Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
File: bad2460c-8206-4534-9b9b-355c2d524858.roa (raw, json)
Hash identifier: J2YPKPzFz2BR0nf8lwXcg3+foogcLq6V1HSGuKquTow=
Subject key identifier: 30:94:A0:6A:F2:12:7C:36:67:0F:4E:58:1B:6B:A8:39:BC:6C:38:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23E1A500A86780D40920EE56DF4A53843170101E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
Signing time: Tue 05 Aug 2025 19:40:10 +0000
ROA not before: Tue 05 Aug 2025 19:40:10 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:e1:a5:00:a8:67:80:d4:09:20:ee:56:df:4a:53:84:31:70:10:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:10 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=77fd8148ab305fe068f76b64af82df3764f841dbbc50b4a6a315577fd1ab1843, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:37:59:b2:ec:fb:71:6c:3f:5d:5f:0e:cf:17:
ba:de:6d:79:61:71:45:bf:ba:e7:c6:f5:b1:05:f9:
3c:39:39:22:ba:4b:ae:31:48:89:70:29:88:d6:c4:
7f:0c:40:91:e5:c5:2e:31:aa:16:3d:dd:c0:39:3f:
34:ba:72:a1:ae:73:02:25:9e:cf:48:d9:22:af:ad:
8c:08:b7:66:49:cc:79:f8:5d:1a:de:58:b2:3c:6c:
f8:4f:6e:ec:16:ec:a3:2b:6b:5a:8b:ba:bd:b7:55:
a5:c9:e8:7e:c3:d5:28:ca:8b:54:75:95:c7:25:2c:
fe:3f:3e:f4:ff:f1:25:5a:fc:2a:75:0e:e4:8a:97:
84:06:04:ed:30:7d:17:4d:0b:c9:93:95:54:e9:5b:
f0:7f:5f:72:26:b3:9a:6a:98:36:fc:de:e9:6f:00:
4f:34:c2:8b:2b:8e:6c:08:81:6d:90:6d:41:ba:4a:
8d:1a:51:49:b4:67:de:02:7e:2a:f6:a0:21:e9:24:
af:eb:22:93:2b:f5:a8:51:31:ab:29:21:3c:22:25:
57:d1:80:6b:73:9d:56:18:5b:b8:13:35:f9:3f:0a:
fc:5c:92:7f:ac:e3:4e:9b:40:92:80:2f:3f:77:62:
49:e7:4a:d5:ff:ad:6b:e0:50:3c:2d:07:d7:73:e5:
f4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:94:A0:6A:F2:12:7C:36:67:0F:4E:58:1B:6B:A8:39:BC:6C:38:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c8:1a:ca:74:a6:c3:b1:55:a6:c0:99:6d:7b:56:5d:bc:7d:7b:
7f:e6:e1:89:e4:29:2b:e8:70:3c:cc:e5:56:95:13:cb:d1:06:
3c:f7:f9:c3:a4:3f:cd:1b:a6:ff:93:bc:61:c5:ee:21:31:74:
b2:29:57:f7:ae:eb:7a:07:0d:65:fe:86:af:31:18:e8:e2:55:
58:47:e5:86:8c:eb:7a:76:ee:d1:98:0a:f8:34:fc:30:f4:71:
2b:ac:2f:ec:d9:fd:8d:2b:ab:94:52:94:10:58:42:3b:0f:8b:
03:86:37:16:38:57:94:c9:3c:cc:62:8c:db:11:df:09:28:f1:
fc:81:3d:ac:80:d9:75:75:76:fb:c2:40:43:70:aa:68:94:4a:
cb:e0:9a:19:6c:e6:78:6e:6b:16:55:28:6d:04:91:3c:55:3b:
58:e4:08:7c:34:a8:3c:b2:58:d2:cd:41:60:af:33:e0:54:e6:
a4:dd:cd:43:f9:ea:bd:f1:4e:e5:0f:62:52:86:85:35:bb:8a:
31:d4:3a:e0:bc:1a:3b:b6:b2:26:70:4d:79:c4:25:0d:d8:fa:
ae:60:b5:6b:ce:82:dc:98:96:2d:eb:8e:4c:5d:42:91:77:ef:
48:40:ee:73:15:0a:fe:45:9f:6e:a7:c7:24:74:dd:e7:05:95:
e9:9a:bc:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI+GlAKhngNQJIO5W30pThDFwEB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwMTBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3ZmQ4MTQ4YWIzMDVmZTA2OGY3NmI2NGFmODJkZjM3NjRmODQxZGJiYzUw
YjRhNmEzMTU1NzdmZDFhYjE4NDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL03WbLs+3FsP11fDs8Xut5teWFxRb+658b1sQX5PDk5IrpLrjFIiXApiNbE
fwxAkeXFLjGqFj3dwDk/NLpyoa5zAiWez0jZIq+tjAi3ZknMefhdGt5Ysjxs+E9u
7BbsoytrWou6vbdVpcnofsPVKMqLVHWVxyUs/j8+9P/xJVr8KnUO5IqXhAYE7TB9
F00LyZOVVOlb8H9fciazmmqYNvze6W8ATzTCiyuObAiBbZBtQbpKjRpRSbRn3gJ+
KvagIekkr+sikyv1qFExqykhPCIlV9GAa3OdVhhbuBM1+T8K/FySf6zjTptAkoAv
P3diSedK1f+ta+BQPC0H13Pl9KsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQwlKBq
8hJ8NmcPTlgba6g5vGw4wzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmFkMjQ2MGMtODIwNi00NTM0LTliOWItMzU1YzJkNTI0ODU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5g
MA0GCSqGSIb3DQEBCwUAA4IBAQDIGsp0psOxVabAmW17Vl28fXt/5uGJ5Ckr6HA8
zOVWlRPL0QY89/nDpD/NG6b/k7xhxe4hMXSyKVf3rut6Bw1l/oavMRjo4lVYR+WG
jOt6du7RmAr4NPww9HErrC/s2f2NK6uUUpQQWEI7D4sDhjcWOFeUyTzMYozbEd8J
KPH8gT2sgNl1dXb7wkBDcKpolErL4JoZbOZ4bmsWVShtBJE8VTtY5Ah8NKg8sljS
zUFgrzPgVOak3c1D+eq98U7lD2JShoU1u4ox1DrgvBo7trImcE15xCUN2PquYLVr
zoLcmJYt645MXUKRd+9IQO5zFQr+RZ9up8ckdN3nBZXpmrz6
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:10 2025 by rpki-client