Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
File: ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa (raw, json)
Hash identifier: 5q05g3U08onHcRNkIK5LB9Uium44ZLgay0ri907GEWI=
Subject key identifier: C5:5B:CE:14:1D:07:AB:FE:4E:71:6B:05:29:49:55:87:4F:42:29:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4539F7EB037936CD50A7F39F24AA0FF2DFB8A550
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
Signing time: Fri 26 Sep 2025 20:01:42 +0000
ROA not before: Fri 26 Sep 2025 20:01:42 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:39:f7:eb:03:79:36:cd:50:a7:f3:9f:24:aa:0f:f2:df:b8:a5:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:01:42 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=1b78e537bfbf2bdc8bd9f68458edf9c2cd59c311bebbf06144be2f14c7b6a89e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:42:d5:5c:3d:c8:5b:ed:ab:7b:cb:81:e9:a4:
5f:c9:50:67:1d:90:5d:60:2c:58:65:20:40:20:0f:
a7:f2:29:f5:67:a9:73:d7:d4:aa:61:62:b2:66:42:
c5:5b:61:07:5c:7f:ac:5f:05:11:3a:93:0e:ee:07:
e1:50:ce:f9:8b:12:b2:dc:99:72:8e:0e:79:d7:47:
03:b8:13:90:ad:6a:1a:6a:4f:e1:35:db:03:39:18:
5a:a4:1b:17:65:30:3e:c3:44:27:a8:12:77:bb:e9:
1d:a8:ca:b5:c8:d2:ef:e3:d3:09:6e:52:19:0d:06:
33:48:56:62:a8:c0:c8:a9:07:c3:b4:60:30:b2:b5:
02:93:a2:16:5c:95:95:00:12:ba:fa:89:b7:d9:20:
ff:98:ec:cd:c1:d2:a0:0c:1d:87:73:22:7f:2b:9f:
b8:cc:68:09:9c:64:c7:18:8c:5e:81:ef:ce:20:7d:
d6:28:c3:3b:fe:33:6a:4a:33:4e:8e:13:e9:6f:41:
98:7f:4c:0f:a1:e3:ca:db:08:cf:9d:0b:37:6d:8b:
80:ad:e7:85:b0:36:c1:07:1e:4c:30:e6:2f:6d:31:
52:65:ea:9e:ec:a0:a9:b0:fe:aa:1e:f1:ef:8b:2e:
88:e8:99:07:ae:18:60:1f:b8:a6:8f:96:7d:95:28:
44:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:5B:CE:14:1D:07:AB:FE:4E:71:6B:05:29:49:55:87:4F:42:29:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:800::/38
Signature Algorithm: sha256WithRSAEncryption
5a:64:aa:31:0c:b7:b0:92:6c:62:3d:0a:fc:61:0e:ad:46:58:
64:a8:c3:bf:4f:cf:42:9c:ae:6f:cb:75:ca:fe:0a:33:be:19:
43:8b:55:f3:47:37:fc:a3:8c:fc:e9:23:b8:cb:ee:61:c8:88:
e5:54:99:23:db:3d:6b:be:5a:83:93:7f:52:26:ce:07:d4:18:
1b:f8:38:c8:57:e7:c6:46:65:ef:ee:3d:a3:e2:f8:0a:a9:f8:
1e:2d:9a:9a:64:20:34:20:d9:e1:d0:a2:cb:31:f6:66:9d:39:
4b:78:82:26:3e:33:3f:28:c9:c7:ce:8c:09:49:12:8f:a5:86:
44:a0:d5:6b:93:92:3f:94:c5:6b:ce:0d:fa:b0:43:d6:bd:47:
ea:d5:df:5a:bd:ca:5a:98:49:ff:d9:fe:bd:4b:bf:80:f6:24:
c6:56:19:e4:44:43:a5:80:39:8e:0c:97:e8:07:4f:ff:55:a8:
5c:61:48:a5:ed:f9:88:43:8b:61:da:02:de:0d:b8:2f:bb:83:
d7:be:6b:19:b5:13:6d:9c:8a:a4:54:62:5f:1a:a1:4f:cb:76:
f4:fa:33:10:46:b2:05:78:97:74:c8:10:f1:4e:9f:d8:95:06:
b2:38:11:38:f8:1b:5d:89:74:1c:79:d7:f1:c4:f9:8a:5e:c9:
b3:a3:70:eb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURTn36wN5Ns1Qp/OfJKoP8t+4pVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAxNDJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiNzhlNTM3YmZiZjJiZGM4YmQ5ZjY4NDU4ZWRmOWMyY2Q1OWMzMTFiZWJi
ZjA2MTQ0YmUyZjE0YzdiNmE4OWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhC1Vw9yFvtq3vLgemkX8lQZx2QXWAsWGUgQCAPp/Ip9Wepc9fUqmFismZC
xVthB1x/rF8FETqTDu4H4VDO+YsSstyZco4OeddHA7gTkK1qGmpP4TXbAzkYWqQb
F2UwPsNEJ6gSd7vpHajKtcjS7+PTCW5SGQ0GM0hWYqjAyKkHw7RgMLK1ApOiFlyV
lQASuvqJt9kg/5jszcHSoAwdh3MifyufuMxoCZxkxxiMXoHvziB91ijDO/4zakoz
To4T6W9BmH9MD6HjytsIz50LN22LgK3nhbA2wQceTDDmL20xUmXqnuygqbD+qh7x
74suiOiZB64YYB+4po+WfZUoREUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFW84U
HQer/k5xawUpSVWHT0IpujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmEwZTY5OTMtZTliZC00NGMwLWFhNDgtNDc2NTcwOGU1ZmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEI
MA0GCSqGSIb3DQEBCwUAA4IBAQBaZKoxDLewkmxiPQr8YQ6tRlhkqMO/T89CnK5v
y3XK/gozvhlDi1XzRzf8o4z86SO4y+5hyIjlVJkj2z1rvlqDk39SJs4H1Bgb+DjI
V+fGRmXv7j2j4vgKqfgeLZqaZCA0INnh0KLLMfZmnTlLeIImPjM/KMnHzowJSRKP
pYZEoNVrk5I/lMVrzg36sEPWvUfq1d9avcpamEn/2f69S7+A9iTGVhnkREOlgDmO
DJfoB0//VahcYUil7fmIQ4th2gLeDbgvu4PXvmsZtRNtnIqkVGJfGqFPy3b0+jMQ
RrIFeJd0yBDxTp/YlQayOBE4+BtdiXQcedfxxPmKXsmzo3Dr
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:24 2025 by rpki-client