Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdd33562-2653-4549-84dc-25f96aa10a83.roa
File: bdd33562-2653-4549-84dc-25f96aa10a83.roa (raw, json)
Hash identifier: dVHZuFZXDQmA7mnJOgYSG0RRsnIjHlpqOfqv5R64lyI=
Subject key identifier: E0:BF:13:F1:74:69:80:98:EA:4F:52:60:D2:BC:6D:D2:4A:54:6B:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 638A7642C45BC4D6F0B3A17A6892C9EA2D1C1FA6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdd33562-2653-4549-84dc-25f96aa10a83.roa
Signing time: Tue 21 Oct 2025 13:20:50 +0000
ROA not before: Tue 21 Oct 2025 13:20:50 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d021::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:8a:76:42:c4:5b:c4:d6:f0:b3:a1:7a:68:92:c9:ea:2d:1c:1f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:20:50 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=1a9ac9bd5e285b0778f05ce53710bbc331dcc7a4351e443f28401b7672c1536c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:7a:f6:30:9f:4f:e9:d8:e6:5e:fa:bb:ca:07:
60:74:7b:c0:b1:56:fa:63:68:3e:92:26:3f:9f:be:
0f:b7:b2:55:8c:f8:0c:79:a6:5b:ea:33:4c:ab:e7:
37:d4:0d:ed:fc:e1:a5:49:5d:48:73:c7:4b:e2:87:
97:5a:b9:31:4f:52:c7:2d:23:5c:4f:87:4e:0e:55:
e1:1f:62:49:1a:bf:ac:e3:b6:f5:27:b3:48:5c:12:
d9:3f:58:85:0a:ba:e4:03:ba:71:08:70:b8:ad:a8:
c9:80:0c:b6:f1:2b:6d:c6:ee:ad:8e:7a:16:71:93:
b3:ce:8f:50:d3:c2:c0:25:c1:ab:32:b5:32:dc:cb:
d3:5a:16:41:a1:e4:63:88:0e:2c:09:07:01:38:dd:
8b:23:18:d5:c7:e4:5e:74:ba:d3:35:d8:04:4a:e7:
20:81:55:14:5c:11:51:d0:0e:77:00:30:ee:5b:e3:
cc:a8:f4:ae:41:f4:23:f6:0d:6e:83:02:49:05:74:
7d:85:95:11:3f:b1:3d:d6:7c:99:1b:94:46:a9:8d:
8b:f7:28:a7:59:2c:21:14:9a:89:ee:88:e5:00:df:
57:02:2e:45:e1:e1:5f:2e:d1:5d:03:5c:2f:9f:7f:
49:69:3b:63:43:b0:a9:5b:9a:8d:13:b2:8f:de:43:
14:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:BF:13:F1:74:69:80:98:EA:4F:52:60:D2:BC:6D:D2:4A:54:6B:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdd33562-2653-4549-84dc-25f96aa10a83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d021::/36
Signature Algorithm: sha256WithRSAEncryption
4b:80:fb:27:f3:db:28:f7:5b:2f:4c:27:95:40:c1:c3:95:e4:
d0:d4:28:83:30:30:3e:fd:04:fa:76:67:11:2f:46:79:b0:71:
af:f4:88:6c:3b:88:93:53:7b:26:d8:13:2a:dc:16:bf:62:af:
6e:e7:2b:a0:5f:f9:39:cc:84:69:69:30:db:f7:49:15:64:49:
82:c3:ae:a5:4b:be:5a:d0:91:54:f4:cf:7f:5c:08:04:60:b2:
05:7a:f8:47:d3:91:d7:98:a0:ce:90:71:40:29:86:c5:60:26:
0e:28:d9:dd:ac:2b:fe:61:58:85:7b:51:4c:34:36:bf:0e:38:
08:d8:fd:ee:04:de:da:71:8d:df:df:47:57:b5:34:25:6a:21:
b9:60:ff:28:36:4c:df:44:8b:99:dd:d2:4c:1d:a8:8c:f7:7e:
b6:09:75:ae:11:32:34:40:47:b6:9e:06:34:d5:db:a5:9d:3f:
b4:1f:85:95:9e:26:f8:e3:2f:3f:79:46:63:4c:c1:bc:61:ec:
bc:c2:f1:f3:01:00:8f:b2:dd:b8:77:40:dc:93:0e:79:9d:7e:
a7:df:7d:e6:2a:8b:c3:99:ed:14:75:9e:bf:b2:83:a1:fa:4a:
9a:5b:af:7e:65:02:c8:ff:c1:07:5a:ae:bb:5e:be:1d:6c:85:
d6:cb:a8:ba
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY4p2QsRbxNbws6F6aJLJ6i0cH6YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzIwNTBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhOWFjOWJkNWUyODViMDc3OGYwNWNlNTM3MTBiYmMzMzFkY2M3YTQzNTFl
NDQzZjI4NDAxYjc2NzJjMTUzNmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIN69jCfT+nY5l76u8oHYHR7wLFW+mNoPpImP5++D7eyVYz4DHmmW+ozTKvn
N9QN7fzhpUldSHPHS+KHl1q5MU9Sxy0jXE+HTg5V4R9iSRq/rOO29SezSFwS2T9Y
hQq65AO6cQhwuK2oyYAMtvErbcburY56FnGTs86PUNPCwCXBqzK1MtzL01oWQaHk
Y4gOLAkHATjdiyMY1cfkXnS60zXYBErnIIFVFFwRUdAOdwAw7lvjzKj0rkH0I/YN
boMCSQV0fYWVET+xPdZ8mRuURqmNi/cop1ksIRSaie6I5QDfVwIuReHhXy7RXQNc
L59/SWk7Y0OwqVuajROyj95DFKMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTgvxPx
dGmAmOpPUmDSvG3SSlRr7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRkMzM1NjItMjY1My00NTQ5LTg0ZGMtMjVmOTZhYTEwYTgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBLgPsn89so91svTCeVQMHDleTQ1CiDMDA+/QT6
dmcRL0Z5sHGv9IhsO4iTU3sm2BMq3Ba/Yq9u5yugX/k5zIRpaTDb90kVZEmCw66l
S75a0JFU9M9/XAgEYLIFevhH05HXmKDOkHFAKYbFYCYOKNndrCv+YViFe1FMNDa/
DjgI2P3uBN7acY3f30dXtTQlaiG5YP8oNkzfRIuZ3dJMHaiM9362CXWuETI0QEe2
ngY01dulnT+0H4WVnib44y8/eUZjTMG8Yey8wvHzAQCPst24d0Dckw55nX6n333m
KovDme0UdZ6/soOh+kqaW69+ZQLI/8EHWq67Xr4dbIXWy6i6
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:21:14 2025 by rpki-client