Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
File: 33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa (raw, json)
Hash identifier: 6y0gGDC5Nr5AY12MHrqtqKucRbXFmvhI2DmJtpPy8sc=
Subject key identifier: C1:33:88:B5:F3:44:D2:94:AF:76:27:86:E7:A1:F2:16:D2:AB:17:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2135C5ED7B5177458C10A7294091946E2AECE26F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
Signing time: Mon 16 Jun 2025 21:10:14 +0000
ROA not before: Mon 16 Jun 2025 21:10:14 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:35:c5:ed:7b:51:77:45:8c:10:a7:29:40:91:94:6e:2a:ec:e2:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:14 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=75120ca0f971c45c241dddf516a8f09496be0f01a8a3273bdfa69f26b1a3c9ba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9c:bf:36:90:a7:6d:7e:bb:e4:1e:8a:c0:20:
81:9a:eb:4e:fb:cc:19:68:b2:3b:72:78:00:ab:f3:
12:55:4d:5e:6f:a6:18:7b:19:d5:e9:61:b3:70:71:
c1:d1:b2:03:a0:02:9d:e2:e9:9a:3d:bb:f3:99:82:
28:e4:1a:9d:fd:bd:ab:2e:2c:19:99:0c:86:17:a9:
9e:8e:5c:ca:8a:44:d0:48:98:82:92:7f:fb:0f:22:
62:e8:f4:0a:68:1a:a1:fe:1d:2f:41:a5:dd:df:19:
65:76:83:73:9d:28:93:24:d5:23:f7:76:11:41:59:
9c:85:f9:86:4f:99:bf:7b:00:33:ee:c4:4f:8e:1a:
dc:e8:c4:f8:ae:83:be:cd:07:e3:cc:d2:d7:4a:8e:
6c:16:e0:f3:35:17:e6:05:ed:50:f3:9b:64:5d:af:
08:26:59:cd:4d:6e:54:67:b3:48:6e:9f:9d:08:8b:
22:c1:e1:b5:1e:00:f5:53:63:c8:21:95:59:ec:43:
d0:16:ad:32:8d:58:7e:35:ff:e2:10:28:0f:91:a6:
df:f2:11:41:ab:f0:0e:ab:b4:70:28:b7:c8:fe:ad:
da:dc:01:3b:bd:39:00:bf:21:0d:c3:ee:a1:9b:ab:
5f:19:a7:28:7f:33:d0:d4:02:4a:56:f8:b1:3c:67:
25:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:33:88:B5:F3:44:D2:94:AF:76:27:86:E7:A1:F2:16:D2:AB:17:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:6000::/40
Signature Algorithm: sha256WithRSAEncryption
6e:8b:b1:73:f0:3a:34:fa:4e:65:fc:06:28:67:93:a1:bd:04:
94:05:e9:ca:7a:05:80:7b:00:0b:c4:a6:c7:2b:4d:db:9b:dc:
50:c3:15:8d:1a:f7:db:82:dc:0d:18:eb:ca:75:f4:d2:19:0e:
07:05:39:7a:3f:a4:6f:8c:28:eb:1b:26:da:0c:80:fb:52:d7:
a3:87:9e:4a:1b:7e:d3:4a:83:55:79:f3:80:5e:93:d8:b9:54:
b8:cf:6d:bc:44:4c:84:9f:42:61:40:04:84:a2:71:b5:b9:dd:
4a:64:65:a1:af:5f:d4:cf:12:61:72:52:75:59:0d:e9:51:e3:
f6:e9:d7:d7:a3:af:8b:4d:36:ba:d9:8d:c5:c4:12:4d:b6:80:
be:ed:d9:ca:39:8a:3e:30:9e:59:e6:fe:d1:27:ca:38:6e:dd:
4c:98:4a:81:0e:05:5d:3d:37:e2:ae:ae:88:6a:e4:be:ef:55:
39:fe:06:07:a6:c9:5c:a2:01:8a:75:5f:6e:e7:8a:82:ef:6c:
84:7c:c1:9c:59:b0:65:16:af:66:ac:bc:2e:be:07:c0:b0:06:
78:26:85:2f:21:37:8b:73:2a:41:7a:4a:e2:9a:af:b8:e6:0f:
d3:1d:12:d0:e5:a0:6c:54:85:25:63:a6:81:69:df:70:a9:b9:
35:73:57:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUITXF7XtRd0WMEKcpQJGUbirs4m8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwMTRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1MTIwY2EwZjk3MWM0NWMyNDFkZGRmNTE2YThmMDk0OTZiZTBmMDFhOGEz
MjczYmRmYTY5ZjI2YjFhM2M5YmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCcvzaQp21+u+QeisAggZrrTvvMGWiyO3J4AKvzElVNXm+mGHsZ1elhs3Bx
wdGyA6ACneLpmj2785mCKOQanf29qy4sGZkMhhepno5cyopE0EiYgpJ/+w8iYuj0
Cmgaof4dL0Gl3d8ZZXaDc50okyTVI/d2EUFZnIX5hk+Zv3sAM+7ET44a3OjE+K6D
vs0H48zS10qObBbg8zUX5gXtUPObZF2vCCZZzU1uVGezSG6fnQiLIsHhtR4A9VNj
yCGVWexD0BatMo1YfjX/4hAoD5Gm3/IRQavwDqu0cCi3yP6t2twBO705AL8hDcPu
oZurXxmnKH8z0NQCSlb4sTxnJZMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTBM4i1
80TSlK92J4bnofIW0qsXbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzNmNDQyZTEtNzY2ZS00NjFkLWEzYjktMmIwZmQwMWIwOGNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hhg
MA0GCSqGSIb3DQEBCwUAA4IBAQBui7Fz8Do0+k5l/AYoZ5OhvQSUBenKegWAewAL
xKbHK03bm9xQwxWNGvfbgtwNGOvKdfTSGQ4HBTl6P6RvjCjrGybaDID7Utejh55K
G37TSoNVefOAXpPYuVS4z228REyEn0JhQASEonG1ud1KZGWhr1/UzxJhclJ1WQ3p
UeP26dfXo6+LTTa62Y3FxBJNtoC+7dnKOYo+MJ5Z5v7RJ8o4bt1MmEqBDgVdPTfi
rq6IauS+71U5/gYHpslcogGKdV9u54qC72yEfMGcWbBlFq9mrLwuvgfAsAZ4JoUv
ITeLcypBekrimq+45g/THRLQ5aBsVIUlY6aBad9wqbk1c1eD
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:27 2025 by rpki-client