Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
File: 144286ab-f239-401f-a4ef-706749b0d570.roa (raw, json)
Hash identifier: VDSTY6tbo74zv9K7/JArJ840DvpVMuO97FOvvCLhZfo=
Subject key identifier: 5C:45:53:89:FD:25:5E:3C:62:2B:4D:89:06:52:CD:6D:67:58:CC:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32572C711EFCD77EB8263AAA9B1DE7211663962D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
Signing time: Fri 26 Sep 2025 18:40:00 +0000
ROA not before: Fri 26 Sep 2025 18:40:00 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:57:2c:71:1e:fc:d7:7e:b8:26:3a:aa:9b:1d:e7:21:16:63:96:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:40:00 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=997086cafc76919be0c31a475f496778af316d01eb17bdf50d7233c1a2a3602b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:dd:66:20:28:93:5e:c9:ae:ee:35:db:9f:73:
ed:cd:37:75:2d:e4:d9:f3:9a:7b:ba:a8:ca:ea:e9:
93:f5:2e:29:09:5e:fe:dc:db:ad:14:d2:d7:e1:5e:
98:03:4b:e3:c6:bf:54:2d:ee:15:74:fa:39:17:b8:
97:4a:03:29:36:ef:66:78:92:3f:57:bf:d0:c3:20:
30:9b:5a:6b:84:57:3c:99:9c:89:bc:2e:de:65:da:
8c:4b:40:88:2c:b1:ca:38:ea:71:7c:ed:ad:9e:8a:
f1:36:ed:a6:d7:09:5c:5a:bc:57:f2:ef:34:87:2c:
58:57:2c:3a:9d:0e:a2:90:ad:2a:5c:32:4f:eb:71:
80:d9:cc:a9:5c:17:cf:21:99:36:f8:6c:8f:11:0d:
ad:7f:20:3a:f9:88:9d:4b:4f:db:ad:b2:02:36:24:
a0:47:58:cf:ef:5b:26:bf:3d:64:19:3f:3e:37:4c:
17:f7:f8:45:3f:b7:ea:78:88:eb:cd:60:9a:60:aa:
d2:ad:65:f3:7b:6d:83:61:e9:9f:82:3b:87:ea:5e:
7e:23:4e:b4:b1:ee:74:e4:af:30:e9:ce:12:f7:be:
58:cf:9c:f3:b2:b9:69:85:76:f3:4c:73:61:e0:1f:
6d:4c:dc:31:3e:16:cc:2b:cb:86:d5:36:d8:71:f3:
d7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:45:53:89:FD:25:5E:3C:62:2B:4D:89:06:52:CD:6D:67:58:CC:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
ac:6d:ec:29:fe:49:22:54:03:ac:b0:90:d1:63:0b:c9:1a:1d:
07:61:7c:cf:2f:80:3e:fb:14:7f:7c:52:89:fa:71:c6:85:10:
f0:ef:f4:c9:ae:32:d4:01:23:97:a6:2b:d9:4d:b1:d4:1a:96:
63:58:f7:f5:af:38:99:b3:71:c6:3e:c4:af:97:23:66:1f:40:
40:84:f5:9c:23:3e:a9:b2:81:33:81:90:74:37:af:c5:43:22:
a6:a9:9d:40:60:a6:0c:f4:a4:98:9f:bf:e7:1d:ed:fc:e0:4b:
aa:a0:ff:cc:ad:bb:85:bf:8c:a6:55:9a:d1:e5:50:1c:f7:19:
66:22:96:d3:22:da:9c:1d:c1:d6:d8:94:a4:5a:8c:f7:b4:40:
66:65:f3:ad:c7:d5:1c:24:25:d6:ca:4e:0e:f1:89:6d:b7:42:
19:c6:17:25:8b:7b:f4:e2:d8:77:56:e0:7a:c1:64:3c:f6:64:
d0:d3:d5:59:66:22:ba:70:28:65:1b:e5:12:61:51:31:7f:96:
0f:34:6f:4a:43:7a:e0:c8:15:a7:73:40:49:ab:aa:c6:5a:00:
7f:6e:1a:b4:1d:89:1c:7e:02:7b:23:79:a4:09:5f:c9:d1:d2:
a9:27:00:10:99:09:3a:ab:c7:d7:56:d3:e5:4c:d6:23:e0:09:
b5:7d:26:d9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMlcscR781364Jjqqmx3nIRZjli0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQwMDBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NzA4NmNhZmM3NjkxOWJlMGMzMWE0NzVmNDk2Nzc4YWYzMTZkMDFlYjE3
YmRmNTBkNzIzM2MxYTJhMzYwMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKPdZiAok17Jru41259z7c03dS3k2fOae7qoyurpk/UuKQle/tzbrRTS1+Fe
mANL48a/VC3uFXT6ORe4l0oDKTbvZniSP1e/0MMgMJtaa4RXPJmcibwu3mXajEtA
iCyxyjjqcXztrZ6K8TbtptcJXFq8V/LvNIcsWFcsOp0OopCtKlwyT+txgNnMqVwX
zyGZNvhsjxENrX8gOvmInUtP262yAjYkoEdYz+9bJr89ZBk/PjdMF/f4RT+36niI
681gmmCq0q1l83ttg2Hpn4I7h+pefiNOtLHudOSvMOnOEve+WM+c87K5aYV280xz
YeAfbUzcMT4WzCvLhtU22HHz1zUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRcRVOJ
/SVePGIrTYkGUs1tZ1jMjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTQ0Mjg2YWItZjIzOS00MDFmLWE0ZWYtNzA2NzQ5YjBkNTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
wDANBgkqhkiG9w0BAQsFAAOCAQEArG3sKf5JIlQDrLCQ0WMLyRodB2F8zy+APvsU
f3xSifpxxoUQ8O/0ya4y1AEjl6Yr2U2x1BqWY1j39a84mbNxxj7Er5cjZh9AQIT1
nCM+qbKBM4GQdDevxUMipqmdQGCmDPSkmJ+/5x3t/OBLqqD/zK27hb+MplWa0eVQ
HPcZZiKW0yLanB3B1tiUpFqM97RAZmXzrcfVHCQl1spODvGJbbdCGcYXJYt79OLY
d1bgesFkPPZk0NPVWWYiunAoZRvlEmFRMX+WDzRvSkN64MgVp3NASauqxloAf24a
tB2JHH4CeyN5pAlfydHSqScAEJkJOqvH11bT5UzWI+AJtX0m2Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:12 2025 by rpki-client