Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
File: bba6d1fd-8b29-4481-a568-7018abbd9103.roa (raw, json)
Hash identifier: XK/LUZ0FWLr2LgXUzH8ObYfNSdfalHSG1YwBuLS0kBY=
Subject key identifier: E8:79:EA:8C:4A:EA:55:18:26:D1:8F:AE:34:D0:A4:41:89:6B:43:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27990CBF3F774B43339AB226E7C4F5586B55C3F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
Signing time: Tue 05 Aug 2025 19:30:18 +0000
ROA not before: Tue 05 Aug 2025 19:30:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:99:0c:bf:3f:77:4b:43:33:9a:b2:26:e7:c4:f5:58:6b:55:c3:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5f85683e1ad5db8e11944b83175995fdef5de8872769a8e50dae8fe71b760861, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9f:39:38:64:7c:3b:86:f0:13:ef:e1:f3:4f:
f2:b8:70:48:1d:b2:9f:54:48:33:cd:b6:e8:7a:91:
d9:0f:dc:b3:b0:88:c3:6f:0d:79:fd:6d:17:0a:48:
e3:06:8b:8a:b3:3b:94:d7:70:59:98:8b:8a:bd:2d:
f6:8d:a5:aa:c6:a1:5b:f8:af:02:dc:65:54:89:3a:
90:7a:7a:2f:85:69:41:e5:8a:36:fa:03:ac:4c:c6:
a8:19:4e:01:28:f2:58:e3:89:90:30:40:11:74:1f:
12:71:97:55:34:c6:e1:41:99:65:bc:88:92:44:93:
1e:27:14:78:a9:69:00:d9:6d:fd:63:7e:68:35:03:
47:f7:1a:a3:19:34:ae:34:f5:0e:aa:f1:81:9c:a6:
76:34:55:b9:d1:9e:68:2f:bd:95:4d:bf:16:2a:e1:
94:13:20:41:3d:93:62:7b:71:2f:c6:f0:25:6d:87:
e6:c3:a0:62:56:fe:49:05:15:5a:7e:17:2f:9e:c9:
e0:0b:96:08:75:26:18:67:25:6d:b1:32:74:8e:d8:
f0:07:77:74:e3:ad:0f:e8:f1:b7:1e:40:8f:9e:ff:
a5:44:f0:f3:df:16:6b:8b:bf:b6:44:10:1f:35:cc:
96:34:2e:d3:59:ba:d0:0f:fa:ed:d6:ac:6f:04:5e:
2a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:79:EA:8C:4A:EA:55:18:26:D1:8F:AE:34:D0:A4:41:89:6B:43:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9080::/48
Signature Algorithm: sha256WithRSAEncryption
01:98:1c:14:61:a8:bd:31:b5:fa:e4:b9:5b:bf:01:c6:60:5a:
d0:39:4d:7e:ce:90:32:53:7b:4f:a2:27:0b:4a:f4:9d:df:21:
51:7e:0e:7f:57:0f:b6:e0:bc:ba:ae:78:1e:ce:c2:77:bc:c8:
a2:2e:cc:eb:98:96:d6:8e:28:1e:f9:ba:17:0b:2a:29:9d:51:
a0:ff:04:ed:03:30:6f:19:00:89:2e:03:5b:33:db:dd:ab:36:
82:23:64:d6:a4:74:88:ca:6e:2e:a4:a7:2c:67:01:44:e6:dd:
74:7a:a3:0d:10:8a:7f:d3:1f:2e:f4:69:72:87:8c:d6:29:30:
05:05:cc:c7:53:97:f3:ab:52:b0:d3:d2:46:3f:2c:b1:0f:05:
28:f8:45:9e:4f:6d:86:b5:27:b4:0c:42:03:a1:4b:7a:bf:11:
db:2c:c5:be:6c:23:d0:1b:1b:33:f5:23:c2:04:1b:5e:d8:b5:
b7:7e:64:92:59:c8:f9:d4:4b:d8:35:95:ca:bd:39:1c:65:14:
4b:25:65:21:c6:34:f5:a4:ea:c4:75:79:ee:d0:1c:dd:48:89:
81:33:07:84:06:c8:9a:da:f4:3b:c2:cb:90:dd:cd:3e:05:e9:
44:8b:c8:82:d2:a4:40:c2:72:a2:2d:44:20:73:0d:e9:31:2d:
3c:a7:6d:ce
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJ5kMvz93S0MzmrIm58T1WGtVw/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmODU2ODNlMWFkNWRiOGUxMTk0NGI4MzE3NTk5NWZkZWY1ZGU4ODcyNzY5
YThlNTBkYWU4ZmU3MWI3NjA4NjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6fOThkfDuG8BPv4fNP8rhwSB2yn1RIM8226HqR2Q/cs7CIw28Nef1tFwpI
4waLirM7lNdwWZiLir0t9o2lqsahW/ivAtxlVIk6kHp6L4VpQeWKNvoDrEzGqBlO
ASjyWOOJkDBAEXQfEnGXVTTG4UGZZbyIkkSTHicUeKlpANlt/WN+aDUDR/caoxk0
rjT1DqrxgZymdjRVudGeaC+9lU2/FirhlBMgQT2TYntxL8bwJW2H5sOgYlb+SQUV
Wn4XL57J4AuWCHUmGGclbbEydI7Y8Ad3dOOtD+jxtx5Aj57/pUTw898Wa4u/tkQQ
HzXMljQu01m60A/67dasbwReKqMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBToeeqM
SupVGCbRj6400KRBiWtDejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmJhNmQxZmQtOGIyOS00NDgxLWE1NjgtNzAxOGFiYmQ5MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAAZgcFGGovTG1+uS5W78BxmBa0DlNfs6QMlN7
T6InC0r0nd8hUX4Of1cPtuC8uq54Hs7Cd7zIoi7M65iW1o4oHvm6FwsqKZ1RoP8E
7QMwbxkAiS4DWzPb3as2giNk1qR0iMpuLqSnLGcBRObddHqjDRCKf9MfLvRpcoeM
1ikwBQXMx1OX86tSsNPSRj8ssQ8FKPhFnk9thrUntAxCA6FLer8R2yzFvmwj0Bsb
M/UjwgQbXti1t35kklnI+dRL2DWVyr05HGUUSyVlIcY09aTqxHV57tAc3UiJgTMH
hAbImtr0O8LLkN3NPgXpRIvIgtKkQMJyoi1EIHMN6TEtPKdtzg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:03:43 2025 by rpki-client