Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
File: 493f1269-3ba4-4dea-829a-985dda6749ee.roa (raw, json)
Hash identifier: 6U6p02R3PoZdCzfWn+zrAETmXvxXSFZ7rm5dtIFmc2o=
Subject key identifier: ED:0A:9B:D4:7C:1A:DE:52:5A:C2:FD:1E:4E:CE:FD:A8:D3:AC:74:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24840B22B0CA0841CEACFBCCF1A38C63EFBC63E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
Signing time: Fri 11 Jul 2025 20:31:44 +0000
ROA not before: Fri 11 Jul 2025 20:31:44 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:84:0b:22:b0:ca:08:41:ce:ac:fb:cc:f1:a3:8c:63:ef:bc:63:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:31:44 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=c4852d6d6ff5f3f756fc33dc61541a377b2733ee6001e4f6590bd5108bee4b51, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7e:d2:57:e7:c4:57:ef:15:96:a4:35:2b:a3:
8d:00:2b:e0:66:b1:f4:ec:8d:0d:bb:a9:99:cd:e4:
df:3d:55:b9:23:0e:85:86:71:a4:46:35:60:0f:ab:
00:63:1f:2c:c6:bb:f7:b3:ec:5a:a2:53:99:96:a2:
bd:9b:b0:56:d1:69:e5:da:6b:8a:f4:b4:f9:28:57:
3f:df:bd:c7:36:f9:4c:d6:ba:28:2e:19:f9:55:6a:
02:98:26:82:87:c1:52:dd:7c:ee:ff:5e:2d:77:8f:
c0:9e:ce:fe:0f:54:22:24:48:11:b7:2e:6b:34:2e:
a0:50:40:28:93:1b:5a:b7:44:94:64:d5:14:3b:83:
78:ac:fa:0a:9b:28:97:c0:ad:95:35:40:a2:c4:bc:
94:3f:01:f0:e3:04:b2:bb:49:34:af:31:2d:5c:de:
af:e6:77:5f:cc:22:90:91:7d:2a:2c:95:75:e2:db:
c4:91:d5:9a:3e:91:e1:e6:09:80:9d:02:92:76:1e:
1d:28:35:e0:8c:c4:0f:a5:d9:5c:b5:6f:64:aa:13:
9c:3a:d7:2e:3d:61:e0:5c:f4:30:39:52:27:82:80:
dd:2f:fd:ad:f0:c9:34:c7:0b:b0:81:b0:49:ec:98:
69:56:40:bb:c8:3b:36:b3:20:af:a0:cf:86:ea:0b:
86:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:0A:9B:D4:7C:1A:DE:52:5A:C2:FD:1E:4E:CE:FD:A8:D3:AC:74:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075::/32
Signature Algorithm: sha256WithRSAEncryption
3a:bb:30:9b:f2:f8:9d:23:19:24:78:8f:54:ff:6e:32:cc:08:
57:a7:60:26:34:64:1e:f7:7b:8b:1f:1d:04:da:44:c5:d1:ba:
21:55:b4:b6:07:11:2a:ce:b1:98:e4:31:71:07:00:71:c8:04:
8e:1d:9c:aa:0d:d3:91:84:79:d3:12:3e:b4:60:6e:b7:74:08:
fb:d7:70:dc:8e:b2:16:cd:69:cf:98:c3:82:f4:07:52:95:c9:
70:89:76:29:0b:6a:8d:9d:49:da:25:d1:ed:7c:eb:df:b9:87:
6b:9a:87:f4:43:42:c3:1b:dc:8b:ec:5a:99:ff:01:c7:53:13:
30:51:e0:5b:a6:26:d8:a9:01:1e:67:92:4d:67:da:25:59:93:
55:82:d2:18:70:d0:33:d6:1f:17:14:bb:50:36:15:db:5a:97:
9c:43:4f:ee:9d:f1:38:02:b6:1b:dd:5a:ac:6b:d1:dc:03:30:
ac:87:b2:9f:e7:13:04:c8:36:03:6a:27:b6:57:9d:76:cf:ca:
a8:44:ae:3a:68:f4:71:f5:9f:22:b1:a9:fd:4a:e8:3e:e8:c8:
22:a6:21:93:34:c3:2e:e1:43:03:21:7e:82:da:8f:16:64:6f:
45:b6:2f:4a:f0:66:00:28:9c:7f:f6:09:fe:b5:7f:1a:e6:ed:
34:42:30:78
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUJIQLIrDKCEHOrPvM8aOMY++8Y+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMxNDRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0ODUyZDZkNmZmNWYzZjc1NmZjMzNkYzYxNTQxYTM3N2IyNzMzZWU2MDAx
ZTRmNjU5MGJkNTEwOGJlZTRiNTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALF+0lfnxFfvFZakNSujjQAr4Gax9OyNDbupmc3k3z1VuSMOhYZxpEY1YA+r
AGMfLMa797PsWqJTmZaivZuwVtFp5dprivS0+ShXP9+9xzb5TNa6KC4Z+VVqApgm
gofBUt187v9eLXePwJ7O/g9UIiRIEbcuazQuoFBAKJMbWrdElGTVFDuDeKz6Cpso
l8CtlTVAosS8lD8B8OMEsrtJNK8xLVzer+Z3X8wikJF9KiyVdeLbxJHVmj6R4eYJ
gJ0CknYeHSg14IzED6XZXLVvZKoTnDrXLj1h4Fz0MDlSJ4KA3S/9rfDJNMcLsIGw
SeyYaVZAu8g7NrMgr6DPhuoLhgcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTtCpvU
fBreUlrC/R5Ozv2o06x0SDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkzZjEyNjktM2JhNC00ZGVhLTgyOWEtOTg1ZGRhNjc0OWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HUw
DQYJKoZIhvcNAQELBQADggEBADq7MJvy+J0jGSR4j1T/bjLMCFenYCY0ZB73e4sf
HQTaRMXRuiFVtLYHESrOsZjkMXEHAHHIBI4dnKoN05GEedMSPrRgbrd0CPvXcNyO
shbNac+Yw4L0B1KVyXCJdikLao2dSdol0e1869+5h2uah/RDQsMb3IvsWpn/AcdT
EzBR4FumJtipAR5nkk1n2iVZk1WC0hhw0DPWHxcUu1A2Fdtal5xDT+6d8TgCthvd
Wqxr0dwDMKyHsp/nEwTINgNqJ7ZXnXbPyqhErjpo9HH1nyKxqf1K6D7oyCKmIZM0
wy7hQwMhfoLajxZkb0W2L0rwZgAonH/2Cf61fxrm7TRCMHg=
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:20:09 2025 by rpki-client