Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
File: bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa (raw, json)
Hash identifier: 3QDdT7qE9oEFLl3T4zqaoni2OrFqYwXhC8/izielxQ4=
Subject key identifier: 9B:EC:0D:3C:36:03:96:34:3C:1D:5B:98:82:55:FF:7F:A1:55:C7:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 710C53C38D6CE9E435A231E05E00123698E0C39D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
Signing time: Mon 13 Oct 2025 18:00:09 +0000
ROA not before: Mon 13 Oct 2025 18:00:09 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:0c:53:c3:8d:6c:e9:e4:35:a2:31:e0:5e:00:12:36:98:e0:c3:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 18:00:09 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=893b6270ba2d71470530b4dfddf42134b6a4fcb91a6bd92f79d81de2b227dd93, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:80:ee:84:a3:c6:25:56:b8:e2:e7:e3:b6:51:
7e:59:84:7e:3c:3c:80:d1:6d:65:64:34:34:2b:e5:
50:48:35:30:82:55:09:e8:43:91:7b:5f:50:13:17:
90:b4:17:d5:43:5d:07:31:3b:e9:3d:6d:15:07:97:
2d:5b:8a:a8:e5:1a:e4:74:04:be:12:e6:7d:03:e7:
43:f8:f0:9f:b4:06:b0:3f:d4:cf:e9:8e:2b:7d:32:
32:d2:c4:a5:fd:bd:ec:db:46:20:55:3f:a7:15:de:
b4:10:02:ae:39:31:30:f8:c3:a0:df:93:47:5e:34:
4a:92:9a:95:7c:07:56:cf:50:d9:ad:03:7a:2b:c5:
e2:27:62:ec:a2:b3:c3:22:db:d7:07:93:83:ce:d8:
4c:e9:1f:d3:d3:e5:f0:fc:3b:ff:f0:ca:98:c1:bd:
53:26:22:d4:6d:cb:99:6e:0e:a4:4f:c8:61:19:f9:
34:29:f8:ef:ec:26:07:3a:b8:00:dd:66:e7:46:75:
5c:69:ef:e8:0b:8e:e2:e2:ef:7a:2a:d1:45:2a:71:
a6:04:d9:e3:a5:6d:11:4d:9c:48:e9:cf:eb:e3:0a:
bd:c7:14:ce:9a:54:35:48:82:91:2c:e6:5d:c3:9d:
90:bd:08:19:dc:27:a3:23:0b:9f:78:42:32:11:c9:
60:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:EC:0D:3C:36:03:96:34:3C:1D:5B:98:82:55:FF:7F:A1:55:C7:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:b000::/40
Signature Algorithm: sha256WithRSAEncryption
a4:18:ea:cd:11:f1:d5:e6:db:de:0f:83:27:b7:76:2a:da:62:
7c:f0:54:41:39:e9:5e:40:cc:56:d4:9c:b4:2a:55:96:f7:4c:
42:c2:3f:9f:76:10:d0:a1:83:34:d1:11:03:44:4e:5f:bb:d9:
f9:eb:86:f9:92:37:2f:91:0c:56:2d:6d:9b:64:f0:39:4e:d9:
ec:15:26:73:93:1b:32:ca:f9:c7:bf:59:29:b8:8e:34:be:8c:
35:34:d6:96:4e:e9:f4:77:ee:e0:b9:c0:fd:18:59:a2:b5:4c:
7f:2b:09:e9:b9:c3:6b:dc:ad:9d:8d:51:f5:ae:d1:86:a5:c0:
29:45:b3:7b:c1:7e:6f:f3:18:3c:12:35:68:15:08:83:39:96:
90:f4:07:2e:78:79:34:dc:73:49:fa:a8:12:de:c1:91:49:bb:
4e:37:ff:1c:2c:16:ef:fa:28:66:48:6f:f4:70:f4:25:e8:3e:
20:61:bf:e7:a2:11:2a:32:d9:ff:b1:f0:e6:a9:fd:73:db:c8:
d5:27:03:f0:a9:86:2d:ba:4d:f5:f6:72:c2:83:cc:f3:71:75:
f4:4b:18:0e:82:c7:c3:99:92:e6:6f:4b:43:40:9d:10:a2:67:
45:0e:ef:41:03:0d:bf:0a:b3:7c:5f:86:5b:8f:0c:96:e6:eb:
27:b6:c9:c4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcQxTw41s6eQ1ojHgXgASNpjgw50wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxODAwMDlaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5M2I2MjcwYmEyZDcxNDcwNTMwYjRkZmRkZjQyMTM0YjZhNGZjYjkxYTZi
ZDkyZjc5ZDgxZGUyYjIyN2RkOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqA7oSjxiVWuOLn47ZRflmEfjw8gNFtZWQ0NCvlUEg1MIJVCehDkXtfUBMX
kLQX1UNdBzE76T1tFQeXLVuKqOUa5HQEvhLmfQPnQ/jwn7QGsD/Uz+mOK30yMtLE
pf297NtGIFU/pxXetBACrjkxMPjDoN+TR140SpKalXwHVs9Q2a0DeivF4idi7KKz
wyLb1weTg87YTOkf09Pl8Pw7//DKmMG9UyYi1G3LmW4OpE/IYRn5NCn47+wmBzq4
AN1m50Z1XGnv6AuO4uLveirRRSpxpgTZ46VtEU2cSOnP6+MKvccUzppUNUiCkSzm
XcOdkL0IGdwnoyMLn3hCMhHJYFcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSb7A08
NgOWNDwdW5iCVf9/oVXHIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRhYTZkZTYtMDBkMy00ZDE4LThhYTAtMGJmODI4ODhkMzZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCw
MA0GCSqGSIb3DQEBCwUAA4IBAQCkGOrNEfHV5tveD4Mnt3Yq2mJ88FRBOeleQMxW
1Jy0KlWW90xCwj+fdhDQoYM00REDRE5fu9n564b5kjcvkQxWLW2bZPA5TtnsFSZz
kxsyyvnHv1kpuI40vow1NNaWTun0d+7gucD9GFmitUx/KwnpucNr3K2djVH1rtGG
pcApRbN7wX5v8xg8EjVoFQiDOZaQ9AcueHk03HNJ+qgS3sGRSbtON/8cLBbv+ihm
SG/0cPQl6D4gYb/nohEqMtn/sfDmqf1z28jVJwPwqYYtuk319nLCg8zzcXX0SxgO
gsfDmZLmb0tDQJ0QomdFDu9BAw2/CrN8X4ZbjwyW5usntsnE
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:37 2025 by rpki-client