Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
File: ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa (raw, json)
Hash identifier: iBVaJTGWqLPo518Iuk83k5iUxCedVYQ6R2WADqWMKQY=
Subject key identifier: 99:E2:E5:B1:0A:1B:4A:0F:0C:38:8D:90:35:C3:B7:0E:2F:54:7D:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B872B84F5CBFF895210ADC00544B52666D95DD7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
Signing time: Fri 15 Aug 2025 15:50:11 +0000
ROA not before: Fri 15 Aug 2025 15:50:11 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 87.238.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:87:2b:84:f5:cb:ff:89:52:10:ad:c0:05:44:b5:26:66:d9:5d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:50:11 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=f33e80769688a48d87bd623e5a7d1d498d302d732163f2c6004736ac1e840750, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:6c:d6:71:d2:62:58:49:c2:82:d6:ed:55:b7:
16:05:83:b2:f3:35:ac:a9:1f:bb:44:e7:b5:34:ad:
01:f0:54:6a:3e:98:d9:28:6c:25:2e:39:4e:22:4f:
90:12:ec:5a:4b:60:a8:e3:ca:1b:13:42:87:d3:99:
77:d6:e8:fd:50:39:f0:2e:bf:99:3d:10:bd:d7:3a:
f0:80:d5:7c:65:37:11:a4:c2:50:71:7f:65:44:a1:
a9:57:43:22:58:5a:d3:a1:1f:5a:2a:e2:ab:e9:36:
54:ee:41:67:9a:af:5c:6b:26:10:c8:88:31:d2:86:
fa:3c:99:e9:7a:5c:73:90:38:2c:4e:29:64:0d:c9:
d8:06:6e:87:65:cd:42:cf:ff:8b:73:ab:58:16:4a:
f3:fe:97:de:69:f4:ca:a3:94:fa:42:0f:33:3e:78:
26:9d:28:7f:d6:a9:29:2b:a3:1b:ab:e1:a9:e5:28:
1d:e7:f2:65:fc:df:f8:c0:86:12:5e:cc:e8:16:69:
2e:f1:40:ba:6d:8b:e5:a5:dd:42:62:e5:6b:45:ba:
5a:a2:bc:e8:5d:02:10:f8:c1:12:1c:82:ef:5f:77:
e6:a1:24:c5:0c:2b:f4:c1:a2:01:c3:b3:89:38:82:
a6:99:18:42:e8:fe:ab:27:f1:d8:6c:0c:e9:43:70:
1f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E2:E5:B1:0A:1B:4A:0F:0C:38:8D:90:35:C3:B7:0E:2F:54:7D:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.80.0/21
Signature Algorithm: sha256WithRSAEncryption
70:51:3b:38:fe:ee:53:e6:5c:f6:d1:ba:d4:78:5f:ec:b9:8a:
d7:91:d2:a2:c9:dd:62:0c:0e:69:04:0a:58:5f:5c:de:ae:a5:
80:22:46:56:78:e5:43:40:20:22:70:1b:05:68:d6:89:c6:d9:
bb:1a:5e:a0:cc:a9:db:cf:af:da:44:d6:e5:4c:79:f9:13:a1:
cd:ca:c2:be:43:ab:da:82:74:1b:49:16:ec:e3:9b:ba:9f:38:
14:0a:59:55:1c:b1:42:a8:3f:8a:3f:fb:87:e7:41:fe:71:6d:
76:6e:f3:de:3f:8d:e2:ca:10:77:07:29:43:db:ac:17:c0:1c:
37:38:2d:59:b5:c4:01:6a:19:06:64:e0:af:72:f6:7d:8c:f1:
af:00:61:f6:a1:1a:36:fb:2d:7e:3d:37:7e:87:12:d6:f9:f3:
15:61:d9:25:75:ee:ab:56:8c:6e:35:cf:0d:95:b4:1f:f4:c3:
5c:0f:b4:95:8d:51:63:89:df:09:d0:56:c4:58:f9:bf:52:c1:
81:60:09:34:0c:68:4e:9c:2c:78:66:6a:f2:38:d3:08:65:01:
79:ee:44:e2:1c:7c:c7:27:91:c8:36:b1:27:6c:c8:33:a7:5e:
7c:cb:bf:92:b1:1e:a3:47:ed:0b:fa:55:db:65:3f:22:ad:da:
bd:64:3d:56
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUW4crhPXL/4lSEK3ABUS1JmbZXdcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUwMTFaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzM2U4MDc2OTY4OGE0OGQ4N2JkNjIzZTVhN2QxZDQ5OGQzMDJkNzMyMTYz
ZjJjNjAwNDczNmFjMWU4NDA3NTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPRs1nHSYlhJwoLW7VW3FgWDsvM1rKkfu0TntTStAfBUaj6Y2ShsJS45TiJP
kBLsWktgqOPKGxNCh9OZd9bo/VA58C6/mT0Qvdc68IDVfGU3EaTCUHF/ZUShqVdD
Ilha06EfWiriq+k2VO5BZ5qvXGsmEMiIMdKG+jyZ6Xpcc5A4LE4pZA3J2AZuh2XN
Qs//i3OrWBZK8/6X3mn0yqOU+kIPMz54Jp0of9apKSujG6vhqeUoHefyZfzf+MCG
El7M6BZpLvFAum2L5aXdQmLla0W6WqK86F0CEPjBEhyC71935qEkxQwr9MGiAcOz
iTiCppkYQuj+qyfx2GwM6UNwHx0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSZ4uWx
ChtKDww4jZA1w7cOL1R99DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmE3MGE4OWMtNWU2Yy00MGFjLTlhNzMtZjkyYmVlMDA1ZDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1fuUDAN
BgkqhkiG9w0BAQsFAAOCAQEAcFE7OP7uU+Zc9tG61Hhf7LmK15HSosndYgwOaQQK
WF9c3q6lgCJGVnjlQ0AgInAbBWjWicbZuxpeoMyp28+v2kTW5Ux5+ROhzcrCvkOr
2oJ0G0kW7OObup84FApZVRyxQqg/ij/7h+dB/nFtdm7z3j+N4soQdwcpQ9usF8Ac
NzgtWbXEAWoZBmTgr3L2fYzxrwBh9qEaNvstfj03focS1vnzFWHZJXXuq1aMbjXP
DZW0H/TDXA+0lY1RY4nfCdBWxFj5v1LBgWAJNAxoTpwseGZq8jjTCGUBee5E4hx8
xyeRyDaxJ2zIM6defMu/krEeo0ftC/pV22U/Iq3avWQ9Vg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:19 2025 by rpki-client