Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
File: bad2460c-8206-4534-9b9b-355c2d524858.roa (raw, json)
Hash identifier: oyGl/QqQT3bmgzm25O6fF5cIArVio16/pWpfDKhlBk0=
Subject key identifier: F6:7A:57:62:CE:F0:5F:BD:1A:19:C7:C8:E1:51:AF:85:F3:4F:A4:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C27378270B07E6FC6F0F5EC6640060260E11745
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
Signing time: Tue 21 Oct 2025 13:51:02 +0000
ROA not before: Tue 21 Oct 2025 13:51:02 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:27:37:82:70:b0:7e:6f:c6:f0:f5:ec:66:40:06:02:60:e1:17:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:51:02 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=f2293e3ce0a0143281248b341fb1d5aeef29878ad5040385d1d6860773a40974, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b9:b7:10:af:b5:93:47:dd:5d:87:e0:d3:cd:
5f:a7:a6:80:34:f0:cd:30:ba:c8:0f:be:ed:7a:2f:
fa:f5:49:ef:0b:bc:64:d7:1c:53:06:39:68:5a:5a:
fe:73:dc:2b:41:0f:62:d4:fc:f0:96:21:f5:22:d0:
32:ac:50:cb:8c:c9:2d:7c:00:4a:6e:0d:09:04:c9:
b0:7a:9c:4e:68:dd:20:28:3c:6b:60:24:c6:cd:1d:
15:8f:8f:e5:78:da:e0:67:19:c9:92:5f:3e:7f:7b:
bd:fa:d1:7a:56:8c:c2:cf:4d:93:51:6c:d3:d6:14:
09:31:32:c6:3f:91:0c:ff:01:29:0f:46:10:d5:1b:
7f:79:47:8a:bc:ac:c7:7d:85:50:fb:d5:2f:e1:6d:
ad:42:19:21:42:c2:ec:3f:df:6f:4d:c1:91:e4:20:
c5:7a:85:7a:9c:fb:51:c1:24:17:8a:51:29:b9:e1:
a3:2d:ef:c5:53:bb:22:5c:da:b5:fe:5d:3c:7f:a4:
98:f1:b2:a7:85:a9:80:82:82:8f:93:26:0d:8b:dd:
35:ea:92:26:f3:6a:76:00:52:dc:2a:27:e9:95:e4:
fc:52:d1:a3:fd:57:c9:ea:e7:93:5c:69:e1:89:0e:
04:45:fa:09:ec:92:b6:80:e6:77:20:81:29:28:f7:
42:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:7A:57:62:CE:F0:5F:BD:1A:19:C7:C8:E1:51:AF:85:F3:4F:A4:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:6000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:f7:39:e5:23:66:2e:58:23:bf:e9:ac:63:36:f5:51:33:4a:
ee:4b:fa:64:7d:28:3d:16:74:46:f8:d1:9f:0b:31:1f:9a:2d:
8d:74:f2:9f:2c:18:94:96:0b:19:8e:b8:fc:46:03:ca:cd:1d:
d1:26:3f:7f:3a:15:0b:25:3b:2d:bc:d0:84:0a:86:bd:ca:41:
39:d5:35:05:26:15:45:b2:20:35:77:8a:24:a4:b7:3d:ac:b8:
50:03:75:f7:cf:95:df:3c:44:aa:1a:da:76:4d:b0:d3:74:56:
ed:ad:c2:d9:ff:91:ac:b9:da:af:a9:b1:9e:ac:f0:e6:72:44:
10:c1:c4:83:7b:d7:8b:d5:0f:61:02:4c:f5:5f:36:f5:12:fc:
e3:1d:51:db:25:c2:41:8c:9c:3d:8d:d2:46:8c:b7:8e:1c:c9:
b4:a5:4f:6f:e7:fa:ad:c2:2e:6d:22:36:a7:24:47:c0:05:f2:
08:b7:75:f8:7a:88:6b:e7:ff:10:95:b4:43:5a:5e:81:73:55:
84:2a:2a:08:f3:1d:62:d9:6e:16:db:aa:98:10:2c:7b:33:ad:
de:74:86:3d:a6:72:ce:fb:f8:b2:cf:9c:40:a3:30:38:50:14:
cf:a4:0f:ed:18:81:55:9a:24:5d:a1:77:5f:80:23:36:b1:23:
c9:a2:b2:d3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULCc3gnCwfm/G8PXsZkAGAmDhF0UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUxMDJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyMjkzZTNjZTBhMDE0MzI4MTI0OGIzNDFmYjFkNWFlZWYyOTg3OGFkNTA0
MDM4NWQxZDY4NjA3NzNhNDA5NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+5txCvtZNH3V2H4NPNX6emgDTwzTC6yA++7Xov+vVJ7wu8ZNccUwY5aFpa
/nPcK0EPYtT88JYh9SLQMqxQy4zJLXwASm4NCQTJsHqcTmjdICg8a2Akxs0dFY+P
5Xja4GcZyZJfPn97vfrRelaMws9Nk1Fs09YUCTEyxj+RDP8BKQ9GENUbf3lHirys
x32FUPvVL+FtrUIZIULC7D/fb03BkeQgxXqFepz7UcEkF4pRKbnhoy3vxVO7Ilza
tf5dPH+kmPGyp4WpgIKCj5MmDYvdNeqSJvNqdgBS3Con6ZXk/FLRo/1Xyernk1xp
4YkOBEX6CeyStoDmdyCBKSj3QnMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT2eldi
zvBfvRoZx8jhUa+F80+ktzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmFkMjQ2MGMtODIwNi00NTM0LTliOWItMzU1YzJkNTI0ODU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5g
MA0GCSqGSIb3DQEBCwUAA4IBAQA99znlI2YuWCO/6axjNvVRM0ruS/pkfSg9FnRG
+NGfCzEfmi2NdPKfLBiUlgsZjrj8RgPKzR3RJj9/OhULJTstvNCECoa9ykE51TUF
JhVFsiA1d4okpLc9rLhQA3X3z5XfPESqGtp2TbDTdFbtrcLZ/5GsudqvqbGerPDm
ckQQwcSDe9eL1Q9hAkz1Xzb1EvzjHVHbJcJBjJw9jdJGjLeOHMm0pU9v5/qtwi5t
IjanJEfABfIIt3X4eohr5/8QlbRDWl6Bc1WEKioI8x1i2W4W26qYECx7M63edIY9
pnLO+/iyz5xAozA4UBTPpA/tGIFVmiRdoXdfgCM2sSPJorLT
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:22:04 2025 by rpki-client