Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
File: 288fb7c1-6c49-475a-9dd0-2637b4e09492.roa (raw, json)
Hash identifier: TAAhZz7nd2mLUUraydfDXot1DsxLM1SM/l1xsVAhsRY=
Subject key identifier: 08:85:57:43:8D:18:FF:AE:61:6D:5F:4D:57:71:C0:A8:85:39:2E:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4246DF8490F4C33F72A7FE8D04A6080342C4AE42
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
Signing time: Fri 26 Sep 2025 20:01:38 +0000
ROA not before: Fri 26 Sep 2025 20:01:38 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:46:df:84:90:f4:c3:3f:72:a7:fe:8d:04:a6:08:03:42:c4:ae:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:01:38 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=44520a80a19e487511ead424d384e0f4dd4ac25fbc7537e74f26666f7066182b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c4:fc:a9:04:97:b6:32:aa:b7:ae:f7:c0:8a:
e7:70:77:89:0a:1b:cc:1b:17:4f:e1:c6:38:da:91:
75:89:2b:16:70:9a:e1:e3:45:17:85:59:6c:55:0e:
d4:b4:ad:98:b6:9a:9e:94:5d:58:66:64:65:b1:2d:
12:dd:a3:8b:6b:84:73:3e:3c:26:37:26:b3:6b:05:
d1:21:1c:df:23:78:c4:21:54:71:0c:18:ce:b8:7a:
8c:b4:c5:64:78:95:10:5f:c0:e1:a7:69:a7:a2:0c:
b2:e0:32:83:02:cb:32:5b:c0:91:39:f5:85:bb:f5:
e9:0e:b9:87:2f:7d:03:5c:de:50:c1:cc:08:cc:1f:
15:47:56:e7:b6:39:07:00:91:c5:e3:e5:67:1b:64:
14:37:66:f8:6f:3f:f9:2d:92:28:c2:2d:46:15:9a:
e2:1e:2e:aa:0c:78:9f:c6:cc:2a:10:4b:39:8d:f2:
7d:a2:14:9f:8e:ea:8c:c7:01:73:8b:06:92:41:8f:
1c:f7:cc:22:b5:6d:52:96:b1:58:20:4a:0d:79:56:
96:d2:1a:7d:13:dc:0f:23:1e:f3:92:af:c7:e8:b9:
76:b3:d0:16:c0:b1:27:9e:ea:bf:b8:50:05:44:19:
66:c2:79:7b:4f:2b:d2:e7:6f:59:21:f2:61:46:ca:
70:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:85:57:43:8D:18:FF:AE:61:6D:5F:4D:57:71:C0:A8:85:39:2E:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:400::/38
Signature Algorithm: sha256WithRSAEncryption
c9:8e:57:d2:92:b6:85:b8:07:9c:18:3c:f4:67:c5:55:31:21:
c8:3b:54:81:ac:49:6a:94:ec:b6:80:49:58:bb:9d:90:51:37:
42:7e:34:0d:89:8c:33:a5:d7:fd:a8:60:dd:d0:00:a6:78:0e:
b3:2d:99:ce:7d:39:e4:ef:be:71:2b:a8:0e:53:4f:38:ef:c8:
e3:76:55:3f:7a:8d:6b:2c:7e:2f:41:8f:e1:04:71:e0:16:07:
3c:11:39:3b:58:37:7d:02:3f:7d:a6:40:6a:54:7d:b4:58:a0:
24:db:1a:5b:fe:be:8c:86:a2:73:d1:54:5d:bd:32:23:e0:cc:
d7:75:a9:30:ff:c0:2d:1c:c0:02:29:9d:88:45:2c:3b:e3:72:
ed:df:04:ec:4a:be:7f:62:1b:5b:28:21:cd:31:0c:72:ce:15:
5c:c5:fb:0e:57:b5:a5:20:ec:c3:bc:67:68:1d:e2:65:6d:72:
e7:6f:6f:11:01:5d:67:22:3b:10:00:52:0c:6a:32:1d:0f:2e:
4b:70:84:91:e4:11:09:b3:7c:7c:d2:39:d0:6f:d4:c6:05:00:
ed:17:97:ba:ad:ee:e7:14:df:5c:d4:9a:47:da:9b:9b:60:08:
cb:b6:85:0a:ad:6f:3b:78:83:37:67:16:f2:cb:75:94:c9:79:
ae:2d:4c:2b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQkbfhJD0wz9yp/6NBKYIA0LErkIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAxMzhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0NTIwYTgwYTE5ZTQ4NzUxMWVhZDQyNGQzODRlMGY0ZGQ0YWMyNWZiYzc1
MzdlNzRmMjY2NjZmNzA2NjE4MmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7E/KkEl7Yyqreu98CK53B3iQobzBsXT+HGONqRdYkrFnCa4eNFF4VZbFUO
1LStmLaanpRdWGZkZbEtEt2ji2uEcz48Jjcms2sF0SEc3yN4xCFUcQwYzrh6jLTF
ZHiVEF/A4adpp6IMsuAygwLLMlvAkTn1hbv16Q65hy99A1zeUMHMCMwfFUdW57Y5
BwCRxePlZxtkFDdm+G8/+S2SKMItRhWa4h4uqgx4n8bMKhBLOY3yfaIUn47qjMcB
c4sGkkGPHPfMIrVtUpaxWCBKDXlWltIafRPcDyMe85Kvx+i5drPQFsCxJ57qv7hQ
BUQZZsJ5e08r0udvWSHyYUbKcBMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQIhVdD
jRj/rmFtX01XccCohTkudjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjg4ZmI3YzEtNmM0OS00NzVhLTlkZDAtMjYzN2I0ZTA5NDkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4E
MA0GCSqGSIb3DQEBCwUAA4IBAQDJjlfSkraFuAecGDz0Z8VVMSHIO1SBrElqlOy2
gElYu52QUTdCfjQNiYwzpdf9qGDd0ACmeA6zLZnOfTnk775xK6gOU08478jjdlU/
eo1rLH4vQY/hBHHgFgc8ETk7WDd9Aj99pkBqVH20WKAk2xpb/r6MhqJz0VRdvTIj
4MzXdakw/8AtHMACKZ2IRSw743Lt3wTsSr5/YhtbKCHNMQxyzhVcxfsOV7WlIOzD
vGdoHeJlbXLnb28RAV1nIjsQAFIMajIdDy5LcISR5BEJs3x80jnQb9TGBQDtF5e6
re7nFN9c1JpH2pubYAjLtoUKrW87eIM3Zxbyy3WUyXmuLUwr
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:01 2025 by rpki-client