Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
File: fc452689-b0a6-4816-a48a-8c8854d225f8.roa (raw, json)
Hash identifier: jFhqQMjbKlDpJBxI9KdnYp5NlSghURvjZfc/NC/03m4=
Subject key identifier: 57:36:F0:D6:DB:09:99:1B:8F:1D:C3:00:B7:91:D7:C3:45:31:41:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 155A9C67F2ABDAEDDDC2F6DA89E31688D2D21F38
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
Signing time: Tue 04 Nov 2025 02:50:04 +0000
ROA not before: Tue 04 Nov 2025 02:50:04 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:5a:9c:67:f2:ab:da:ed:dd:c2:f6:da:89:e3:16:88:d2:d2:1f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:04 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=25316c874fbb32d382051a527da1934aa8a1c95ac9b21e59511009cb9e33433e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6a:f1:55:ab:47:a5:9d:42:50:fd:df:07:45:
25:7f:24:d7:04:59:ca:a3:70:f2:4c:74:86:16:13:
27:7e:82:17:c2:b8:c7:79:c9:5a:48:4d:66:44:f0:
a7:5a:7c:88:ac:92:de:96:c2:11:fc:28:44:43:09:
33:0a:5e:35:0f:b1:5d:e1:8b:e6:7b:cc:78:3a:b3:
48:a3:70:66:18:de:7f:69:fe:49:c2:0c:a1:75:91:
a7:77:80:1d:f6:c3:4e:5a:99:ec:09:d3:da:cc:6c:
48:47:ff:6e:06:5d:c6:c2:1e:27:18:62:c0:f4:74:
ea:7d:a2:0b:d3:b2:86:30:3e:37:47:30:4d:f7:a9:
f3:63:93:bf:76:b6:f3:0e:90:de:bd:6e:00:16:f3:
28:f6:5b:4d:0c:2e:e6:95:e8:34:07:6a:d1:78:16:
2b:42:07:11:69:9e:4a:2b:93:23:c7:e8:c2:29:26:
cb:80:71:ad:16:c7:1c:8c:7c:60:91:c7:3e:83:10:
3b:5b:49:34:a7:ac:35:c9:99:41:53:68:7d:4c:ff:
d2:3f:ba:47:01:85:1f:7f:8a:ab:dd:f2:ec:49:e2:
fc:7f:0a:15:0e:ab:2b:f3:f0:1f:1d:1e:cf:fd:48:
fe:ed:4b:61:7d:01:4e:d1:ad:b6:f9:ea:a1:53:c1:
2b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:36:F0:D6:DB:09:99:1B:8F:1D:C3:00:B7:91:D7:C3:45:31:41:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c000::/40
Signature Algorithm: sha256WithRSAEncryption
5b:14:97:5a:6f:f3:a6:0d:03:73:8a:a9:16:32:38:27:33:63:
ed:a5:72:7d:c2:89:b6:87:31:f8:4a:8f:7e:e5:5d:eb:80:e9:
87:b8:96:6d:e1:e2:6a:6a:ce:bc:40:3a:f5:36:70:6e:fd:96:
9c:b3:a2:8c:19:3c:a1:e5:83:89:31:e3:8c:9b:a9:a3:1b:a9:
d4:c4:fe:e5:35:4b:85:4b:19:6a:00:48:ef:cf:31:bb:ca:b8:
98:a2:8d:dc:6d:36:e3:e6:fc:04:e9:33:f7:f2:2b:8e:5e:d0:
41:60:ab:0d:12:c2:cd:d7:ca:63:33:8d:36:e5:c2:65:fa:6d:
41:3f:08:66:0f:c6:a7:ea:9e:82:18:59:7c:ad:d9:a3:9c:53:
98:89:cb:84:b2:70:64:f1:b6:55:7c:e6:da:17:97:82:7f:bf:
03:a0:28:5c:e8:cd:6a:7f:90:16:ac:7a:5b:66:71:48:d2:ae:
a9:95:ef:37:81:9c:53:ad:9b:44:2f:04:6b:c6:7e:a8:21:d3:
49:95:70:0f:a7:02:38:7c:61:53:e9:2d:f6:e7:0b:a1:3d:41:
f7:12:0c:d3:92:38:6c:69:93:04:df:0b:b5:f1:61:b4:4b:5c:
84:8b:a9:7f:83:4e:1b:d0:a3:c9:1e:3c:5b:f5:9f:07:54:5b:
f9:90:1a:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFVqcZ/Kr2u3dwvbaieMWiNLSHzgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwMDRaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1MzE2Yzg3NGZiYjMyZDM4MjA1MWE1MjdkYTE5MzRhYThhMWM5NWFjOWIy
MWU1OTUxMTAwOWNiOWUzMzQzM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1q8VWrR6WdQlD93wdFJX8k1wRZyqNw8kx0hhYTJ36CF8K4x3nJWkhNZkTw
p1p8iKyS3pbCEfwoREMJMwpeNQ+xXeGL5nvMeDqzSKNwZhjef2n+ScIMoXWRp3eA
HfbDTlqZ7AnT2sxsSEf/bgZdxsIeJxhiwPR06n2iC9OyhjA+N0cwTfep82OTv3a2
8w6Q3r1uABbzKPZbTQwu5pXoNAdq0XgWK0IHEWmeSiuTI8fowikmy4BxrRbHHIx8
YJHHPoMQO1tJNKesNcmZQVNofUz/0j+6RwGFH3+Kq93y7Eni/H8KFQ6rK/PwHx0e
z/1I/u1LYX0BTtGttvnqoVPBK/ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRXNvDW
2wmZG48dwwC3kdfDRTFBtTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM0NTI2ODktYjBhNi00ODE2LWE0OGEtOGM4ODU0ZDIyNWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTA
MA0GCSqGSIb3DQEBCwUAA4IBAQBbFJdab/OmDQNziqkWMjgnM2PtpXJ9wom2hzH4
So9+5V3rgOmHuJZt4eJqas68QDr1NnBu/Zacs6KMGTyh5YOJMeOMm6mjG6nUxP7l
NUuFSxlqAEjvzzG7yriYoo3cbTbj5vwE6TP38iuOXtBBYKsNEsLN18pjM4025cJl
+m1BPwhmD8an6p6CGFl8rdmjnFOYicuEsnBk8bZVfObaF5eCf78DoChc6M1qf5AW
rHpbZnFI0q6ple83gZxTrZtELwRrxn6oIdNJlXAPpwI4fGFT6S325wuhPUH3EgzT
kjhsaZME3wu18WG0S1yEi6l/g04b0KPJHjxb9Z8HVFv5kBpZ
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:14:22 2025 by rpki-client