Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
File: 493f1269-3ba4-4dea-829a-985dda6749ee.roa (raw, json)
Hash identifier: DD5J9jDwu5OGcH8GPoug8A7NyHwb1/gbQpTC77Gjovc=
Subject key identifier: 23:DB:00:19:4F:C8:E8:E3:01:80:76:0E:6B:7B:F2:1B:1B:AB:7F:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 219398BE1099757E615CA0866B04561568AD56E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
Signing time: Tue 05 Aug 2025 19:51:36 +0000
ROA not before: Tue 05 Aug 2025 19:51:36 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:93:98:be:10:99:75:7e:61:5c:a0:86:6b:04:56:15:68:ad:56:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:36 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=af0428021cc1253a9b55b5287e2b982f645a2ac6feb39c83b260c7a3cd9984bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9a:91:0b:0d:50:95:82:8f:ee:fd:d4:5a:d0:
1c:08:fe:73:8c:c5:33:82:51:7b:0a:2d:fb:03:71:
55:2a:18:31:1c:ce:3b:ed:be:de:c5:05:9c:bb:71:
b4:4d:15:ac:75:91:64:c5:c6:d3:95:83:4c:07:5a:
0e:15:5f:52:33:b6:77:d9:52:6b:b7:ee:f2:3e:69:
70:8e:61:af:75:77:0f:f3:1b:f1:5d:3e:42:d5:d0:
c0:fa:14:bf:50:3a:61:40:ce:77:7a:b9:a0:cf:ec:
e5:34:d6:d1:61:4d:fd:83:a5:07:fd:03:94:c2:05:
f4:7b:13:42:0c:18:8f:42:ae:81:6c:82:e5:02:ba:
e3:7c:10:1e:aa:ab:8a:38:22:87:11:01:cb:15:91:
bc:7d:7a:58:f0:2f:3a:c4:b9:d0:6a:4b:7f:01:f9:
d5:1c:13:91:e4:8d:7d:15:21:27:4e:90:be:ac:58:
1f:cf:ce:69:28:5c:c7:99:23:f8:ce:3c:55:81:fd:
46:f6:b7:57:73:1a:2d:c6:42:e0:40:5a:dd:4d:6a:
bb:0f:d9:f2:bc:d7:17:9b:b6:98:ba:2e:77:17:9d:
e0:07:4e:7a:a7:08:e9:33:29:cc:9c:fb:da:88:09:
84:53:ca:85:e8:5c:f7:a0:03:cb:20:af:06:86:66:
2f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:DB:00:19:4F:C8:E8:E3:01:80:76:0E:6B:7B:F2:1B:1B:AB:7F:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075::/32
Signature Algorithm: sha256WithRSAEncryption
74:bf:7f:30:a7:49:b4:f5:3d:ff:b1:49:98:df:94:85:9e:28:
ae:a0:8c:b2:ee:c0:d4:6b:95:b1:cb:c1:d5:2d:a9:bc:7d:c9:
89:c3:60:c9:3a:a0:8e:eb:a9:07:ea:14:00:08:bb:20:2c:69:
a6:35:7f:4c:cc:47:f2:c9:03:0d:6f:ce:75:27:36:42:26:a5:
ad:54:b5:fc:ac:2b:ba:6a:3f:2c:96:c6:c3:c4:4d:1c:5d:36:
93:4d:c4:1e:7d:16:f5:d3:e0:5e:80:ca:48:ed:90:d5:0f:f3:
de:51:3a:87:31:42:5e:80:9c:4d:c8:fc:f6:67:1f:82:4d:13:
ee:c4:b5:94:39:7d:ca:c6:86:1b:6c:cc:f7:5b:96:0a:61:2c:
1b:b3:6f:2b:10:4b:ad:f4:1d:2f:a9:3a:16:43:bd:30:e6:31:
62:5e:0f:ea:6a:75:20:9a:c3:e5:07:10:d1:2f:f5:c1:55:19:
e3:f3:e9:28:91:b2:04:4a:dc:9c:06:f9:c0:1a:17:cf:69:09:
20:1b:f8:aa:5b:ac:88:0b:3f:1a:8c:36:46:6b:f9:72:a3:0a:
ae:1a:22:0f:94:3b:f5:d7:d1:18:cd:1a:1f:cf:67:80:52:98:
ff:9e:93:e8:a8:ea:61:ef:e6:02:01:2c:0c:b1:93:d2:b8:49:
18:41:5a:f7
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUIZOYvhCZdX5hXKCGawRWFWitVugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMzZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmMDQyODAyMWNjMTI1M2E5YjU1YjUyODdlMmI5ODJmNjQ1YTJhYzZmZWIz
OWM4M2IyNjBjN2EzY2Q5OTg0YmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiakQsNUJWCj+791FrQHAj+c4zFM4JRewot+wNxVSoYMRzOO+2+3sUFnLtx
tE0VrHWRZMXG05WDTAdaDhVfUjO2d9lSa7fu8j5pcI5hr3V3D/Mb8V0+QtXQwPoU
v1A6YUDOd3q5oM/s5TTW0WFN/YOlB/0DlMIF9HsTQgwYj0KugWyC5QK643wQHqqr
ijgihxEByxWRvH16WPAvOsS50GpLfwH51RwTkeSNfRUhJ06QvqxYH8/OaShcx5kj
+M48VYH9Rva3V3MaLcZC4EBa3U1quw/Z8rzXF5u2mLoudxed4AdOeqcI6TMpzJz7
2ogJhFPKhehc96ADyyCvBoZmLxkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQj2wAZ
T8jo4wGAdg5re/IbG6t/+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkzZjEyNjktM2JhNC00ZGVhLTgyOWEtOTg1ZGRhNjc0OWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HUw
DQYJKoZIhvcNAQELBQADggEBAHS/fzCnSbT1Pf+xSZjflIWeKK6gjLLuwNRrlbHL
wdUtqbx9yYnDYMk6oI7rqQfqFAAIuyAsaaY1f0zMR/LJAw1vznUnNkImpa1Utfys
K7pqPyyWxsPETRxdNpNNxB59FvXT4F6AykjtkNUP895ROocxQl6AnE3I/PZnH4JN
E+7EtZQ5fcrGhhtszPdblgphLBuzbysQS630HS+pOhZDvTDmMWJeD+pqdSCaw+UH
ENEv9cFVGePz6SiRsgRK3JwG+cAaF89pCSAb+KpbrIgLPxqMNkZr+XKjCq4aIg+U
O/XX0RjNGh/PZ4BSmP+ek+io6mHv5gIBLAyxk9K4SRhBWvc=
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:58 2025 by rpki-client