Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
File: 144286ab-f239-401f-a4ef-706749b0d570.roa (raw, json)
Hash identifier: 9GpPLNfTM3TyW7fprxDCHLendWMx3XQPevSWdFFgvjQ=
Subject key identifier: 4A:BA:11:33:26:C9:BA:DC:62:71:15:76:49:FE:B6:17:6A:0E:F1:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C3DA52E63DDA6DD0DD144A04C6825A7824BD0A7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
Signing time: Mon 16 Jun 2025 19:40:46 +0000
ROA not before: Mon 16 Jun 2025 19:40:46 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:3d:a5:2e:63:dd:a6:dd:0d:d1:44:a0:4c:68:25:a7:82:4b:d0:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:40:46 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e305e19d787da2f370b22e8c99ac06dd4c027f05e4610e77483a861fc2b87f31, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0c:bc:44:0c:77:e5:36:e8:b4:dd:f9:fe:8b:
6a:65:b7:9c:12:f9:5e:22:5f:83:20:eb:75:38:92:
2b:84:8d:37:70:a6:31:7c:65:79:29:81:f3:7b:2b:
88:75:bd:b4:d4:02:22:ad:ff:ec:cc:99:03:d2:dc:
ca:84:01:dc:e7:0f:32:1c:be:74:37:ac:a1:38:42:
82:2c:85:57:86:c5:b1:fe:69:3d:d5:77:7b:62:38:
96:8b:bb:44:98:fd:ba:37:65:48:98:60:f9:58:d9:
fd:8e:8c:28:8a:97:d5:31:c8:a2:55:32:a8:cb:47:
d6:7b:bb:b9:38:f7:ad:11:d1:12:5e:c2:b3:c5:06:
75:71:99:b3:4d:28:12:55:4f:fe:2b:c3:e8:de:2e:
b0:e5:4e:82:30:c0:b1:c3:45:ea:9a:b8:70:df:fd:
06:dd:70:58:19:86:61:d0:93:66:d3:f4:ce:b1:cd:
76:72:9d:90:82:ca:72:fa:34:c2:d9:0a:e1:55:28:
49:75:14:ab:80:96:e9:a6:9d:79:aa:07:1b:cb:59:
fd:fa:76:7d:2a:19:3e:dc:6a:d8:99:8e:19:92:c2:
75:c1:c0:6f:bc:7c:91:6e:48:a0:b9:c6:85:b0:8f:
77:07:c0:7f:e8:83:6f:49:c8:c4:e4:2d:8c:da:95:
22:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:BA:11:33:26:C9:BA:DC:62:71:15:76:49:FE:B6:17:6A:0E:F1:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
4d:d6:76:1e:e7:b9:28:35:9e:73:74:f4:b1:39:7d:d4:56:05:
52:c9:27:6d:89:a5:0f:6e:aa:fb:7e:9a:5f:a7:8e:b9:f2:35:
02:62:b9:77:f3:7b:46:a8:d8:ee:93:7d:60:69:15:aa:bd:68:
26:be:72:de:08:35:16:3d:03:a4:d0:61:8f:c6:4b:69:a7:06:
26:9e:3d:4a:f3:3e:49:e4:ed:98:f8:ab:af:cc:1e:da:87:e1:
1e:f0:40:10:85:0a:32:cd:e8:12:48:45:15:1d:d1:d1:33:57:
0d:fb:a4:79:a3:ab:30:5d:84:fa:b8:a8:65:68:ad:97:3b:27:
06:a9:2b:53:13:71:31:6f:01:03:31:0e:ba:0e:9a:83:a4:a8:
f0:8d:83:c4:8c:6c:4c:3a:77:66:05:0b:c6:43:23:84:db:22:
56:08:d0:b5:4a:76:c3:17:1a:93:a6:ad:ee:e8:f2:9d:4c:dc:
fb:84:57:87:73:e6:8a:c8:1e:16:16:09:27:09:28:ce:92:77:
2e:f7:4c:3c:b6:e8:6b:23:a2:6e:ba:e9:1c:02:8b:0b:8b:5f:
fb:57:ba:7f:17:7a:f8:27:41:13:6f:0d:0b:dc:3a:c1:31:84:
f1:5d:de:78:be:3e:0f:4e:73:4d:85:7a:75:71:7a:33:90:42:
4b:fe:c0:f8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfD2lLmPdpt0N0USgTGglp4JL0KcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQwNDZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMDVlMTlkNzg3ZGEyZjM3MGIyMmU4Yzk5YWMwNmRkNGMwMjdmMDVlNDYx
MGU3NzQ4M2E4NjFmYzJiODdmMzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEMvEQMd+U26LTd+f6LamW3nBL5XiJfgyDrdTiSK4SNN3CmMXxleSmB83sr
iHW9tNQCIq3/7MyZA9LcyoQB3OcPMhy+dDesoThCgiyFV4bFsf5pPdV3e2I4lou7
RJj9ujdlSJhg+VjZ/Y6MKIqX1THIolUyqMtH1nu7uTj3rRHREl7Cs8UGdXGZs00o
ElVP/ivD6N4usOVOgjDAscNF6pq4cN/9Bt1wWBmGYdCTZtP0zrHNdnKdkILKcvo0
wtkK4VUoSXUUq4CW6aadeaoHG8tZ/fp2fSoZPtxq2JmOGZLCdcHAb7x8kW5IoLnG
hbCPdwfAf+iDb0nIxOQtjNqVImUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRKuhEz
Jsm63GJxFXZJ/rYXag7xdzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTQ0Mjg2YWItZjIzOS00MDFmLWE0ZWYtNzA2NzQ5YjBkNTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
wDANBgkqhkiG9w0BAQsFAAOCAQEATdZ2Hue5KDWec3T0sTl91FYFUsknbYmlD26q
+36aX6eOufI1AmK5d/N7RqjY7pN9YGkVqr1oJr5y3gg1Fj0DpNBhj8ZLaacGJp49
SvM+SeTtmPirr8we2ofhHvBAEIUKMs3oEkhFFR3R0TNXDfukeaOrMF2E+rioZWit
lzsnBqkrUxNxMW8BAzEOug6ag6So8I2DxIxsTDp3ZgULxkMjhNsiVgjQtUp2wxca
k6at7ujynUzc+4RXh3PmisgeFhYJJwkozpJ3LvdMPLboayOibrrpHAKLC4tf+1e6
fxd6+CdBE28NC9w6wTGE8V3eeL4+D05zTYV6dXF6M5BCS/7A+A==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:24 2025 by rpki-client