Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
File: 492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa (raw, json)
Hash identifier: zYmgZ1nk0bVGjBtLfAHR3WvYEkYRUvvgSWkXUeRTRhg=
Subject key identifier: DF:2E:D1:9B:D9:52:78:08:93:E2:C4:1E:A0:20:AB:F0:9B:A6:DD:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A0DF58CE4DC67D4C8CDDB3DC7A953F4F0018279
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
Signing time: Mon 16 Jun 2025 21:31:42 +0000
ROA not before: Mon 16 Jun 2025 21:31:42 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:0d:f5:8c:e4:dc:67:d4:c8:cd:db:3d:c7:a9:53:f4:f0:01:82:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:42 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=26b3ccca45fb98a8f563bf232bec38028d7823a7a021886dd474101c881e12c7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7f:e1:e2:c9:5f:3f:36:65:87:dd:65:4f:aa:
23:20:e5:30:20:a2:69:74:cf:95:fc:fc:69:b2:72:
21:a6:37:9f:96:c7:f4:24:20:17:47:01:bb:ed:6e:
e7:8b:9d:b4:c7:38:fe:d0:8d:d4:93:ad:25:ad:93:
6a:6a:42:e2:5e:c9:e8:7a:d9:11:64:c2:f9:c0:54:
35:28:79:0f:44:7f:28:8e:fd:cf:d2:53:95:37:cd:
b6:ef:3f:4d:55:24:bf:d9:99:dc:3f:13:e1:76:76:
21:34:de:f3:f3:a4:80:44:48:a6:81:c2:44:36:17:
59:d3:a4:19:c8:ec:79:81:b2:cc:cf:88:45:4a:05:
77:72:55:3e:fe:f5:df:ff:7b:43:ac:d0:42:49:7d:
33:93:2a:4e:0a:92:15:39:cb:22:21:0e:d3:e4:96:
8a:c6:b0:88:be:40:26:39:36:fe:8c:b2:cc:d1:a6:
85:4c:b0:40:0e:e3:d9:fc:b9:e7:8d:aa:73:91:20:
2e:5c:51:77:52:7c:1c:2d:bc:d8:6e:c9:6c:b9:c4:
20:81:8a:1b:d1:34:b9:c9:34:7f:b5:bc:7a:da:8b:
e2:c1:b1:c3:fd:f4:bc:50:71:e9:94:56:ea:40:26:
49:c5:51:89:4e:d8:af:6a:89:e6:47:28:3d:b3:ce:
77:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2E:D1:9B:D9:52:78:08:93:E2:C4:1E:A0:20:AB:F0:9B:A6:DD:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:4000::/40
Signature Algorithm: sha256WithRSAEncryption
1f:9f:b0:b3:93:93:6b:8c:ae:9d:c8:6a:3c:dc:0d:81:27:19:
be:84:56:72:d0:65:75:8e:55:55:50:ae:ec:c6:0e:23:1b:8c:
4e:72:bb:b8:08:a9:de:b3:a9:43:8f:35:82:2c:9a:1f:c3:1c:
3f:78:fc:b5:c6:97:24:a4:ab:00:d5:da:ea:02:c3:ac:6d:50:
d4:0f:ac:a1:8c:f9:76:ac:e0:56:0b:98:4d:a1:74:6a:de:10:
c4:89:4d:47:fe:1a:83:41:2e:d7:2e:b9:3c:c3:c8:94:64:bd:
bf:c1:c2:bc:11:5a:76:b6:36:45:b0:9c:58:46:17:80:b4:09:
ba:db:35:7c:fb:ee:c8:af:d2:02:f9:cf:fa:58:f2:d2:9c:f1:
72:6f:53:97:18:f4:21:bc:30:71:74:0d:68:d7:aa:30:fb:18:
3b:fa:57:15:7f:8a:14:36:f2:ec:b7:7f:0b:e5:5c:72:7f:6b:
cc:e2:39:fc:35:b2:18:9e:17:12:51:58:89:62:83:61:bf:b8:
4b:9a:38:c4:c9:70:85:61:cc:9c:dd:b6:27:0a:ff:0f:5d:2e:
42:e9:94:d2:71:ac:a9:44:39:46:2a:64:dc:c5:f9:45:87:19:
33:84:09:d9:e2:e3:bf:c1:7b:66:ea:2c:0c:4a:d2:3f:ff:f5:
c2:ca:58:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGg31jOTcZ9TIzds9x6lT9PABgnkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxNDJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2YjNjY2NhNDVmYjk4YThmNTYzYmYyMzJiZWMzODAyOGQ3ODIzYTdhMDIx
ODg2ZGQ0NzQxMDFjODgxZTEyYzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALR/4eLJXz82ZYfdZU+qIyDlMCCiaXTPlfz8abJyIaY3n5bH9CQgF0cBu+1u
54udtMc4/tCN1JOtJa2TampC4l7J6HrZEWTC+cBUNSh5D0R/KI79z9JTlTfNtu8/
TVUkv9mZ3D8T4XZ2ITTe8/OkgERIpoHCRDYXWdOkGcjseYGyzM+IRUoFd3JVPv71
3/97Q6zQQkl9M5MqTgqSFTnLIiEO0+SWisawiL5AJjk2/oyyzNGmhUywQA7j2fy5
542qc5EgLlxRd1J8HC282G7JbLnEIIGKG9E0uck0f7W8etqL4sGxw/30vFBx6ZRW
6kAmScVRiU7Yr2qJ5kcoPbPOd0cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfLtGb
2VJ4CJPixB6gIKvwm6bdeDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkyZWQ4Y2EtZWZhNC00MDQxLWFjOGQtYjBhNzhlZjA1MzA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1A
MA0GCSqGSIb3DQEBCwUAA4IBAQAfn7Czk5NrjK6dyGo83A2BJxm+hFZy0GV1jlVV
UK7sxg4jG4xOcru4CKnes6lDjzWCLJofwxw/ePy1xpckpKsA1drqAsOsbVDUD6yh
jPl2rOBWC5hNoXRq3hDEiU1H/hqDQS7XLrk8w8iUZL2/wcK8EVp2tjZFsJxYRheA
tAm62zV8++7Ir9IC+c/6WPLSnPFyb1OXGPQhvDBxdA1o16ow+xg7+lcVf4oUNvLs
t38L5Vxyf2vM4jn8NbIYnhcSUViJYoNhv7hLmjjEyXCFYcyc3bYnCv8PXS5C6ZTS
caypRDlGKmTcxflFhxkzhAnZ4uO/wXtm6iwMStI///XCyliB
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:03:05 2025 by rpki-client