Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
File: 144286ab-f239-401f-a4ef-706749b0d570.roa (raw, json)
Hash identifier: N+BREOT3a3iVG5iP/j4LS6l00jT08UJBMMBPzI/4CfY=
Subject key identifier: 84:CC:09:AB:74:A5:6A:09:96:74:73:CA:E0:57:16:7E:EE:9B:75:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 650872955438F103022E12732CED651FA3919C32
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
Signing time: Tue 05 Aug 2025 18:50:17 +0000
ROA not before: Tue 05 Aug 2025 18:50:17 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:08:72:95:54:38:f1:03:02:2e:12:73:2c:ed:65:1f:a3:91:9c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:50:17 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=886579984f0b70d85008b4e665e5dabf7471323760def819b86a848adaa04c12, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:24:3e:3a:b4:ee:8b:e6:ee:07:89:27:e9:8a:
29:44:a5:62:51:2a:1d:bb:a5:23:e9:10:2d:91:3a:
7f:cb:b5:77:09:b8:99:c2:49:e8:e4:71:64:9c:c6:
9a:48:85:e7:10:49:ac:22:42:77:9e:4b:8b:89:10:
d8:08:b3:b3:7f:f5:99:d5:9d:2d:0f:5b:5c:b3:e4:
70:cc:f7:68:44:07:90:8b:1b:53:38:fc:8c:cd:f0:
a7:f4:d3:29:6f:24:5a:ba:52:ad:9e:02:bc:e5:7e:
a2:de:76:52:a3:64:d9:a8:11:12:88:ca:64:bd:cb:
84:0c:a0:5f:e2:b3:16:bf:01:be:3c:65:6e:29:07:
f1:59:90:83:c2:6a:23:0e:78:67:97:92:c3:4d:98:
3b:bd:a8:6d:89:22:47:22:72:3f:45:62:0c:8e:f7:
69:cd:00:6c:5e:46:29:9f:c9:57:10:89:66:1f:8b:
38:31:e7:7d:07:2e:fd:16:b0:c8:58:64:4c:6b:03:
20:85:35:0c:f4:43:44:a1:db:1f:c9:d0:15:1d:a3:
5a:aa:b5:f2:15:d6:17:5b:c9:a3:38:25:ba:f8:b3:
0d:c0:d5:cc:00:05:df:5d:ca:24:40:0a:79:62:f5:
05:97:d9:dd:3f:62:70:00:47:42:2d:5e:1e:7a:2a:
83:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CC:09:AB:74:A5:6A:09:96:74:73:CA:E0:57:16:7E:EE:9B:75:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
6a:71:69:a8:5b:16:07:64:95:72:0b:cf:13:01:6c:ad:29:fc:
eb:a1:87:ac:82:80:c0:09:41:f7:61:81:ca:66:90:ac:66:98:
82:75:89:fb:06:08:82:3c:64:e4:0a:3a:f9:3f:fa:38:91:e3:
da:51:d5:10:86:10:9d:0b:ed:06:61:08:a2:44:52:6d:30:a7:
b2:8e:07:32:89:5e:1d:17:a4:71:7e:ea:48:a2:31:55:ae:f6:
f1:bf:f9:35:f0:20:d1:0d:e1:99:fa:58:5e:70:40:64:9e:db:
62:89:b2:e1:7b:de:46:fd:a4:14:67:31:59:4a:69:e4:dc:01:
8b:fc:7f:71:0f:79:08:29:37:19:da:f3:47:5e:6b:9f:26:f9:
7a:6f:04:ea:80:5d:97:2a:6e:1e:76:2f:83:13:04:c0:dd:0a:
11:db:ff:15:f9:2c:53:7a:b3:6f:be:c6:18:ba:d6:09:a0:ec:
fb:1f:8b:d6:ba:13:f6:9f:1f:7e:f9:6a:87:ac:eb:a2:de:35:
42:94:92:13:0c:27:8a:0b:b4:53:f4:a1:59:80:c2:69:ed:ab:
45:7d:d9:c7:32:72:f4:ad:c7:b0:7b:04:7b:db:ae:ce:ad:7b:
61:8b:d2:66:35:11:4d:5f:87:07:ae:0f:1a:77:06:fb:3b:6f:
2e:2d:8f:38
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZQhylVQ48QMCLhJzLO1lH6ORnDIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUwMTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4NjU3OTk4NGYwYjcwZDg1MDA4YjRlNjY1ZTVkYWJmNzQ3MTMyMzc2MGRl
ZjgxOWI4NmE4NDhhZGFhMDRjMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANwkPjq07ovm7geJJ+mKKUSlYlEqHbulI+kQLZE6f8u1dwm4mcJJ6ORxZJzG
mkiF5xBJrCJCd55Li4kQ2Aizs3/1mdWdLQ9bXLPkcMz3aEQHkIsbUzj8jM3wp/TT
KW8kWrpSrZ4CvOV+ot52UqNk2agREojKZL3LhAygX+KzFr8BvjxlbikH8VmQg8Jq
Iw54Z5eSw02YO72obYkiRyJyP0ViDI73ac0AbF5GKZ/JVxCJZh+LODHnfQcu/Raw
yFhkTGsDIIU1DPRDRKHbH8nQFR2jWqq18hXWF1vJozgluvizDcDVzAAF313KJEAK
eWL1BZfZ3T9icABHQi1eHnoqgx8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSEzAmr
dKVqCZZ0c8rgVxZ+7pt18zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTQ0Mjg2YWItZjIzOS00MDFmLWE0ZWYtNzA2NzQ5YjBkNTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
wDANBgkqhkiG9w0BAQsFAAOCAQEAanFpqFsWB2SVcgvPEwFsrSn866GHrIKAwAlB
92GBymaQrGaYgnWJ+wYIgjxk5Ao6+T/6OJHj2lHVEIYQnQvtBmEIokRSbTCnso4H
MoleHRekcX7qSKIxVa728b/5NfAg0Q3hmfpYXnBAZJ7bYomy4XveRv2kFGcxWUpp
5NwBi/x/cQ95CCk3GdrzR15rnyb5em8E6oBdlypuHnYvgxMEwN0KEdv/FfksU3qz
b77GGLrWCaDs+x+L1roT9p8ffvlqh6zrot41QpSSEwwnigu0U/ShWYDCae2rRX3Z
xzJy9K3HsHsEe9uuzq17YYvSZjURTV+HB64PGncG+ztvLi2POA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:08 2025 by rpki-client