Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
File: ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa (raw, json)
Hash identifier: XY0htjTtw/hRwXOmte8Z9N7U+7jr2DB6Mf/6ZgDJ3EE=
Subject key identifier: E3:CE:01:F6:1C:ED:1E:4F:54:CA:C6:D3:4C:C8:3F:30:BD:86:FF:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 591551BCB4E81E0895A26E1981014D4968D230A8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
Signing time: Mon 01 Sep 2025 21:10:37 +0000
ROA not before: Mon 01 Sep 2025 21:10:37 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:15:51:bc:b4:e8:1e:08:95:a2:6e:19:81:01:4d:49:68:d2:30:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:10:37 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=f47f199dab2767c13d79049ed9b9a2973751178f7b26806f15db798eb46081cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a3:a5:6a:bf:52:44:33:ef:36:49:64:d9:3f:
0e:cc:40:fc:1d:8d:ff:57:37:30:30:a0:81:b1:84:
d6:ca:a0:5a:ae:93:c1:d7:39:5f:84:41:18:53:a8:
c7:e7:37:5e:59:3f:5a:fe:ad:63:b2:ec:e3:f2:d8:
e8:02:eb:b9:c1:6b:ef:27:ca:0d:1e:83:58:30:a6:
8a:d5:8c:80:1b:64:cc:f0:10:aa:79:a5:51:e9:b5:
9c:2a:f2:1c:c3:3e:a7:59:94:3e:46:f0:22:f2:25:
af:ac:1c:6e:63:85:fd:a9:1d:02:5a:b4:04:9c:65:
30:c7:a3:c9:35:a4:3f:21:dc:f3:0b:36:db:04:c8:
b3:43:9e:30:76:01:0e:c5:6b:22:ca:45:3a:47:20:
66:0b:27:a1:1a:71:ac:77:d5:b9:b5:85:41:5c:00:
6a:9f:0e:d6:68:d6:f9:ae:4d:f9:bb:4a:64:8f:c1:
93:bc:3b:d4:54:e3:32:87:8e:72:bd:dd:42:c7:cd:
b0:20:90:49:69:54:b3:5e:ab:17:90:bb:72:f2:03:
0d:fc:1a:20:c4:54:0e:4f:eb:b9:43:93:de:fc:64:
3d:e8:1a:9c:54:b1:43:b8:70:79:57:a7:db:64:a0:
0f:d0:c3:b0:e5:3a:d4:ae:c2:d4:49:99:37:f6:93:
f6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:CE:01:F6:1C:ED:1E:4F:54:CA:C6:D3:4C:C8:3F:30:BD:86:FF:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:800::/38
Signature Algorithm: sha256WithRSAEncryption
5e:ab:89:d8:ec:a9:fa:1e:9a:92:00:5a:01:57:9d:61:2e:94:
2a:f3:84:2b:b4:9c:45:a3:76:27:98:e8:93:e0:7d:c7:58:84:
b9:5e:ae:9f:d2:c5:e6:02:0b:26:0d:9c:9a:74:5d:6b:31:3a:
20:7d:21:70:bb:c6:fd:5f:2f:8b:98:d5:6c:cb:15:54:61:4f:
63:32:b8:db:91:c4:3b:53:12:65:29:0d:7e:ff:d8:4a:71:0b:
0b:0c:05:37:69:eb:96:b3:92:ae:4f:84:cf:2a:b0:de:c4:23:
8a:10:25:0a:fe:9d:ab:2f:e5:2c:67:2f:78:54:5d:31:26:62:
92:12:04:f1:2d:c8:b9:9a:0c:6b:4a:e5:a3:fd:aa:a0:69:25:
1e:2d:1f:1d:b6:6c:fb:81:c4:e9:87:0f:92:84:d2:2b:a8:17:
18:85:9b:a5:40:3d:39:e7:3b:41:2f:9a:de:3d:0a:48:19:80:
f6:96:d9:ab:5f:23:86:9d:4f:db:2c:ee:21:72:f1:54:3d:d2:
e7:f0:8b:2a:5e:2c:7d:b0:11:37:39:6a:8f:77:9f:cd:29:4e:
b0:06:11:db:ed:d8:4f:74:c2:9f:33:ed:85:63:72:69:ea:b8:
de:a0:51:cd:d0:79:a6:51:80:42:4f:4e:15:71:39:12:2f:ce:
eb:f3:8d:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWRVRvLToHgiVom4ZgQFNSWjSMKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTEwMzdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0N2YxOTlkYWIyNzY3YzEzZDc5MDQ5ZWQ5YjlhMjk3Mzc1MTE3OGY3YjI2
ODA2ZjE1ZGI3OThlYjQ2MDgxY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOjpWq/UkQz7zZJZNk/DsxA/B2N/1c3MDCggbGE1sqgWq6Twdc5X4RBGFOo
x+c3Xlk/Wv6tY7Ls4/LY6ALrucFr7yfKDR6DWDCmitWMgBtkzPAQqnmlUem1nCry
HMM+p1mUPkbwIvIlr6wcbmOF/akdAlq0BJxlMMejyTWkPyHc8ws22wTIs0OeMHYB
DsVrIspFOkcgZgsnoRpxrHfVubWFQVwAap8O1mjW+a5N+btKZI/Bk7w71FTjMoeO
cr3dQsfNsCCQSWlUs16rF5C7cvIDDfwaIMRUDk/ruUOT3vxkPeganFSxQ7hweVen
22SgD9DDsOU61K7C1EmZN/aT9ocCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTjzgH2
HO0eT1TKxtNMyD8wvYb/NDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmEwZTY5OTMtZTliZC00NGMwLWFhNDgtNDc2NTcwOGU1ZmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEI
MA0GCSqGSIb3DQEBCwUAA4IBAQBeq4nY7Kn6HpqSAFoBV51hLpQq84QrtJxFo3Yn
mOiT4H3HWIS5Xq6f0sXmAgsmDZyadF1rMTogfSFwu8b9Xy+LmNVsyxVUYU9jMrjb
kcQ7UxJlKQ1+/9hKcQsLDAU3aeuWs5KuT4TPKrDexCOKECUK/p2rL+UsZy94VF0x
JmKSEgTxLci5mgxrSuWj/aqgaSUeLR8dtmz7gcTphw+ShNIrqBcYhZulQD055ztB
L5rePQpIGYD2ltmrXyOGnU/bLO4hcvFUPdLn8IsqXix9sBE3OWqPd5/NKU6wBhHb
7dhPdMKfM+2FY3Jp6rjeoFHN0HmmUYBCT04VcTkSL87r841v
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:20 2025 by rpki-client