Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec66173-52ba-4e6f-b1ec-889563dfb748.roa
File: fec66173-52ba-4e6f-b1ec-889563dfb748.roa (raw, json)
Hash identifier: Vf5kORQP/rm0Iyh+ejRmuzlsgIuq0CY3DbFuZduEJT4=
Subject key identifier: 49:C7:AA:AC:18:D5:F7:14:89:C9:F8:26:44:8C:04:E1:6A:64:43:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14E09DD37E0C88DA8B906897EA157F7CD8A484DB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec66173-52ba-4e6f-b1ec-889563dfb748.roa
Signing time: Mon 29 Sep 2025 15:24:04 +0000
ROA not before: Mon 29 Sep 2025 15:24:04 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:e0:9d:d3:7e:0c:88:da:8b:90:68:97:ea:15:7f:7c:d8:a4:84:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 29 15:24:04 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=94c7e2d3dab648960b11827941b85885fe52855b5431f91063a222fcc8665670, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4e:77:66:a4:9c:0f:02:80:d9:9d:4d:c9:cd:
46:ca:98:8b:ed:1b:9d:86:f7:4e:24:cb:07:11:da:
20:ae:e5:3f:72:53:e3:fb:03:3d:c0:06:e8:29:35:
d7:91:97:8d:28:72:3f:a7:c2:90:b8:95:0b:3f:15:
73:58:4f:50:0c:ec:bf:f0:69:ec:0b:4d:28:e8:14:
23:b5:76:bf:bc:d9:95:8a:c1:87:21:d2:60:ad:3d:
84:fa:22:b2:95:33:82:71:71:fd:58:58:5d:83:f6:
d4:84:ee:47:0c:4f:44:da:1d:b4:98:4d:d2:4e:b9:
40:4f:b5:63:0e:ba:6b:ec:36:09:48:16:b2:23:04:
03:46:a1:cb:e0:b7:da:fe:75:03:d0:9e:79:bb:b1:
79:19:e2:f0:9b:ad:18:33:16:9f:4e:db:26:a1:34:
ec:0e:03:38:0d:8e:c5:be:e2:ee:1a:03:df:44:2e:
f3:63:f7:f5:40:52:be:01:8d:00:66:71:31:a8:3b:
f2:2e:4a:c5:50:f5:fa:86:4a:29:5b:fc:14:fe:fe:
70:82:a8:11:b6:cd:64:ed:6d:89:f1:75:97:90:01:
08:fc:db:9f:d8:43:c3:bc:22:27:8c:bc:5f:d0:f7:
27:8f:29:34:7e:d2:2d:46:28:c9:f7:6a:aa:f3:55:
ac:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:C7:AA:AC:18:D5:F7:14:89:C9:F8:26:44:8C:04:E1:6A:64:43:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec66173-52ba-4e6f-b1ec-889563dfb748.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6040::/48
Signature Algorithm: sha256WithRSAEncryption
52:0a:20:d6:ec:2c:35:fa:e5:61:50:a0:d5:44:15:96:74:7b:
73:78:3b:fb:98:c8:a1:4d:96:d8:40:62:93:20:5e:c0:15:e4:
2a:bf:36:da:02:40:1b:3e:ff:fb:b6:a0:29:54:65:31:b6:b6:
d8:ec:f2:87:2d:41:94:c4:78:e4:bb:78:c7:92:1e:de:30:47:
12:2c:e2:f8:b4:a6:68:ec:98:d2:b9:12:ef:f4:a3:a7:9f:15:
d1:7b:81:0b:2d:78:47:f9:3c:85:b1:25:60:d6:0b:a4:8d:54:
ab:99:8f:48:73:15:c3:a4:c7:d0:39:e1:1e:c2:ff:10:03:e9:
71:9c:58:dc:e0:43:f9:fe:1d:39:f8:79:f0:a7:68:a7:42:fb:
94:84:81:74:d6:27:46:e1:46:7b:a0:fc:59:88:a2:6b:13:86:
7f:17:e4:ae:f9:0f:86:a0:5f:88:0a:e7:3c:40:2e:dd:e3:52:
2d:70:7f:9a:9d:a7:21:f7:5d:83:c3:95:9e:8c:ea:20:8b:e8:
f0:21:8b:29:37:9f:76:ef:ea:ac:7f:60:ac:3f:4a:d1:7b:43:
34:2a:30:58:f7:39:57:0d:b2:26:2f:c2:d9:90:03:f0:64:4f:
45:83:45:9e:75:00:79:a0:82:01:55:2e:f4:0e:3d:e4:41:f8:
09:59:6e:6c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFOCd034MiNqLkGiX6hV/fNikhNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjkxNTI0MDRaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0YzdlMmQzZGFiNjQ4OTYwYjExODI3OTQxYjg1ODg1ZmU1Mjg1NWI1NDMx
ZjkxMDYzYTIyMmZjYzg2NjU2NzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9Od2aknA8CgNmdTcnNRsqYi+0bnYb3TiTLBxHaIK7lP3JT4/sDPcAG6Ck1
15GXjShyP6fCkLiVCz8Vc1hPUAzsv/Bp7AtNKOgUI7V2v7zZlYrBhyHSYK09hPoi
spUzgnFx/VhYXYP21ITuRwxPRNodtJhN0k65QE+1Yw66a+w2CUgWsiMEA0ahy+C3
2v51A9CeebuxeRni8JutGDMWn07bJqE07A4DOA2Oxb7i7hoD30Qu82P39UBSvgGN
AGZxMag78i5KxVD1+oZKKVv8FP7+cIKoEbbNZO1tifF1l5ABCPzbn9hDw7wiJ4y8
X9D3J48pNH7SLUYoyfdqqvNVrJsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRJx6qs
GNX3FInJ+CZEjAThamRD1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmVjNjYxNzMtNTJiYS00ZTZmLWIxZWMtODg5NTYzZGZiNzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
QDANBgkqhkiG9w0BAQsFAAOCAQEAUgog1uwsNfrlYVCg1UQVlnR7c3g7+5jIoU2W
2EBikyBewBXkKr822gJAGz7/+7agKVRlMba22Ozyhy1BlMR45Lt4x5Ie3jBHEizi
+LSmaOyY0rkS7/Sjp58V0XuBCy14R/k8hbElYNYLpI1Uq5mPSHMVw6TH0DnhHsL/
EAPpcZxY3OBD+f4dOfh58Kdop0L7lISBdNYnRuFGe6D8WYiiaxOGfxfkrvkPhqBf
iArnPEAu3eNSLXB/mp2nIfddg8OVnozqIIvo8CGLKTefdu/qrH9grD9K0XtDNCow
WPc5Vw2yJi/C2ZAD8GRPRYNFnnUAeaCCAVUu9A495EH4CVlubA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:12:53 2025 by rpki-client