Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
File: bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa (raw, json)
Hash identifier: mxXGspcxHmnoVz4/zCMaWuJGKfUMnGI1qmO6gZSSFy0=
Subject key identifier: F8:D4:9F:9C:C8:70:C7:AC:55:EA:79:14:EC:D3:E9:8B:40:F6:2E:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D896931DA93603BC69C60175E8B22AB0D66E080
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
Signing time: Tue 21 Oct 2025 14:20:47 +0000
ROA not before: Tue 21 Oct 2025 14:20:47 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:89:69:31:da:93:60:3b:c6:9c:60:17:5e:8b:22:ab:0d:66:e0:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:20:47 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=8bd40d8b808e3ad4bfa1765f61e6cad876a18d46b23b27f35dcd38e7a9eee27d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2b:f4:da:a9:05:64:7b:ad:6d:69:13:20:b4:
15:d4:af:85:93:4c:04:3a:a3:a5:3e:88:bd:31:c6:
e9:1b:4e:fc:da:4d:4f:3b:cd:14:eb:7a:a3:17:da:
9f:74:a9:00:08:2b:47:db:fa:11:c2:d0:32:4d:c4:
e2:e2:03:3d:72:e8:eb:20:51:71:ef:d5:db:cf:d9:
f7:2f:0b:b2:8f:3f:58:18:24:a3:17:b2:ff:57:ef:
d7:02:b7:4c:d1:3c:bf:67:3d:13:f9:1d:db:c3:de:
34:9a:f6:fd:48:00:3a:cb:ff:2f:9c:88:f4:c5:76:
f8:73:6d:cc:45:71:e7:a4:a1:ad:6f:01:cd:0e:bc:
bd:cb:47:8b:51:76:fc:19:88:16:d6:c9:36:bf:41:
5d:d1:fa:1c:c7:31:e7:2c:23:d8:be:ef:ff:88:00:
b4:f4:7c:5a:32:d9:d2:64:43:e0:a5:2f:d8:47:02:
3d:fc:da:40:32:d0:bf:e3:a0:9a:e7:a5:55:bd:5f:
28:2d:68:ff:9b:56:24:f7:44:9f:82:8c:fb:24:84:
c3:25:00:bb:b5:e0:f4:21:e9:c1:44:a0:a6:ea:e2:
84:5b:62:56:83:ae:f7:49:88:d7:2c:af:1f:96:f2:
60:54:ac:f0:ea:f3:2b:c6:4b:ab:9f:5d:91:52:a6:
37:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D4:9F:9C:C8:70:C7:AC:55:EA:79:14:EC:D3:E9:8B:40:F6:2E:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:4000::/40
Signature Algorithm: sha256WithRSAEncryption
11:9f:a2:1a:d6:11:e9:a1:bb:3b:70:47:d1:93:a8:db:97:19:
b7:3d:eb:1a:c1:c2:36:70:a7:f5:61:a4:a0:6c:37:2d:8a:f7:
f4:cc:cb:c9:30:48:61:40:ad:83:30:dc:fa:36:99:7e:11:78:
e2:38:ae:d6:8c:ab:52:93:80:8f:22:2b:aa:ba:37:24:e6:50:
92:8d:b1:9b:71:85:48:0c:33:27:20:f3:aa:87:a4:f7:e9:47:
53:02:f1:b9:d8:f0:da:7e:1a:ae:92:39:96:4f:23:15:18:3e:
2e:64:a0:c2:78:f3:68:46:bc:a9:bf:29:40:b3:70:33:4a:6a:
01:6a:e2:68:20:6b:2e:25:5f:34:e0:67:ac:93:87:3d:10:42:
28:f6:c1:7b:31:90:d6:78:e7:3b:99:b2:34:c2:19:ce:dc:91:
b1:7f:c4:3e:f7:7f:be:3e:f2:a7:20:0a:b0:bc:2c:d9:b8:fe:
a9:4c:e5:d2:47:94:19:16:92:00:ac:f4:fc:f5:fc:9d:50:47:
a1:9b:a4:42:a4:d4:d2:ce:70:a6:65:94:0f:c2:e7:24:f4:2b:
25:25:f8:e4:29:52:2a:cf:e2:7e:21:5d:76:96:e2:92:1a:2a:
da:35:79:99:4b:60:21:fa:e9:24:e8:8d:11:7c:f2:df:44:01:
07:fd:c7:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfYlpMdqTYDvGnGAXXosiqw1m4IAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIwNDdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiZDQwZDhiODA4ZTNhZDRiZmExNzY1ZjYxZTZjYWQ4NzZhMThkNDZiMjNi
MjdmMzVkY2QzOGU3YTllZWUyN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIcr9NqpBWR7rW1pEyC0FdSvhZNMBDqjpT6IvTHG6RtO/NpNTzvNFOt6oxfa
n3SpAAgrR9v6EcLQMk3E4uIDPXLo6yBRce/V28/Z9y8Lso8/WBgkoxey/1fv1wK3
TNE8v2c9E/kd28PeNJr2/UgAOsv/L5yI9MV2+HNtzEVx56ShrW8BzQ68vctHi1F2
/BmIFtbJNr9BXdH6HMcx5ywj2L7v/4gAtPR8WjLZ0mRD4KUv2EcCPfzaQDLQv+Og
muelVb1fKC1o/5tWJPdEn4KM+ySEwyUAu7Xg9CHpwUSgpurihFtiVoOu90mI1yyv
H5byYFSs8OrzK8ZLq59dkVKmN5cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT41J+c
yHDHrFXqeRTs0+mLQPYubjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmIyMTcxMGEtYTM3YS00NDc2LWFiNmItM2QwNzllOWQxY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5A
MA0GCSqGSIb3DQEBCwUAA4IBAQARn6Ia1hHpobs7cEfRk6jblxm3PesawcI2cKf1
YaSgbDctivf0zMvJMEhhQK2DMNz6Npl+EXjiOK7WjKtSk4CPIiuqujck5lCSjbGb
cYVIDDMnIPOqh6T36UdTAvG52PDafhqukjmWTyMVGD4uZKDCePNoRrypvylAs3Az
SmoBauJoIGsuJV804Gesk4c9EEIo9sF7MZDWeOc7mbI0whnO3JGxf8Q+93++PvKn
IAqwvCzZuP6pTOXSR5QZFpIArPT89fydUEehm6RCpNTSznCmZZQPwuck9CslJfjk
KVIqz+J+IV12luKSGiraNXmZS2Ah+ukk6I0RfPLfRAEH/ceh
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:19 2025 by rpki-client