Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
File: ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa (raw, json)
Hash identifier: Olppp88WalwNtejxznVEFqYmxXHT8sMuZg2iZiOwFXY=
Subject key identifier: 8E:AE:9F:78:90:07:19:93:13:2B:0F:03:A0:F8:6E:AF:49:C4:41:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A45A1D798B40B4BB2079185D422D16968DDB56D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
Signing time: Tue 21 Oct 2025 14:00:33 +0000
ROA not before: Tue 21 Oct 2025 14:00:33 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:45:a1:d7:98:b4:0b:4b:b2:07:91:85:d4:22:d1:69:68:dd:b5:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:00:33 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=2faf71e92d47f61cecf908509a285ecc3d2b37cc62f17ad9acd70cea9d049418, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:a8:41:d4:9a:3f:1d:d6:fc:64:18:ff:f6:9c:
c1:e7:e3:1b:66:bc:d2:28:95:41:78:32:76:06:83:
0b:c9:5b:62:76:2e:c4:03:c9:b0:27:49:b2:04:26:
85:c4:62:76:e2:ea:51:7b:2f:b6:c1:34:11:a2:52:
c8:b7:71:64:ea:6f:66:22:06:28:99:c8:df:73:f5:
7f:7c:60:9e:30:78:f9:36:8d:0a:f1:89:b4:50:97:
e0:43:6b:82:db:30:0e:c4:af:66:b5:72:d6:0f:50:
6e:00:06:3d:40:11:f4:48:5c:58:2c:8b:b1:16:1d:
1c:2e:44:b8:fc:5f:2b:72:db:c9:ec:8d:d9:6a:c4:
5e:91:98:c1:2e:79:e0:51:54:6b:58:11:62:c7:be:
da:2e:d1:34:0a:81:82:ac:ad:bb:e2:38:a5:cf:42:
dc:81:b4:ea:dc:3e:4f:c2:96:84:84:06:7d:5b:ce:
02:3d:3a:72:99:7f:4a:a6:c2:09:33:a7:85:88:52:
00:0f:6d:b4:2c:85:2b:3b:e1:09:4b:0b:d3:e4:3c:
a2:90:98:c7:18:cb:e6:7c:34:65:8f:95:9c:33:30:
32:38:bb:41:5f:bd:5b:b9:9e:2b:8d:05:29:48:10:
f6:cd:c1:21:28:b1:c7:f0:7a:c3:c6:7f:69:95:7c:
85:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:AE:9F:78:90:07:19:93:13:2B:0F:03:A0:F8:6E:AF:49:C4:41:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:800::/38
Signature Algorithm: sha256WithRSAEncryption
72:1e:38:61:d9:a8:90:76:48:5d:7d:d4:be:37:2c:f5:90:eb:
d9:61:f9:9f:67:75:c6:ec:d6:d1:f8:24:70:7d:92:bd:cf:d0:
1c:8a:44:5e:98:47:d0:66:59:e5:ae:c3:0e:af:05:bb:2c:30:
bd:f3:4c:f5:fe:80:12:40:cd:01:f1:88:0a:07:19:9a:7c:64:
98:e9:74:f0:e7:09:0a:e6:d4:f8:ca:90:89:4c:21:d9:5d:07:
17:9b:68:16:c0:3f:c4:9b:47:c9:0e:96:08:71:ca:4d:27:39:
d1:36:61:44:ed:fe:59:99:f0:d6:1d:b2:af:92:69:60:53:95:
ff:26:cd:d5:bd:6d:6b:f8:ca:9f:f2:db:3f:c0:df:49:84:57:
44:6f:0f:5c:50:b9:4d:63:0f:d3:ef:3b:58:8e:5c:79:33:92:
e5:59:5f:7a:01:f0:e6:89:66:c3:f6:ce:c8:cf:10:a6:b9:6d:
4e:6d:55:35:e4:90:46:c7:27:29:12:7f:91:18:9d:9a:e9:a8:
a6:0f:6f:ee:ec:87:2d:0d:21:8d:82:40:02:48:4d:82:7b:99:
9d:a5:48:91:8b:f4:e1:88:bb:37:60:20:64:70:75:38:83:51:
4c:11:5b:5c:1f:1f:c8:56:55:d8:f9:ab:25:eb:f7:b8:71:e2:
94:43:de:51
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWkWh15i0C0uyB5GF1CLRaWjdtW0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDAwMzNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmYWY3MWU5MmQ0N2Y2MWNlY2Y5MDg1MDlhMjg1ZWNjM2QyYjM3Y2M2MmYx
N2FkOWFjZDcwY2VhOWQwNDk0MTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPaoQdSaPx3W/GQY//acwefjG2a80iiVQXgydgaDC8lbYnYuxAPJsCdJsgQm
hcRiduLqUXsvtsE0EaJSyLdxZOpvZiIGKJnI33P1f3xgnjB4+TaNCvGJtFCX4ENr
gtswDsSvZrVy1g9QbgAGPUAR9EhcWCyLsRYdHC5EuPxfK3LbyeyN2WrEXpGYwS55
4FFUa1gRYse+2i7RNAqBgqytu+I4pc9C3IG06tw+T8KWhIQGfVvOAj06cpl/SqbC
CTOnhYhSAA9ttCyFKzvhCUsL0+Q8opCYxxjL5nw0ZY+VnDMwMji7QV+9W7meK40F
KUgQ9s3BISixx/B6w8Z/aZV8hc0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSOrp94
kAcZkxMrDwOg+G6vScRBIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmEwZTY5OTMtZTliZC00NGMwLWFhNDgtNDc2NTcwOGU1ZmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEI
MA0GCSqGSIb3DQEBCwUAA4IBAQByHjhh2aiQdkhdfdS+Nyz1kOvZYfmfZ3XG7NbR
+CRwfZK9z9AcikRemEfQZlnlrsMOrwW7LDC980z1/oASQM0B8YgKBxmafGSY6XTw
5wkK5tT4ypCJTCHZXQcXm2gWwD/Em0fJDpYIccpNJznRNmFE7f5ZmfDWHbKvkmlg
U5X/Js3VvW1r+Mqf8ts/wN9JhFdEbw9cULlNYw/T7ztYjlx5M5LlWV96AfDmiWbD
9s7IzxCmuW1ObVU15JBGxycpEn+RGJ2a6aimD2/u7IctDSGNgkACSE2Ce5mdpUiR
i/ThiLs3YCBkcHU4g1FMEVtcHx/IVlXY+asl6/e4ceKUQ95R
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:34 2025 by rpki-client