:84:47:71:c7:
5d:a2:e4:7e:24:7c:1e:ef:a5:f8:6f:ff:32:34:05:
0e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:94:4C:18:52:38:BA:DE:94:41:27:E5:A7:88:49:9F:28:45:7E:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02e::/36
Signature Algorithm: sha256WithRSAEncryption
9f:82:fd:58:19:d4:ab:a4:23:c4:33:6f:0e:2c:02:e4:e4:fe:
d9:91:50:0e:7d:23:08:63:5b:e2:b9:15:dc:e6:9b:8e:80:b5:
1a:08:3b:27:11:97:26:61:92:9b:cd:35:5e:94:85:d9:07:6c:
b4:21:59:7e:e6:a3:a7:b6:ac:e2:b9:ff:b0:97:ad:2d:d8:ed:
de:db:28:19:9c:a9:be:03:eb:96:38:80:95:35:07:48:8e:f1:
8c:d7:91:36:5f:cc:52:62:41:81:a2:70:79:a0:2a:8f:7e:11:
c7:fa:16:93:86:df:32:2a:17:87:77:9d:95:24:03:64:57:78:
75:96:3c:c2:ab:9d:25:c7:47:e2:7e:fa:e9:32:e5:0c:af:82:
c8:9a:dc:3b:35:55:84:e0:b6:e1:02:e1:6b:e3:2b:ab:c4:66:
23:0a:82:8c:36:c2:c4:bc:76:15:31:df:6a:a0:8c:23:90:8c:
29:41:ee:46:53:19:b8:ce:b2:c0:e4:60:84:46:ee:09:f7:0d:
40:c5:73:7e:c9:12:ed:a6:31:87:ea:36:70:c0:eb:eb:22:9a:
7c:90:ac:3b:d6:70:db:c7:34:79:ce:72:c7:14:bf:14:c8:b4:
e6:35:e6:de:5c:c8:4e:e7:4c:ae:c2:c3:c6:f6:ca:65:42:57:
30:29:dd:0f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUITUkXYaArz/+o2Ds6zEkCVHedAEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDIwMDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxM2ZlOGM4NWZkOWJiNmNiMjcwNTE5MDgxYThiN2VmZmJjZTZiNjgxZmNh
NTcwODg1ZWY3YTI3MzAyOTZhZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMICxp2kamBMlqs2z5xkxOqWuGTOK5+gcH70Oj2F6K6Wnd3oO9BHvZcuYpPR
fNthxpxUcFDwT5smE21jwcA7jMkKgXAxOGkLidmit6XGwie3G1bx6OyK2ZIRdlcK
jZGAf2saJi9fTWJJkhN8EIX7XAiIT2yRm9RzKAVJn733NN9vdhio6txTs29ty9J9
MMI6wo5wd0K8kZi6p4QVULJ4rbZ6vDNYLfDv839TQ+gp1pH5w1rhGenaI5USJaDF
577OYwymVMu8BJbh0fS1O/JS4gS0NDDn2OB/3gmMX34k+1WhcLls8KR1Ou3txACE
R3HHXaLkfiR8Hu+l+G//MjQFDmsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROlEwY
Uji63pRBJ+WniEmfKEV+OjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmVjNDc4NmQtZjczZi00ZTY0LTk5YTMtMDM3N2JkZjVjNTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C4A
MA0GCSqGSIb3DQEBCwUAA4IBAQCfgv1YGdSrpCPEM28OLALk5P7ZkVAOfSMIY1vi
uRXc5puOgLUaCDsnEZcmYZKbzTVelIXZB2y0IVl+5qOntqziuf+wl60t2O3e2ygZ
nKm+A+uWOICVNQdIjvGM15E2X8xSYkGBonB5oCqPfhHH+haTht8yKheHd52VJANk
V3h1ljzCq50lx0fifvrpMuUMr4LImtw7NVWE4LbhAuFr4yurxGYjCoKMNsLEvHYV
Md9qoIwjkIwpQe5GUxm4zrLA5GCERu4J9w1AxXN+yRLtpjGH6jZwwOvrIpp8kKw7
1nDbxzR5znLHFL8UyLTmNebeXMhO50yuwsPG9splQlcwKd0P
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:57 2025 by rpki-client