Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
File: 493f1269-3ba4-4dea-829a-985dda6749ee.roa (raw, json)
Hash identifier: kJddal6NcdNPxcDYzhBv4sLboY0fXbAdRQP9L+a+aSQ=
Subject key identifier: F9:79:84:E6:0F:62:AA:40:B6:58:28:2A:5C:68:0A:27:E7:80:91:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DF265145F1960AE4F3005E00D953565BE763797
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
Signing time: Mon 16 Jun 2025 21:21:15 +0000
ROA not before: Mon 16 Jun 2025 21:21:15 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:f2:65:14:5f:19:60:ae:4f:30:05:e0:0d:95:35:65:be:76:37:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:21:15 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c34efbee3c32912801c391ab5f018bec28618ce2018f4c93fa1c9f3424aa9c96, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:71:c0:18:ba:3d:16:88:d0:6b:9a:1a:22:c9:
9c:dd:cf:18:f1:f4:ee:ad:38:0c:4f:b6:1b:5a:29:
f2:f9:be:f5:fb:65:1e:f7:83:6c:11:4e:39:08:e8:
7d:da:f0:68:1f:53:d7:28:b1:b1:e9:07:1a:29:c3:
3a:81:2b:1d:ee:78:9c:9c:ec:91:e3:77:44:39:65:
d0:dd:a9:8e:65:d8:7b:e6:ba:42:05:7b:36:09:f1:
15:62:b2:4d:02:93:c5:da:14:b2:44:2c:25:5c:98:
0c:39:ad:c0:eb:f9:c5:10:48:b9:03:7c:fe:40:fa:
26:1b:95:e4:47:fd:6c:49:97:47:80:7c:e6:11:a9:
d1:6c:c4:07:77:d5:8f:ff:1f:6d:6c:a2:51:e9:07:
f9:5d:b4:e1:a8:04:af:60:16:c5:c0:c4:ab:1e:70:
f3:9a:ca:c1:fe:3d:9f:e2:03:7a:b0:62:9b:03:8f:
b1:bf:bc:e9:d2:8a:70:33:bf:1a:96:19:f5:e5:13:
aa:d2:dc:94:8a:9e:cc:b7:44:bb:55:de:88:be:10:
94:e9:2f:18:cf:29:72:ec:0a:f1:e0:a2:66:c7:b7:
c9:9c:f7:e5:e9:4c:ca:72:b6:52:0f:dd:83:2f:f4:
43:a9:83:08:7b:a1:40:f0:b6:87:a9:81:a9:20:66:
07:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:79:84:E6:0F:62:AA:40:B6:58:28:2A:5C:68:0A:27:E7:80:91:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075::/32
Signature Algorithm: sha256WithRSAEncryption
64:01:db:21:4c:df:29:ef:06:17:90:d1:1c:2f:d8:56:4e:e9:
98:7e:b3:9c:85:9c:a3:f8:7a:a7:b0:45:ec:13:2f:9e:c4:8d:
c9:21:42:5b:e7:ca:e0:0b:67:1d:58:df:2b:8d:78:ee:6b:3b:
99:84:85:18:ba:7e:c2:c5:01:e5:bb:61:cc:fd:8c:61:b4:27:
cc:5f:64:b9:9f:61:1a:10:19:0c:2b:60:3d:6e:4d:29:27:b5:
69:e2:74:9a:ed:e1:ce:fb:aa:a0:36:2a:2c:48:63:aa:46:bc:
65:e3:53:63:61:85:ed:d1:ce:aa:93:cd:c7:22:0a:49:66:03:
86:6f:73:af:0f:7e:98:dd:8c:11:28:a8:51:22:22:7d:65:33:
d4:3a:1b:4d:92:8d:3c:3b:62:ae:05:e8:2f:73:68:0b:79:65:
ee:f0:ee:1c:c4:10:eb:bc:30:61:ba:43:a7:7b:c4:74:92:a3:
b9:2b:7e:f4:65:4a:6b:40:31:42:9c:e9:c7:de:6b:37:80:11:
03:45:70:33:94:5d:f5:51:31:94:c4:18:26:84:3c:95:12:c6:
09:33:1e:99:ea:cd:21:32:4c:fe:89:28:ca:d9:28:64:79:c7:
01:ed:b2:ac:b1:25:36:48:fc:28:a9:90:89:0a:e9:9d:f6:4b:
24:91:e8:13
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUPfJlFF8ZYK5PMAXgDZU1Zb52N5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIxMTVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzNGVmYmVlM2MzMjkxMjgwMWMzOTFhYjVmMDE4YmVjMjg2MThjZTIwMThm
NGM5M2ZhMWM5ZjM0MjRhYTljOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdxwBi6PRaI0GuaGiLJnN3PGPH07q04DE+2G1op8vm+9ftlHveDbBFOOQjo
fdrwaB9T1yixsekHGinDOoErHe54nJzskeN3RDll0N2pjmXYe+a6QgV7NgnxFWKy
TQKTxdoUskQsJVyYDDmtwOv5xRBIuQN8/kD6JhuV5Ef9bEmXR4B85hGp0WzEB3fV
j/8fbWyiUekH+V204agEr2AWxcDEqx5w85rKwf49n+IDerBimwOPsb+86dKKcDO/
GpYZ9eUTqtLclIqezLdEu1XeiL4QlOkvGM8pcuwK8eCiZse3yZz35elMynK2Ug/d
gy/0Q6mDCHuhQPC2h6mBqSBmBwcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBT5eYTm
D2KqQLZYKCpcaAon54CRIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkzZjEyNjktM2JhNC00ZGVhLTgyOWEtOTg1ZGRhNjc0OWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HUw
DQYJKoZIhvcNAQELBQADggEBAGQB2yFM3ynvBheQ0Rwv2FZO6Zh+s5yFnKP4eqew
RewTL57EjckhQlvnyuALZx1Y3yuNeO5rO5mEhRi6fsLFAeW7Ycz9jGG0J8xfZLmf
YRoQGQwrYD1uTSkntWnidJrt4c77qqA2KixIY6pGvGXjU2Nhhe3RzqqTzcciCklm
A4Zvc68PfpjdjBEoqFEiIn1lM9Q6G02SjTw7Yq4F6C9zaAt5Ze7w7hzEEOu8MGG6
Q6d7xHSSo7krfvRlSmtAMUKc6cfeazeAEQNFcDOUXfVRMZTEGCaEPJUSxgkzHpnq
zSEyTP6JKMrZKGR5xwHtsqyxJTZI/CipkIkK6Z32SySR6BM=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:27 2025 by rpki-client