Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
File: bad2460c-8206-4534-9b9b-355c2d524858.roa (raw, json)
Hash identifier: rux7JHGHulcxmdSlNjfvWGB/BBXaismPR97tCgdABJQ=
Subject key identifier: 32:09:6A:AD:E5:CD:6D:53:87:4A:63:3A:7D:11:B1:D1:00:4B:BA:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 193A5169C1D23DD2F731F80CA61F3CF39C687608
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
Signing time: Fri 26 Sep 2025 19:39:45 +0000
ROA not before: Fri 26 Sep 2025 19:39:45 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Oct 2025 06:44:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:3a:51:69:c1:d2:3d:d2:f7:31:f8:0c:a6:1f:3c:f3:9c:68:76:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:39:45 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=ed6353ceec51635a61e3ca373c92fe4c3035ae9d7154429d7748faa08712d04f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:49:df:90:1b:92:35:93:1b:99:0a:e7:b9:f7:
93:dd:df:82:8d:41:40:e6:4e:ee:59:f3:d9:99:b4:
19:6a:52:ec:28:11:6f:a9:f8:90:43:81:9e:da:13:
50:2f:cb:8b:43:46:de:ab:1f:6d:1a:1b:ff:76:f9:
5f:56:88:75:e1:c5:42:27:c8:d1:d1:a8:94:e9:4e:
f8:27:fd:82:bb:26:21:ad:2a:96:1f:1a:db:42:2a:
3a:34:dd:43:8e:9b:00:7b:a2:96:06:97:71:4d:66:
7e:bf:28:b5:df:5a:70:77:8d:ab:82:22:fa:7d:b1:
ed:94:a3:b3:93:a8:da:f6:76:9a:bf:cd:e2:eb:6a:
86:84:52:e0:58:c1:78:76:c0:09:ce:ab:29:7a:7c:
25:e8:41:ea:6b:f6:69:3e:69:71:dc:c0:26:b4:59:
cf:a8:23:67:4e:e5:1c:3f:c1:af:1d:5c:fb:19:21:
89:e3:58:22:e1:44:70:26:3e:7c:67:93:4e:f7:dc:
72:23:9e:c4:31:a4:d2:12:91:6a:35:80:59:d5:45:
3a:80:b7:03:00:ec:2b:31:c5:0c:10:f0:82:8f:9b:
4e:ba:02:e2:36:e8:a6:b4:39:a6:0f:0e:88:2e:9f:
ca:20:14:31:e1:5b:ca:18:db:85:a3:47:56:3c:33:
b5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:09:6A:AD:E5:CD:6D:53:87:4A:63:3A:7D:11:B1:D1:00:4B:BA:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c6:a2:fe:89:e5:9d:ed:12:97:80:3d:50:44:98:96:da:52:d7:
63:42:16:c2:55:d4:92:1b:13:ab:24:24:cb:4a:a6:24:af:2b:
57:5f:c4:13:81:86:7d:45:69:a2:6a:aa:46:b1:2d:44:93:9d:
2b:92:73:a6:88:7b:f4:b2:28:94:75:ea:ad:26:94:27:8b:8b:
fc:4e:87:25:ed:2c:ee:7c:70:a7:1c:05:05:44:f3:82:57:a5:
d2:f5:ae:0d:21:2b:18:94:65:a5:db:24:a1:af:d3:56:13:06:
7b:2e:a9:51:6c:60:95:8c:c5:de:e7:ea:31:0b:85:04:33:7f:
36:40:5f:0f:a1:fb:2e:8f:b9:8d:27:8d:fd:a1:30:ef:05:45:
d4:1d:51:bb:6b:14:57:81:d0:66:10:03:56:19:33:16:af:e6:
e1:e2:3c:5b:c1:f9:37:85:51:6e:39:53:b1:5d:da:75:fb:32:
74:f5:a6:97:e6:1f:b5:39:32:40:29:e6:ee:33:fb:f8:f9:d8:
f2:28:bf:cc:41:93:af:03:ca:c8:f6:2a:2b:0c:d6:78:3f:ea:
52:bb:3e:8c:3a:ed:a8:34:25:78:b6:fe:74:d6:c0:6b:88:78:
90:e3:e2:22:35:01:9b:bd:51:1c:72:0a:1b:90:37:8d:f8:6a:
d5:fb:b0:2e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGTpRacHSPdL3MfgMph8885xodggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTM5NDVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkNjM1M2NlZWM1MTYzNWE2MWUzY2EzNzNjOTJmZTRjMzAzNWFlOWQ3MTU0
NDI5ZDc3NDhmYWEwODcxMmQwNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9J35AbkjWTG5kK57n3k93fgo1BQOZO7lnz2Zm0GWpS7CgRb6n4kEOBntoT
UC/Li0NG3qsfbRob/3b5X1aIdeHFQifI0dGolOlO+Cf9grsmIa0qlh8a20IqOjTd
Q46bAHuilgaXcU1mfr8otd9acHeNq4Ii+n2x7ZSjs5Oo2vZ2mr/N4utqhoRS4FjB
eHbACc6rKXp8JehB6mv2aT5pcdzAJrRZz6gjZ07lHD/Brx1c+xkhieNYIuFEcCY+
fGeTTvfcciOexDGk0hKRajWAWdVFOoC3AwDsKzHFDBDwgo+bTroC4jboprQ5pg8O
iC6fyiAUMeFbyhjbhaNHVjwztS0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyCWqt
5c1tU4dKYzp9EbHRAEu6/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmFkMjQ2MGMtODIwNi00NTM0LTliOWItMzU1YzJkNTI0ODU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5g
MA0GCSqGSIb3DQEBCwUAA4IBAQDGov6J5Z3tEpeAPVBEmJbaUtdjQhbCVdSSGxOr
JCTLSqYkrytXX8QTgYZ9RWmiaqpGsS1Ek50rknOmiHv0siiUdeqtJpQni4v8Tocl
7SzufHCnHAUFRPOCV6XS9a4NISsYlGWl2yShr9NWEwZ7LqlRbGCVjMXe5+oxC4UE
M382QF8Pofsuj7mNJ439oTDvBUXUHVG7axRXgdBmEANWGTMWr+bh4jxbwfk3hVFu
OVOxXdp1+zJ09aaX5h+1OTJAKebuM/v4+djyKL/MQZOvA8rI9iorDNZ4P+pSuz6M
Ou2oNCV4tv501sBriHiQ4+IiNQGbvVEccgobkDeN+GrV+7Au
-----END CERTIFICATE-----
Generated at Thu Oct 16 11:47:23 2025 by rpki-client