Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
File: bba6d1fd-8b29-4481-a568-7018abbd9103.roa (raw, json)
Hash identifier: 0GHnYQz+ThSV6jM4x3X8W8OKYbq686R4BShxwFeKc/c=
Subject key identifier: 90:0E:C0:0E:C8:F8:DF:15:6C:7A:9C:A2:31:5E:D3:DD:53:6E:DA:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F050D7726921CAE2C39C420B904515B280BA076
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
Signing time: Tue 21 Oct 2025 14:30:33 +0000
ROA not before: Tue 21 Oct 2025 14:30:33 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:05:0d:77:26:92:1c:ae:2c:39:c4:20:b9:04:51:5b:28:0b:a0:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:30:33 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=2e409152684bb6152e0ec86f5dc8dddb5c08304f2c86a700d21e1917918921f7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b4:29:1c:df:09:08:d4:2a:93:ce:39:2d:2c:
68:67:cf:6c:ac:6e:88:0d:53:31:cc:6d:c7:99:b8:
67:1c:9f:2c:3a:2e:fd:b8:2e:58:aa:60:de:93:7d:
c1:63:16:32:87:f3:70:33:00:2c:14:ee:15:cc:05:
7d:cd:e6:53:5e:78:2b:f1:9c:65:4b:da:1b:08:c3:
d8:89:3c:4d:66:6d:17:8f:e2:15:57:fe:83:25:07:
e4:96:fe:7a:3d:38:5c:6e:c6:fa:c1:69:d8:e9:bf:
6c:14:bd:fd:44:fb:d9:b6:74:6e:bf:3b:39:a2:49:
52:f9:99:5b:1d:23:f5:d7:9f:8d:91:b0:5b:18:9a:
ab:6c:f7:2e:d2:e8:d5:82:d7:5d:f1:f6:39:b2:4e:
fe:70:33:c3:95:3b:12:ad:e1:2a:0e:6c:ff:31:5e:
f0:38:8d:34:cd:e6:1b:00:a7:31:28:94:b4:ea:1e:
4d:a1:ad:2a:d8:17:2e:5b:e6:82:4b:f0:ee:0d:d1:
26:73:17:67:3a:65:5a:7e:7d:fb:dd:f0:c7:5c:58:
83:48:30:a0:0a:18:c5:2c:02:8f:c3:ff:e7:99:32:
a7:73:cb:00:e2:a8:a8:73:da:05:43:3e:45:9c:30:
de:6d:51:2d:38:70:d8:89:98:0b:8f:9d:9f:a1:e9:
cd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0E:C0:0E:C8:F8:DF:15:6C:7A:9C:A2:31:5E:D3:DD:53:6E:DA:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9080::/48
Signature Algorithm: sha256WithRSAEncryption
2f:56:31:13:0c:95:a8:e6:63:d9:ee:86:0e:0b:a5:ef:79:15:
b2:e8:bb:fd:61:fb:0f:9a:69:d9:2e:e0:0f:3d:42:af:b2:e8:
5a:9c:29:c3:b6:b9:48:56:d8:13:95:a1:46:cd:13:91:5d:90:
78:16:53:cf:4d:93:b8:e6:b6:b6:10:30:f4:d0:bf:2e:79:00:
8d:5a:45:21:e4:39:bd:ee:14:bf:7d:62:64:0c:b6:f2:b3:f5:
d9:b1:92:78:50:1c:d6:7a:0e:75:be:91:c3:ca:6a:f0:03:6b:
ef:10:9b:d4:90:c6:7f:6f:7f:84:25:89:d3:17:32:e5:20:93:
ae:f8:b6:f8:2a:d3:57:9e:ad:52:ad:64:2f:11:9d:23:23:37:
24:99:50:91:82:71:cd:4b:62:06:e8:df:52:ff:6a:95:db:3b:
dd:d8:b1:28:8b:99:3f:e4:76:a0:7d:a7:45:54:9e:d1:a0:5b:
ab:cf:4e:7c:7b:a7:86:8b:da:63:a9:02:2d:fb:0a:80:dd:9e:
45:db:7e:c5:6b:e8:c9:21:5e:ee:76:52:7e:e1:7a:c7:32:fd:
7c:e5:49:41:bc:84:67:36:2f:f9:f2:61:ab:42:a8:d7:3e:de:
11:12:01:c5:63:18:81:b0:c2:7d:e1:e2:16:fc:26:cc:95:ab:
46:f7:7d:e0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDwUNdyaSHK4sOcQguQRRWygLoHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMwMzNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlNDA5MTUyNjg0YmI2MTUyZTBlYzg2ZjVkYzhkZGRiNWMwODMwNGYyYzg2
YTcwMGQyMWUxOTE3OTE4OTIxZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALC0KRzfCQjUKpPOOS0saGfPbKxuiA1TMcxtx5m4ZxyfLDou/bguWKpg3pN9
wWMWMofzcDMALBTuFcwFfc3mU154K/GcZUvaGwjD2Ik8TWZtF4/iFVf+gyUH5Jb+
ej04XG7G+sFp2Om/bBS9/UT72bZ0br87OaJJUvmZWx0j9defjZGwWxiaq2z3LtLo
1YLXXfH2ObJO/nAzw5U7Eq3hKg5s/zFe8DiNNM3mGwCnMSiUtOoeTaGtKtgXLlvm
gkvw7g3RJnMXZzplWn59+93wx1xYg0gwoAoYxSwCj8P/55kyp3PLAOKoqHPaBUM+
RZww3m1RLThw2ImYC4+dn6HpzZ8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSQDsAO
yPjfFWx6nKIxXtPdU27a7TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmJhNmQxZmQtOGIyOS00NDgxLWE1NjgtNzAxOGFiYmQ5MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAL1YxEwyVqOZj2e6GDgul73kVsui7/WH7D5pp
2S7gDz1Cr7LoWpwpw7a5SFbYE5WhRs0TkV2QeBZTz02TuOa2thAw9NC/LnkAjVpF
IeQ5ve4Uv31iZAy28rP12bGSeFAc1noOdb6Rw8pq8ANr7xCb1JDGf29/hCWJ0xcy
5SCTrvi2+CrTV56tUq1kLxGdIyM3JJlQkYJxzUtiBujfUv9qlds73dixKIuZP+R2
oH2nRVSe0aBbq89OfHunhovaY6kCLfsKgN2eRdt+xWvoySFe7nZSfuF6xzL9fOVJ
QbyEZzYv+fJhq0Ko1z7eERIBxWMYgbDCfeHiFvwmzJWrRvd94A==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:14 2025 by rpki-client