Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
File: 144286ab-f239-401f-a4ef-706749b0d570.roa (raw, json)
Hash identifier: kO/PZreL4U2HVlNZHkh0DG+p1IZsU0vmGsww+n5pIHw=
Subject key identifier: 5C:BA:D6:3E:B4:F5:95:F6:E5:ED:D4:35:CD:FC:69:15:EF:F5:94:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65EB4010CA9F2CC5488B193D8A384BE4306F1788
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
Signing time: Tue 21 Oct 2025 13:31:03 +0000
ROA not before: Tue 21 Oct 2025 13:31:03 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:eb:40:10:ca:9f:2c:c5:48:8b:19:3d:8a:38:4b:e4:30:6f:17:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:31:03 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=a1d9e4261ddf716f44a5b64dc0f02520d6d64c6ec6ea9691d735ea1f8de1ba83, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a0:fb:b2:4d:73:04:81:4a:4e:c5:67:90:da:
73:e8:5e:0a:cc:26:f5:74:2a:82:80:3e:ed:19:fd:
35:82:c7:5d:b7:00:7a:83:94:36:f7:72:72:7a:50:
b7:ae:4f:dd:cd:9d:19:f4:d3:ca:d8:e5:d7:38:13:
e5:83:2a:a9:1f:b2:dd:5e:7e:0b:4d:63:85:16:99:
17:5a:38:9d:b2:0b:48:91:a3:14:56:dc:05:f7:91:
9a:6a:67:bb:be:0f:1e:92:3e:8e:73:88:e0:c7:15:
7d:ad:d7:ca:6a:1f:82:9a:b6:93:0c:fe:01:1f:1d:
d1:69:37:13:c2:56:10:b1:55:6d:bf:60:7e:c7:53:
c1:a6:6a:31:97:0e:59:4f:db:f0:1f:74:be:0a:15:
bb:95:d4:ad:7d:cf:c1:df:c5:4e:a4:69:7b:2d:e5:
20:24:fa:b3:b0:b1:86:a9:74:34:d8:94:eb:6a:25:
75:e4:5f:e6:71:7b:59:f5:1e:1b:5c:6a:95:24:7e:
0d:7b:70:bf:21:ca:a9:79:8a:de:e6:a9:b7:31:88:
ce:ef:48:28:bd:cc:c3:18:f6:30:ff:f8:98:65:0d:
d7:cb:e1:0f:d9:66:66:8b:3f:1f:29:63:f8:4b:2c:
d2:27:11:00:38:f5:48:d8:4f:fc:c5:0e:48:79:10:
5c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:BA:D6:3E:B4:F5:95:F6:E5:ED:D4:35:CD:FC:69:15:EF:F5:94:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
87:8c:4b:16:a4:5b:38:05:18:43:66:e1:68:5c:b0:4b:46:bf:
8a:5a:f9:97:24:82:1d:53:a4:48:60:29:ab:da:a2:75:4e:45:
f7:b5:35:21:f2:78:70:17:01:4b:32:cf:23:8c:00:fe:a2:10:
85:d5:9e:7e:f8:7a:b0:fa:72:62:a3:18:6f:1e:e9:10:2c:7e:
a6:18:af:c9:ee:fb:e7:6c:ba:fc:d9:b1:84:b6:ba:97:18:39:
e9:fc:3c:9f:19:67:24:64:c6:15:26:cc:0e:61:6c:41:f9:d7:
25:48:e0:d0:1e:82:34:ca:1d:f6:75:eb:7b:90:bc:4f:d6:5c:
89:a1:c3:d6:bb:db:c2:47:98:57:c3:8f:47:7a:1b:03:9d:90:
19:18:92:11:73:82:d1:1f:44:e6:7d:24:fc:4b:94:f4:c0:fd:
8d:08:0f:61:de:16:1c:d4:05:ad:10:49:17:ad:cf:4c:0b:63:
18:ab:df:de:aa:b2:f5:4a:cb:2f:f9:dc:7a:9a:47:81:ff:17:
35:84:c5:78:5a:a2:f5:be:d3:61:d0:ae:af:23:63:e5:08:3f:
6f:6b:da:4d:d8:8c:29:42:fe:5e:f5:ef:df:30:56:44:5b:c7:
fe:15:00:2e:1f:dd:6e:c4:de:37:ea:83:96:b3:da:43:0e:11:
bd:0b:20:04
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZetAEMqfLMVIixk9ijhL5DBvF4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMxMDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGExZDllNDI2MWRkZjcxNmY0NGE1YjY0ZGMwZjAyNTIwZDZkNjRjNmVjNmVh
OTY5MWQ3MzVlYTFmOGRlMWJhODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKig+7JNcwSBSk7FZ5Dac+heCswm9XQqgoA+7Rn9NYLHXbcAeoOUNvdycnpQ
t65P3c2dGfTTytjl1zgT5YMqqR+y3V5+C01jhRaZF1o4nbILSJGjFFbcBfeRmmpn
u74PHpI+jnOI4McVfa3Xymofgpq2kwz+AR8d0Wk3E8JWELFVbb9gfsdTwaZqMZcO
WU/b8B90vgoVu5XUrX3Pwd/FTqRpey3lICT6s7Cxhql0NNiU62oldeRf5nF7WfUe
G1xqlSR+DXtwvyHKqXmK3uaptzGIzu9IKL3Mwxj2MP/4mGUN18vhD9lmZos/Hylj
+Ess0icRADj1SNhP/MUOSHkQXI0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRcutY+
tPWV9uXt1DXN/GkV7/WU9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTQ0Mjg2YWItZjIzOS00MDFmLWE0ZWYtNzA2NzQ5YjBkNTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
wDANBgkqhkiG9w0BAQsFAAOCAQEAh4xLFqRbOAUYQ2bhaFywS0a/ilr5lySCHVOk
SGApq9qidU5F97U1IfJ4cBcBSzLPI4wA/qIQhdWefvh6sPpyYqMYbx7pECx+phiv
ye7752y6/NmxhLa6lxg56fw8nxlnJGTGFSbMDmFsQfnXJUjg0B6CNMod9nXre5C8
T9ZciaHD1rvbwkeYV8OPR3obA52QGRiSEXOC0R9E5n0k/EuU9MD9jQgPYd4WHNQF
rRBJF63PTAtjGKvf3qqy9UrLL/nceppHgf8XNYTFeFqi9b7TYdCuryNj5Qg/b2va
TdiMKUL+XvXv3zBWRFvH/hUALh/dbsTeN+qDlrPaQw4RvQsgBA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:24 2025 by rpki-client