Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa
File: ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa (raw, json)
Hash identifier: M9vii6z7UOpm4g2mr8AxWnEtlQ8cUmiXg9m0g/LT7u0=
Subject key identifier: E0:2E:7E:65:01:03:3E:9A:C0:A6:EE:0D:22:4A:0C:F6:11:72:70:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3312B5F188A88F0CD00FBE359A0994BDBE405853
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa
Signing time: Wed 06 Aug 2025 00:50:45 +0000
ROA not before: Wed 06 Aug 2025 00:50:45 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:12:b5:f1:88:a8:8f:0c:d0:0f:be:35:9a:09:94:bd:be:40:58:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:45 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=bd99b0352508b62f093d8a691bbeb7fd3773e3cbe7371d34e5d6d81ab086b75a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:13:35:46:d8:ee:cd:65:2a:dc:f6:4a:d7:e1:
d4:74:20:ff:67:d8:dc:e4:c8:4b:8e:fd:04:bd:3f:
9e:d8:fe:1b:d2:19:a4:30:c4:42:26:79:6e:3e:f0:
35:b3:7e:6a:85:95:cf:75:8d:2b:76:10:61:a6:0a:
d9:73:14:56:d7:a9:59:50:01:6d:77:30:a6:26:6f:
34:60:c5:bb:dd:3a:86:fe:d9:c6:63:ab:f5:e6:33:
53:cb:59:6f:7e:b9:04:74:c6:9f:95:7f:af:0a:d3:
9d:82:51:40:3d:c2:f3:96:73:7b:81:a8:b1:fe:33:
b1:a6:f1:b6:63:8f:64:8f:ab:58:63:de:c7:39:62:
ba:1a:25:69:b4:ce:09:ec:3c:18:2e:b3:c7:00:29:
17:84:86:df:04:55:03:70:17:f7:98:5d:ef:69:f3:
cb:8f:e6:3a:90:57:94:6c:f3:66:20:aa:8e:3d:cd:
2d:82:64:4b:dd:36:39:f1:44:c0:6d:63:00:ba:49:
d9:c7:ec:8e:98:3e:65:21:1b:55:93:95:be:05:b9:
3d:60:71:0b:5e:49:a5:eb:a8:1c:75:23:cd:09:69:
76:85:04:fd:29:47:94:77:e3:00:74:a4:5e:19:ca:
ff:ca:7a:15:b0:61:f2:6e:fd:98:b2:77:0e:2f:14:
c9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2E:7E:65:01:03:3E:9A:C0:A6:EE:0D:22:4A:0C:F6:11:72:70:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:6a:2f:0d:5c:ef:00:9f:c1:82:3a:d1:82:e9:56:2a:d1:6e:
10:3a:26:0b:a7:e7:72:61:da:e5:f3:27:a8:91:f7:fb:a4:53:
9f:50:1e:33:00:4f:58:a0:2b:24:8b:2f:f7:95:94:0a:61:73:
18:f4:1e:bb:e3:34:cd:37:75:26:1c:64:36:4b:6a:dc:a3:ad:
4e:72:ed:71:72:cd:b7:5f:47:00:f8:47:9f:3b:80:db:cc:ea:
fb:7e:78:02:82:6f:98:76:6c:5d:cd:96:d4:74:33:5c:75:3e:
d4:06:42:ee:8a:a9:bd:6e:c1:95:f0:83:49:8d:df:84:a8:d9:
7b:c4:18:1c:15:f0:eb:b1:c6:7e:cb:4d:ec:f8:e9:8c:2f:80:
94:fa:a2:42:a6:a3:f1:57:fb:b4:38:6b:4f:a0:25:02:c6:f0:
c8:08:be:d2:c6:eb:b5:9a:31:33:89:e3:90:a7:fa:39:73:14:
fd:b1:8f:89:d2:2b:66:7c:21:e5:a1:b0:41:24:3e:ee:36:10:
44:2f:17:5f:2f:1d:9e:cd:b0:5c:c9:cf:ec:c9:2a:6d:86:ab:
e3:65:44:c8:25:e7:d1:7d:5f:ea:42:21:8e:77:2d:e1:9c:d5:
e9:f0:08:c6:3b:39:56:84:26:c9:86:6c:b4:da:43:ba:ad:0d:
a3:bb:98:1c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMxK18YiojwzQD741mgmUvb5AWFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwNDVaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkOTliMDM1MjUwOGI2MmYwOTNkOGE2OTFiYmViN2ZkMzc3M2UzY2JlNzM3
MWQzNGU1ZDZkODFhYjA4NmI3NWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4TNUbY7s1lKtz2Stfh1HQg/2fY3OTIS479BL0/ntj+G9IZpDDEQiZ5bj7w
NbN+aoWVz3WNK3YQYaYK2XMUVtepWVABbXcwpiZvNGDFu906hv7ZxmOr9eYzU8tZ
b365BHTGn5V/rwrTnYJRQD3C85Zze4Gosf4zsabxtmOPZI+rWGPexzliuholabTO
Cew8GC6zxwApF4SG3wRVA3AX95hd72nzy4/mOpBXlGzzZiCqjj3NLYJkS902OfFE
wG1jALpJ2cfsjpg+ZSEbVZOVvgW5PWBxC15JpeuoHHUjzQlpdoUE/SlHlHfjAHSk
XhnK/8p6FbBh8m79mLJ3Di8UydECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTgLn5l
AQM+msCm7g0iSgz2EXJw9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmEyZDVhMDEtZmExNy00ZmIzLTk3ZTctYzIxYzZlODlmOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAaai8NXO8An8GCOtGC6VYq0W4QOiYLp+dyYdrl
8yeokff7pFOfUB4zAE9YoCskiy/3lZQKYXMY9B674zTNN3UmHGQ2S2rco61Ocu1x
cs23X0cA+EefO4DbzOr7fngCgm+YdmxdzZbUdDNcdT7UBkLuiqm9bsGV8INJjd+E
qNl7xBgcFfDrscZ+y03s+OmML4CU+qJCpqPxV/u0OGtPoCUCxvDICL7Sxuu1mjEz
ieOQp/o5cxT9sY+J0itmfCHlobBBJD7uNhBELxdfLx2ezbBcyc/sySpthqvjZUTI
JefRfV/qQiGOdy3hnNXp8AjGOzlWhCbJhmy02kO6rQ2ju5gc
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:13 2025 by rpki-client