Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
File: 144286ab-f239-401f-a4ef-706749b0d570.roa (raw, json)
Hash identifier: h2sazeQFQRo/qAQ4SP3c0NZlVM8wFG6cAx5COwgBwAY=
Subject key identifier: A9:69:DF:4C:AF:48:1A:F0:74:B1:8E:8F:7B:9D:BA:D6:5A:59:CA:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1884409A43CF2DDF62C7EFC2FF54ABAF14202D13
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
Signing time: Fri 11 Jul 2025 18:50:57 +0000
ROA not before: Fri 11 Jul 2025 18:50:57 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:84:40:9a:43:cf:2d:df:62:c7:ef:c2:ff:54:ab:af:14:20:2d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:50:57 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=15993208a78ea053f8fc22b756bb7bd1dacd71c53434dbea0659ef7f4f52db3f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c8:37:ff:78:96:a9:6e:b7:24:51:11:f8:28:
8e:68:22:94:2c:a7:df:db:bd:3e:14:a1:28:28:25:
4e:67:7c:61:89:cd:45:98:7e:0f:52:31:a1:f9:56:
08:cb:32:eb:84:4e:82:41:b3:93:1e:3f:06:ab:d8:
7b:28:ab:3b:d6:c5:6f:6e:0b:90:f3:ba:ea:ff:65:
95:3d:19:a1:25:b1:c2:c8:2a:12:ed:ce:ec:bd:1b:
6c:84:58:7c:4b:26:56:b4:d7:5c:20:44:f2:b4:4c:
90:6d:24:1e:a8:58:50:c9:cc:f1:63:29:6f:69:ec:
bb:78:c4:94:65:b8:3d:0a:17:1e:48:2b:14:ec:ad:
fc:82:02:6b:19:59:b8:9a:8c:3c:9d:f9:58:7d:af:
cb:3d:a7:5e:7f:4d:86:50:40:63:6e:74:be:9f:2d:
6e:92:c2:58:f6:c7:41:b9:80:74:43:d5:55:24:e7:
cf:2b:d8:2a:7a:d2:b6:62:8e:17:96:3e:04:11:2c:
46:69:4d:eb:9b:c2:44:15:db:15:ed:af:ed:2f:82:
66:f6:39:fd:d8:b3:0e:88:97:1a:6c:c2:a9:30:41:
86:3d:47:74:58:25:f0:d8:52:22:e8:7d:a2:70:05:
45:31:e7:a6:e7:b2:42:49:a7:58:d0:13:80:25:42:
9a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:69:DF:4C:AF:48:1A:F0:74:B1:8E:8F:7B:9D:BA:D6:5A:59:CA:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
8b:4e:31:f5:14:06:88:b9:9c:ac:9a:d8:0c:f2:27:25:31:18:
69:6d:d7:1e:02:3f:53:d0:b4:b9:4a:98:7d:4e:4d:c1:42:37:
32:8f:e7:e8:aa:43:e1:c8:e4:56:03:dd:6a:da:a1:49:2a:97:
a8:93:32:06:3d:87:be:d5:38:c0:8d:4c:39:02:b1:46:c4:5e:
ae:27:6e:c2:ad:40:f4:73:d5:b6:c8:9b:fb:6a:0d:41:38:10:
af:4a:26:66:fe:e8:6e:7d:9d:f7:ac:a9:41:ee:1a:05:10:27:
05:a8:1b:c7:2b:df:16:56:84:83:1f:6c:75:47:bb:68:0f:5a:
48:f1:78:fa:02:17:00:3c:31:43:04:f7:4f:dc:df:c4:bb:80:
c2:8f:71:8c:b3:7b:60:66:ee:15:ba:86:bf:55:b2:c4:16:c0:
51:57:be:b6:e1:e6:42:90:bc:99:d5:f5:db:02:7a:60:c8:d8:
f9:3b:54:80:1e:59:07:90:60:7d:40:b4:d3:6c:d4:6e:4f:d5:
e4:f5:69:d1:fc:1b:65:1f:6b:e5:83:8e:16:69:06:a5:3b:43:
ea:bd:84:99:fb:cc:11:fb:26:f2:d9:79:3f:30:33:d3:1a:4e:
fb:71:4b:1d:ca:32:bb:9e:1a:e8:7e:3e:4a:ea:c7:55:d5:c7:
62:58:29:92
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGIRAmkPPLd9ix+/C/1SrrxQgLRMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODUwNTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1OTkzMjA4YTc4ZWEwNTNmOGZjMjJiNzU2YmI3YmQxZGFjZDcxYzUzNDM0
ZGJlYTA2NTllZjdmNGY1MmRiM2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnIN/94lqlutyRREfgojmgilCyn39u9PhShKCglTmd8YYnNRZh+D1IxoflW
CMsy64ROgkGzkx4/BqvYeyirO9bFb24LkPO66v9llT0ZoSWxwsgqEu3O7L0bbIRY
fEsmVrTXXCBE8rRMkG0kHqhYUMnM8WMpb2nsu3jElGW4PQoXHkgrFOyt/IICaxlZ
uJqMPJ35WH2vyz2nXn9NhlBAY250vp8tbpLCWPbHQbmAdEPVVSTnzyvYKnrStmKO
F5Y+BBEsRmlN65vCRBXbFe2v7S+CZvY5/dizDoiXGmzCqTBBhj1HdFgl8NhSIuh9
onAFRTHnpueyQkmnWNATgCVCmsUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSpad9M
r0ga8HSxjo97nbrWWlnKYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTQ0Mjg2YWItZjIzOS00MDFmLWE0ZWYtNzA2NzQ5YjBkNTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
wDANBgkqhkiG9w0BAQsFAAOCAQEAi04x9RQGiLmcrJrYDPInJTEYaW3XHgI/U9C0
uUqYfU5NwUI3Mo/n6KpD4cjkVgPdatqhSSqXqJMyBj2HvtU4wI1MOQKxRsReridu
wq1A9HPVtsib+2oNQTgQr0omZv7obn2d96ypQe4aBRAnBagbxyvfFlaEgx9sdUe7
aA9aSPF4+gIXADwxQwT3T9zfxLuAwo9xjLN7YGbuFbqGv1WyxBbAUVe+tuHmQpC8
mdX12wJ6YMjY+TtUgB5ZB5BgfUC002zUbk/V5PVp0fwbZR9r5YOOFmkGpTtD6r2E
mfvMEfsm8tl5PzAz0xpO+3FLHcoyu54a6H4+SurHVdXHYlgpkg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:36 2025 by rpki-client