Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
File: bba6d1fd-8b29-4481-a568-7018abbd9103.roa (raw, json)
Hash identifier: W4R7sRlh1SLfwaMffwfGXF2SgRd7mG6VhWP+FDgNaXc=
Subject key identifier: 64:CC:0A:D3:2A:71:D2:A1:96:3B:52:44:54:91:A0:F1:DF:8A:53:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46697CDA52D580B258B8CA7A658E68EBC36445F8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
Signing time: Mon 01 Sep 2025 20:20:20 +0000
ROA not before: Mon 01 Sep 2025 20:20:20 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:69:7c:da:52:d5:80:b2:58:b8:ca:7a:65:8e:68:eb:c3:64:45:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:20:20 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=e783a19a866aa06ba0d1dfa78659fda683eecaa010bb6ab401a22086e8abe0ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:18:08:68:15:74:57:45:50:00:6c:2d:df:2a:
08:40:31:0d:57:43:6b:3d:84:26:ed:88:4b:eb:8e:
fa:9c:69:6b:bc:d0:87:e6:73:8d:0a:ff:1e:5a:6f:
16:33:f3:a0:7b:16:22:fa:e8:24:1f:a3:3b:a2:e0:
00:c0:3a:01:a6:c0:8d:2a:5c:83:5c:9b:df:65:9e:
a7:be:c6:ee:54:cc:57:d8:86:44:26:14:8f:62:60:
2d:19:c1:98:bd:19:05:80:9c:fb:09:be:f3:a9:50:
95:6a:35:34:12:fc:fb:61:1b:7a:3e:56:92:1b:de:
41:fb:4e:8e:34:97:9f:58:12:22:bf:eb:00:15:df:
c3:3e:d0:2c:80:68:68:3a:cb:f9:c8:9d:55:c5:9c:
b5:2a:a6:a7:10:fb:8c:88:a5:1b:3e:eb:16:db:8b:
b1:67:47:58:8b:8a:7b:7b:7c:38:4a:c3:7a:ff:47:
51:54:e3:96:d7:01:99:ae:92:24:78:e0:a2:7e:57:
65:6a:3c:cd:00:de:8f:72:dd:5a:0e:45:8c:9a:a4:
1e:fd:4e:a8:c8:55:db:8e:90:98:72:9a:60:5c:d3:
2e:0b:ab:b0:3b:62:40:a0:61:09:3c:1d:71:b3:6d:
08:44:92:fc:c1:12:9f:ef:3b:87:9e:a8:25:21:bc:
e0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:CC:0A:D3:2A:71:D2:A1:96:3B:52:44:54:91:A0:F1:DF:8A:53:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9080::/48
Signature Algorithm: sha256WithRSAEncryption
20:8a:ca:b2:fb:0a:16:a2:64:a9:ff:20:5a:85:ff:95:cb:fd:
38:9e:cc:b4:b2:c7:29:72:93:23:47:c6:7c:e1:07:3a:05:34:
07:7c:c2:73:4d:77:d7:b5:79:62:69:47:3b:35:82:b9:2e:9f:
64:5b:e0:88:ad:9b:fb:cb:11:43:4d:80:a0:c1:6f:88:77:f1:
a9:88:a0:3f:8d:7d:f0:62:51:25:7c:50:56:ba:aa:c6:cb:71:
24:54:59:9c:da:90:ad:21:e4:38:f9:f6:98:fd:5d:94:33:3b:
aa:0f:f3:20:ab:26:46:a0:72:20:a5:51:b5:44:48:a2:40:bd:
44:aa:a6:ac:86:67:ac:de:d2:4a:32:09:bd:1c:d8:3f:a7:54:
b1:d3:3b:89:fe:00:8a:43:e0:e3:20:83:5f:b5:95:b6:b3:35:
d1:ce:e9:71:4c:bd:5d:b9:f6:1d:df:f5:38:bf:0a:4b:9c:b7:
73:77:02:ee:1a:b1:8e:31:1c:29:8d:8f:52:1c:a3:3c:10:1e:
01:80:ee:a7:5a:4e:a5:8b:eb:fc:62:9e:13:79:19:7f:3d:ca:
a4:b0:63:f9:e9:05:37:a8:97:b7:7f:42:a1:dc:c6:e4:c2:3f:
06:b7:70:4b:45:72:f3:61:f8:30:4f:67:87:2f:91:2a:ba:d2:
b8:e8:a6:41
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURml82lLVgLJYuMp6ZY5o68NkRfgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIwMjBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3ODNhMTlhODY2YWEwNmJhMGQxZGZhNzg2NTlmZGE2ODNlZWNhYTAxMGJi
NmFiNDAxYTIyMDg2ZThhYmUwZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYYCGgVdFdFUABsLd8qCEAxDVdDaz2EJu2IS+uO+pxpa7zQh+ZzjQr/Hlpv
FjPzoHsWIvroJB+jO6LgAMA6AabAjSpcg1yb32Wep77G7lTMV9iGRCYUj2JgLRnB
mL0ZBYCc+wm+86lQlWo1NBL8+2Ebej5WkhveQftOjjSXn1gSIr/rABXfwz7QLIBo
aDrL+cidVcWctSqmpxD7jIilGz7rFtuLsWdHWIuKe3t8OErDev9HUVTjltcBma6S
JHjgon5XZWo8zQDej3LdWg5FjJqkHv1OqMhV246QmHKaYFzTLgursDtiQKBhCTwd
cbNtCESS/MESn+87h56oJSG84KcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRkzArT
KnHSoZY7UkRUkaDx34pTZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmJhNmQxZmQtOGIyOS00NDgxLWE1NjgtNzAxOGFiYmQ5MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAIIrKsvsKFqJkqf8gWoX/lcv9OJ7MtLLHKXKT
I0fGfOEHOgU0B3zCc01317V5YmlHOzWCuS6fZFvgiK2b+8sRQ02AoMFviHfxqYig
P4198GJRJXxQVrqqxstxJFRZnNqQrSHkOPn2mP1dlDM7qg/zIKsmRqByIKVRtURI
okC9RKqmrIZnrN7SSjIJvRzYP6dUsdM7if4AikPg4yCDX7WVtrM10c7pcUy9Xbn2
Hd/1OL8KS5y3c3cC7hqxjjEcKY2PUhyjPBAeAYDup1pOpYvr/GKeE3kZfz3KpLBj
+ekFN6iXt39CodzG5MI/BrdwS0Vy82H4ME9nhy+RKrrSuOimQQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:28 2025 by rpki-client