Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
File: 144286ab-f239-401f-a4ef-706749b0d570.roa (raw, json)
Hash identifier: fDUO43Icfz5owaxVUXi2DDL5YmRWJxwxmQQ88rqDQRo=
Subject key identifier: 84:AF:C8:B9:AC:C2:82:DD:C5:BA:7F:A2:3F:E1:2B:A4:4A:AF:41:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E5A63A94CE8F853126F12C2C3ADF10F4AD94E01
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
Signing time: Mon 01 Sep 2025 19:41:18 +0000
ROA not before: Mon 01 Sep 2025 19:41:18 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:5a:63:a9:4c:e8:f8:53:12:6f:12:c2:c3:ad:f1:0f:4a:d9:4e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:41:18 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=b6359b976d3a35cd9b84ab7bfb75d0bca2c65697c2d81c9b991bd987f7626b88, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c9:15:12:1b:6b:eb:7e:23:06:30:71:9b:a5:
3f:37:36:86:2e:01:cd:75:a1:18:3e:a4:20:b7:42:
32:dc:ef:c5:b0:90:46:76:60:33:7d:e9:99:c1:30:
f5:62:37:79:f1:f3:3a:24:13:7b:f3:2f:e8:a8:2e:
13:fe:cf:57:d4:7b:86:50:30:f5:d0:db:99:83:85:
f9:64:38:04:be:fe:fe:59:7e:ec:ba:c6:da:f2:a4:
64:2f:0d:7f:52:25:5b:b7:0b:9e:01:c7:71:4a:a4:
74:38:74:4e:07:4e:d8:26:58:2a:d9:6c:20:17:bd:
3b:bd:2f:ee:76:94:3c:4a:aa:3e:af:9a:2a:16:43:
08:f8:c9:b1:6e:7a:b3:9b:6a:9b:ad:19:bd:c8:1d:
0d:83:40:d6:9b:91:be:cf:66:44:4b:61:d5:1c:73:
df:e6:c1:8e:66:1c:21:4f:1a:4e:45:62:e8:cd:26:
f3:4e:31:b0:c1:e0:3b:dc:35:a6:88:be:16:59:69:
5d:79:42:20:11:a5:18:e2:13:fa:f8:b0:cf:1b:be:
13:23:08:ed:f2:ec:c2:72:95:25:d8:d4:6e:11:7f:
15:b8:bd:1a:c8:f6:9e:46:c7:28:2b:37:ed:2c:7d:
28:27:02:00:0d:f4:75:8a:84:6a:f9:cd:15:68:03:
6d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:AF:C8:B9:AC:C2:82:DD:C5:BA:7F:A2:3F:E1:2B:A4:4A:AF:41:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
a9:28:46:2b:6e:e1:32:f9:8f:ef:45:bf:92:69:a4:33:e9:8e:
bb:f1:d4:b1:88:a9:21:6e:e0:1d:a8:a7:33:e1:c9:0c:01:6c:
1a:be:fa:8b:34:9b:60:28:de:2e:6d:67:56:e2:de:5a:06:08:
9a:20:75:4b:46:e0:b9:47:c9:ad:10:1d:b1:8f:d3:45:30:d4:
87:a6:8f:82:0f:ea:4f:bb:0e:fc:4e:54:7e:b7:3f:ca:72:bc:
28:c9:ca:03:cb:dc:b9:b7:f1:d0:97:42:6e:1b:db:22:34:fe:
fd:93:26:ae:59:d4:74:8e:16:9c:b0:82:5b:47:01:24:36:f5:
86:0e:22:53:4c:e6:59:db:45:00:50:a6:1c:e4:d7:59:bc:71:
73:00:0c:e9:ed:2e:dd:a4:8c:92:47:63:d3:d5:ac:3f:dd:6c:
cb:40:b2:1e:85:af:d3:09:dd:ca:27:fe:76:58:d5:04:c1:f8:
03:15:45:1f:64:47:e2:1c:19:4f:08:07:67:0d:a0:4a:ec:89:
ed:3c:d5:ab:4f:ab:86:50:65:87:26:b8:ca:65:de:39:d0:a3:
66:1f:da:80:9d:27:f4:89:36:50:56:e6:9e:13:70:25:7a:d6:
2c:b7:43:eb:68:73:cb:f7:68:a8:2e:a7:04:51:48:17:8b:38:
a3:0e:d2:49
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUblpjqUzo+FMSbxLCw63xD0rZTgEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTQxMThaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2MzU5Yjk3NmQzYTM1Y2Q5Yjg0YWI3YmZiNzVkMGJjYTJjNjU2OTdjMmQ4
MWM5Yjk5MWJkOTg3Zjc2MjZiODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLJFRIba+t+IwYwcZulPzc2hi4BzXWhGD6kILdCMtzvxbCQRnZgM33pmcEw
9WI3efHzOiQTe/Mv6KguE/7PV9R7hlAw9dDbmYOF+WQ4BL7+/ll+7LrG2vKkZC8N
f1IlW7cLngHHcUqkdDh0TgdO2CZYKtlsIBe9O70v7naUPEqqPq+aKhZDCPjJsW56
s5tqm60ZvcgdDYNA1puRvs9mREth1Rxz3+bBjmYcIU8aTkVi6M0m804xsMHgO9w1
poi+FllpXXlCIBGlGOIT+viwzxu+EyMI7fLswnKVJdjUbhF/Fbi9Gsj2nkbHKCs3
7Sx9KCcCAA30dYqEavnNFWgDbZMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSEr8i5
rMKC3cW6f6I/4SukSq9BAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTQ0Mjg2YWItZjIzOS00MDFmLWE0ZWYtNzA2NzQ5YjBkNTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
wDANBgkqhkiG9w0BAQsFAAOCAQEAqShGK27hMvmP70W/kmmkM+mOu/HUsYipIW7g
HainM+HJDAFsGr76izSbYCjeLm1nVuLeWgYImiB1S0bguUfJrRAdsY/TRTDUh6aP
gg/qT7sO/E5Ufrc/ynK8KMnKA8vcubfx0JdCbhvbIjT+/ZMmrlnUdI4WnLCCW0cB
JDb1hg4iU0zmWdtFAFCmHOTXWbxxcwAM6e0u3aSMkkdj09WsP91sy0CyHoWv0wnd
yif+dljVBMH4AxVFH2RH4hwZTwgHZw2gSuyJ7TzVq0+rhlBlhya4ymXeOdCjZh/a
gJ0n9Ik2UFbmnhNwJXrWLLdD62hzy/doqC6nBFFIF4s4ow7SSQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:25 2025 by rpki-client