Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
File: 02484022-c79f-4464-827b-2127faff0b06.roa (raw, json)
Hash identifier: A0V/jwj6ci5XnLTg1oH9WoM8RBKuCeD9fJCsLxJN1Ek=
Subject key identifier: BD:FE:FB:0A:F8:E9:61:FF:58:A8:DA:88:15:B3:85:A0:81:8E:46:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23821C6D39FB2836F0A95D2ABC76053321538B3E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
Signing time: Fri 06 Jun 2025 15:10:43 +0000
ROA not before: Fri 06 Jun 2025 15:10:43 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:82:1c:6d:39:fb:28:36:f0:a9:5d:2a:bc:76:05:33:21:53:8b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:43 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=4cb791633809596a2465a48ff67708cd5afa66ea9fce2e49a890783ee6cd011f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b7:1a:e9:16:cb:8f:22:d5:94:20:a0:dc:12:
21:d5:05:40:3f:b1:6d:dd:2e:1e:67:a6:c7:c6:86:
63:5b:96:b9:44:4b:2c:e2:8f:da:77:2c:67:c3:02:
9d:1a:66:31:a1:d4:7d:31:e7:6f:95:6f:a3:25:0e:
87:fd:16:31:61:be:06:eb:83:80:44:2a:aa:99:04:
40:49:32:96:84:1a:18:b8:12:73:c6:2a:6a:ed:4f:
be:c2:45:fb:6c:c8:47:9c:50:81:eb:ba:0b:aa:d6:
e5:53:0c:a6:ff:58:ef:cb:2b:d1:68:08:eb:23:6f:
70:f3:ea:fd:3c:1b:80:ac:3a:42:7c:91:79:eb:21:
3c:b7:5a:d9:39:0a:e8:eb:7e:b2:bb:9c:78:3d:1d:
a3:5e:51:2c:c4:75:82:5a:5d:8e:f1:a6:67:ad:71:
54:21:26:0d:b6:61:ed:d4:71:80:9c:e2:62:ab:50:
1d:d2:07:49:c2:b6:6b:3c:a2:4f:2c:94:ae:75:e2:
52:85:6b:5e:f0:43:09:d8:8b:24:85:57:b5:d5:da:
64:c9:e2:13:24:c3:40:a5:96:e2:97:55:1c:d2:71:
84:f0:09:b4:78:bf:0b:da:3f:f5:fc:b7:fa:5c:08:
9a:2a:3c:76:7d:03:4f:2c:44:f9:8d:12:56:66:97:
76:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:FE:FB:0A:F8:E9:61:FF:58:A8:DA:88:15:B3:85:A0:81:8E:46:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030::/32
Signature Algorithm: sha256WithRSAEncryption
a3:b7:17:81:b0:d4:d4:b5:7f:65:44:91:2c:cb:6c:cb:08:98:
c4:73:52:8a:94:c7:ac:e5:10:59:d5:6c:c3:dc:42:35:7a:d6:
1a:27:cf:39:cf:5d:ef:b9:f0:5c:57:7f:83:6d:b3:3a:e4:16:
30:13:d9:f7:3c:a6:88:93:d1:c3:e3:e4:a6:61:27:0a:f1:ac:
56:6d:2b:ca:02:3b:0a:8b:2a:90:3c:2b:6a:8a:46:30:4e:31:
69:ea:91:27:6a:e5:4a:53:3c:60:7a:92:d2:41:62:32:cf:3f:
e1:d4:d5:3b:13:e6:09:cf:fb:57:16:13:62:35:22:33:82:d1:
ef:29:ce:49:4a:ce:f4:76:8e:80:a2:68:90:1f:c9:4d:28:31:
b0:63:2c:ce:ba:6c:40:97:39:4c:cc:65:d1:75:04:3d:80:1a:
24:86:4d:c0:29:94:9f:a5:7c:69:a4:b2:a7:03:a9:70:74:82:
19:2c:ba:9b:04:35:c3:fd:98:a0:12:05:05:27:20:79:5c:a5:
76:68:c4:c3:81:05:42:22:d7:4d:a5:3e:40:3b:83:4d:66:59:
2e:50:03:e7:ff:fb:88:b8:39:62:5e:8d:67:7b:f6:84:fc:db:
70:17:55:61:2d:09:51:f2:a6:75:e5:51:c7:66:e3:35:7b:4a:
6f:10:2e:3a
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUI4IcbTn7KDbwqV0qvHYFMyFTiz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwNDNaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjYjc5MTYzMzgwOTU5NmEyNDY1YTQ4ZmY2NzcwOGNkNWFmYTY2ZWE5ZmNl
MmU0OWE4OTA3ODNlZTZjZDAxMWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO23GukWy48i1ZQgoNwSIdUFQD+xbd0uHmemx8aGY1uWuURLLOKP2ncsZ8MC
nRpmMaHUfTHnb5VvoyUOh/0WMWG+BuuDgEQqqpkEQEkyloQaGLgSc8Yqau1PvsJF
+2zIR5xQgeu6C6rW5VMMpv9Y78sr0WgI6yNvcPPq/TwbgKw6QnyReeshPLda2TkK
6Ot+sruceD0do15RLMR1glpdjvGmZ61xVCEmDbZh7dRxgJziYqtQHdIHScK2azyi
TyyUrnXiUoVrXvBDCdiLJIVXtdXaZMniEyTDQKWW4pdVHNJxhPAJtHi/C9o/9fy3
+lwImio8dn0DTyxE+Y0SVmaXdm8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS9/vsK
+Olh/1io2ogVs4WggY5GazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDI0ODQwMjItYzc5Zi00NDY0LTgyN2ItMjEyN2ZhZmYwYjA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DAw
DQYJKoZIhvcNAQELBQADggEBAKO3F4Gw1NS1f2VEkSzLbMsImMRzUoqUx6zlEFnV
bMPcQjV61honzznPXe+58FxXf4NtszrkFjAT2fc8poiT0cPj5KZhJwrxrFZtK8oC
OwqLKpA8K2qKRjBOMWnqkSdq5UpTPGB6ktJBYjLPP+HU1TsT5gnP+1cWE2I1IjOC
0e8pzklKzvR2joCiaJAfyU0oMbBjLM66bECXOUzMZdF1BD2AGiSGTcAplJ+lfGmk
sqcDqXB0ghksupsENcP9mKASBQUnIHlcpXZoxMOBBUIi102lPkA7g01mWS5QA+f/
+4i4OWJejWd79oT823AXVWEtCVHypnXlUcdm4zV7Sm8QLjo=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:22 2025 by rpki-client