Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
File: bad2460c-8206-4534-9b9b-355c2d524858.roa (raw, json)
Hash identifier: z0KKSBAyUplkHKuL/jXF8DBOVFc0Pq5pAljFJ5xnW+4=
Subject key identifier: CA:B8:06:AF:48:50:D2:82:52:9D:52:4D:4E:D3:81:51:23:8D:7D:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D8141D5509097772785C3A23F82964F7916B3A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
Signing time: Fri 11 Jul 2025 20:21:49 +0000
ROA not before: Fri 11 Jul 2025 20:21:49 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:81:41:d5:50:90:97:77:27:85:c3:a2:3f:82:96:4f:79:16:b3:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:21:49 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=d52e712638196a1015add7b6852ee4c5f06054e474a385ca18135186c524f9e9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:30:2d:6a:b6:24:50:4f:8c:b9:fd:7a:51:f3:
06:1b:08:ec:e7:76:60:0b:68:70:8b:40:45:9a:04:
9e:96:40:55:c6:f5:a8:6f:07:07:c0:1f:b5:5e:15:
9c:ed:09:b2:4d:71:03:7c:21:02:6c:91:4c:b2:37:
6e:79:fd:63:51:2c:6d:83:99:eb:b6:ea:0b:d8:e7:
3b:d8:a3:b2:27:d9:24:22:27:55:0e:13:0c:0e:60:
88:d3:45:73:72:b3:54:7b:cd:a7:22:a7:dd:9c:29:
40:85:fb:25:50:ee:14:75:c2:17:48:a6:66:8b:9e:
25:d2:90:43:5a:d6:d9:bc:2f:c3:98:07:43:a7:ab:
26:63:6e:c3:37:0f:c4:a7:67:8e:bd:1c:5c:6a:60:
0f:92:42:a8:eb:0e:de:34:ef:92:21:c9:ce:f2:ed:
db:11:8f:69:07:d1:9a:14:02:39:7d:4b:f9:71:14:
cf:d0:1a:d2:6f:5f:88:7e:65:e6:c9:30:6a:52:2b:
a2:7f:a1:48:40:68:2e:db:4f:ca:f6:10:d5:11:3b:
f1:52:8f:a6:c3:3c:1c:bf:6e:6b:a4:c2:42:63:ba:
0c:dc:5f:ca:97:9d:1c:fb:64:1c:6b:54:22:db:68:
b6:69:9f:c6:46:1a:66:aa:33:f3:75:fc:0e:67:e0:
13:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B8:06:AF:48:50:D2:82:52:9D:52:4D:4E:D3:81:51:23:8D:7D:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:6000::/40
Signature Algorithm: sha256WithRSAEncryption
6d:ce:e7:db:cd:e2:7b:20:dd:01:81:1f:aa:32:0c:4b:56:2e:
ce:77:63:cf:5b:86:b9:4a:8f:9d:b7:da:0d:04:7c:5b:5d:a8:
67:1c:92:aa:d6:ab:a4:23:6f:e7:bb:bd:32:a9:f1:a7:7d:cc:
c1:6c:e2:18:c2:03:ba:67:96:88:33:3c:2e:b6:b2:c5:fd:8d:
6d:02:19:cd:5d:45:1f:e3:2b:6a:44:56:c3:ed:68:06:9a:b7:
c7:02:12:ad:85:bc:4f:c3:a7:49:b5:76:a3:db:4e:0e:b5:12:
e2:43:0d:1d:d6:3f:11:bc:a6:40:5e:c3:c4:08:82:f2:b7:44:
23:0c:ee:e4:99:45:25:ea:f5:cc:9b:22:97:b9:06:48:08:28:
e7:62:9c:7a:df:c3:17:e3:33:32:11:17:f7:82:1a:ff:e8:ad:
86:c5:64:cf:f2:fe:2c:7b:4c:6a:2f:58:58:88:71:da:ac:1c:
21:97:ba:31:a2:e8:6a:b7:77:8f:26:28:73:c3:46:11:d6:e0:
64:90:96:b8:74:d1:0e:7b:f6:97:05:10:54:2b:13:b0:21:cd:
c9:41:29:4a:e1:22:81:61:7c:a5:5f:99:ea:04:8d:bb:92:ca:
2e:ab:2b:c0:0c:db:d3:bb:0e:b2:14:13:66:fb:b8:0b:02:6d:
9f:26:1a:90
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHYFB1VCQl3cnhcOiP4KWT3kWs6IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIxNDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1MmU3MTI2MzgxOTZhMTAxNWFkZDdiNjg1MmVlNGM1ZjA2MDU0ZTQ3NGEz
ODVjYTE4MTM1MTg2YzUyNGY5ZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQwLWq2JFBPjLn9elHzBhsI7Od2YAtocItARZoEnpZAVcb1qG8HB8AftV4V
nO0Jsk1xA3whAmyRTLI3bnn9Y1EsbYOZ67bqC9jnO9ijsifZJCInVQ4TDA5giNNF
c3KzVHvNpyKn3ZwpQIX7JVDuFHXCF0imZoueJdKQQ1rW2bwvw5gHQ6erJmNuwzcP
xKdnjr0cXGpgD5JCqOsO3jTvkiHJzvLt2xGPaQfRmhQCOX1L+XEUz9Aa0m9fiH5l
5skwalIron+hSEBoLttPyvYQ1RE78VKPpsM8HL9ua6TCQmO6DNxfypedHPtkHGtU
IttotmmfxkYaZqoz83X8DmfgE38CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKuAav
SFDSglKdUk1O04FRI4192TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmFkMjQ2MGMtODIwNi00NTM0LTliOWItMzU1YzJkNTI0ODU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5g
MA0GCSqGSIb3DQEBCwUAA4IBAQBtzufbzeJ7IN0BgR+qMgxLVi7Od2PPW4a5So+d
t9oNBHxbXahnHJKq1qukI2/nu70yqfGnfczBbOIYwgO6Z5aIMzwutrLF/Y1tAhnN
XUUf4ytqRFbD7WgGmrfHAhKthbxPw6dJtXaj204OtRLiQw0d1j8RvKZAXsPECILy
t0QjDO7kmUUl6vXMmyKXuQZICCjnYpx638MX4zMyERf3ghr/6K2GxWTP8v4se0xq
L1hYiHHarBwhl7oxouhqt3ePJihzw0YR1uBkkJa4dNEOe/aXBRBUKxOwIc3JQSlK
4SKBYXylX5nqBI27ksouqyvADNvTuw6yFBNm+7gLAm2fJhqQ
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:57:51 2025 by rpki-client