Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
File: 533769c8-002c-491c-9b99-324fe9f5743c.roa (raw, json)
Hash identifier: b0EMuBSdRLuYvbNlwywwP0xpSX2vbCZPwXxQAUELW7g=
Subject key identifier: 8E:93:3C:AF:5C:AD:17:6A:6F:E0:A0:B4:E7:3E:47:53:20:FC:C7:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0164993313DEE9C40EF9A99BF0051B64E5348E2B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
Signing time: Mon 16 Jun 2025 21:50:06 +0000
ROA not before: Mon 16 Jun 2025 21:50:06 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d022::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:64:99:33:13:de:e9:c4:0e:f9:a9:9b:f0:05:1b:64:e5:34:8e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:50:06 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=db8eab82fd1db50c67ca1409e485405d139b478477922b77d083d7f411b8d8aa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8d:b6:79:ee:72:c0:ae:e3:c8:c3:fe:81:6e:
25:02:d8:0a:22:79:f6:bc:69:83:5f:6e:0f:7e:f8:
78:8a:f0:ad:c8:89:56:bd:fb:ce:b9:27:2b:df:6d:
4e:4a:8e:7a:c7:44:ab:a7:df:48:5b:02:24:df:3e:
eb:d4:fb:69:8d:a7:66:51:40:83:05:fd:87:01:9f:
6f:df:12:b0:f6:a9:e4:cd:1f:d9:13:ff:3f:fc:4b:
3f:1e:8d:7c:f9:01:40:ca:54:52:92:87:bd:f1:60:
96:9c:12:75:1f:e3:30:d6:c5:05:61:00:2e:d8:01:
72:45:c4:6c:53:d0:81:f0:af:f1:5d:7e:06:66:8e:
6e:f4:26:f6:3b:b6:5f:e0:29:f6:4b:94:38:ed:ad:
d7:24:3c:29:85:f3:0a:87:84:fa:d3:55:1d:b9:a0:
e4:81:be:9a:d8:d2:4a:e1:5c:6d:cc:80:ae:e7:39:
7c:6d:49:41:e2:17:3b:af:19:a1:fd:37:3b:ba:74:
ad:d3:49:9d:da:f6:29:31:f6:5c:0f:15:e4:e5:ae:
84:53:72:18:64:e1:46:47:32:ba:10:6d:3e:ec:40:
03:02:c6:f4:89:9c:36:f0:05:02:39:12:ae:23:83:
f4:73:ce:1f:e9:7c:7f:83:0d:29:dc:ba:60:0c:c4:
8a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:93:3C:AF:5C:AD:17:6A:6F:E0:A0:B4:E7:3E:47:53:20:FC:C7:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d022::/36
Signature Algorithm: sha256WithRSAEncryption
3a:5a:6e:c9:f3:b5:22:c0:01:d7:d3:3c:1a:4f:b9:d3:d1:20:
d7:26:96:54:ad:17:a0:42:20:35:2c:8f:65:34:a7:70:c3:54:
63:11:cc:e1:d4:76:e4:69:f7:f7:c2:8f:30:27:23:6e:e5:50:
30:67:19:e6:18:4e:bf:d8:5a:f1:3c:84:23:af:2f:62:8b:e7:
af:11:03:ec:f0:fc:f6:f9:f8:a8:73:fe:18:16:fc:5a:7c:42:
ac:38:bc:e2:d1:57:1c:38:ca:30:96:42:db:ea:d5:b5:6d:c4:
2b:ed:d8:1a:56:5e:23:76:0c:c6:f6:ff:5f:3a:a8:8b:32:98:
0c:0e:57:d9:6d:89:af:05:07:ee:3c:15:0f:54:1e:b0:28:60:
5b:bc:eb:e7:7e:64:b9:4d:c5:64:b2:4b:79:79:7c:8c:87:f3:
8c:0a:b1:6f:f7:f2:7e:c4:73:2a:6b:ba:ba:bb:74:47:bb:7d:
5c:25:dc:cb:71:c4:3d:7e:19:3d:3c:52:92:74:f6:dd:c1:60:
7b:e7:fc:2e:5f:fd:d9:5a:2a:a4:47:36:e1:5e:42:6e:b9:0c:
d2:bc:7f:e8:68:0b:62:08:fe:b9:f3:59:98:61:72:e6:2a:8d:
b9:b3:1b:e2:c1:6a:cd:5a:62:87:2c:44:49:00:02:17:62:63:
36:88:d2:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAWSZMxPe6cQO+amb8AUbZOU0jiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTUwMDZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiOGVhYjgyZmQxZGI1MGM2N2NhMTQwOWU0ODU0MDVkMTM5YjQ3ODQ3Nzky
MmI3N2QwODNkN2Y0MTFiOGQ4YWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJeNtnnucsCu48jD/oFuJQLYCiJ59rxpg19uD374eIrwrciJVr37zrknK99t
TkqOesdEq6ffSFsCJN8+69T7aY2nZlFAgwX9hwGfb98SsPap5M0f2RP/P/xLPx6N
fPkBQMpUUpKHvfFglpwSdR/jMNbFBWEALtgBckXEbFPQgfCv8V1+BmaObvQm9ju2
X+Ap9kuUOO2t1yQ8KYXzCoeE+tNVHbmg5IG+mtjSSuFcbcyAruc5fG1JQeIXO68Z
of03O7p0rdNJndr2KTH2XA8V5OWuhFNyGGThRkcyuhBtPuxAAwLG9ImcNvAFAjkS
riOD9HPOH+l8f4MNKdy6YAzEijUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSOkzyv
XK0Xam/goLTnPkdTIPzHHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMzNzY5YzgtMDAyYy00OTFjLTliOTktMzI0ZmU5ZjU3NDNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CIA
MA0GCSqGSIb3DQEBCwUAA4IBAQA6Wm7J87UiwAHX0zwaT7nT0SDXJpZUrRegQiA1
LI9lNKdww1RjEczh1Hbkaff3wo8wJyNu5VAwZxnmGE6/2FrxPIQjry9ii+evEQPs
8Pz2+fioc/4YFvxafEKsOLzi0VccOMowlkLb6tW1bcQr7dgaVl4jdgzG9v9fOqiL
MpgMDlfZbYmvBQfuPBUPVB6wKGBbvOvnfmS5TcVkskt5eXyMh/OMCrFv9/J+xHMq
a7q6u3RHu31cJdzLccQ9fhk9PFKSdPbdwWB75/wuX/3ZWiqkRzbhXkJuuQzSvH/o
aAtiCP6581mYYXLmKo25sxviwWrNWmKHLERJAAIXYmM2iNLi
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:37 2025 by rpki-client