Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
File: 493f1269-3ba4-4dea-829a-985dda6749ee.roa (raw, json)
Hash identifier: 9LD3KEujZ1LOwIXgySTbjYALknTnbQ1Dl/ZdnzNBh3I=
Subject key identifier: 48:BE:E4:BE:6E:AE:30:5A:62:44:55:71:B0:F8:6B:D2:38:33:AA:A1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 054828EDC3EA2053A308F3C479AD45068DC3B981
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
Signing time: Fri 01 Aug 2025 17:11:10 +0000
ROA not before: Fri 01 Aug 2025 17:11:10 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:48:28:ed:c3:ea:20:53:a3:08:f3:c4:79:ad:45:06:8d:c3:b9:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:11:10 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=88d19f0a241c817de6312e88cf21f4c7a266c194df8dec17929c9f20597e9617, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5f:88:dd:0b:20:68:6d:c1:b5:50:b8:e1:17:
28:fb:4c:3c:75:ef:ae:3e:44:dc:fb:5d:7e:0d:e0:
48:40:38:f9:53:ee:d7:e7:af:f5:82:45:a7:06:86:
e6:43:64:27:54:88:07:48:f5:77:56:5a:a9:ec:2f:
da:12:17:84:88:84:95:c6:29:a3:ef:e0:95:21:b1:
bc:79:df:96:0b:48:df:4c:6b:4f:2d:fe:fb:22:19:
54:52:17:59:d2:ac:d5:6a:00:70:be:27:2b:31:93:
87:d2:08:b6:84:df:57:9d:94:6e:71:bc:06:40:c5:
82:e7:5a:f4:7a:55:35:7a:e7:10:ec:b6:59:4f:9e:
20:d1:91:fd:33:38:ab:7b:35:68:27:5f:2d:5c:13:
1a:05:ce:7b:ca:8a:1a:01:0a:68:37:c1:88:d5:b2:
0f:71:3d:4f:d3:7c:32:57:68:75:b9:5c:37:7d:64:
76:7a:c4:ce:79:8c:6f:c0:9f:2f:66:cc:83:a7:3d:
81:88:5f:9e:83:e0:3b:9a:38:c8:f8:9b:66:f4:ca:
e0:00:08:a7:c6:0c:34:b6:b0:b9:9b:8f:b4:e8:89:
2c:65:a7:bd:4e:ef:f9:36:fb:fc:82:67:cb:f4:c3:
10:f3:04:42:e1:69:b5:da:c1:b0:5f:28:67:5f:c7:
5b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:BE:E4:BE:6E:AE:30:5A:62:44:55:71:B0:F8:6B:D2:38:33:AA:A1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075::/32
Signature Algorithm: sha256WithRSAEncryption
07:ee:d2:02:d2:51:a6:37:36:f9:85:ad:b2:11:71:d3:29:8c:
e7:6e:63:9e:cf:8e:9a:ed:ea:c5:04:3a:b7:bc:37:10:8e:b7:
62:c4:d4:3c:41:68:29:26:59:14:e9:d6:45:4b:aa:0c:cd:67:
44:06:c8:c2:c0:ab:6e:12:49:40:f7:87:9d:c6:6e:5b:a6:ff:
19:56:f4:d7:4d:6a:47:08:3f:df:47:3d:34:39:d7:c3:3c:1c:
5f:5e:44:fe:58:ff:e8:50:4e:8d:f9:e7:ad:f9:a2:47:1b:26:
39:c8:bc:04:f2:b6:de:10:90:63:f2:1a:3c:c1:31:9c:92:7b:
11:eb:0e:7a:a8:04:8b:6f:01:ba:57:33:42:c2:a5:81:24:33:
d0:eb:2a:4a:1d:da:13:fc:89:54:f8:e1:ce:0c:96:84:6a:81:
22:32:a6:28:75:9c:41:43:15:ec:da:40:9f:4b:4f:f3:3f:f1:
b2:ed:ea:cf:aa:a8:eb:8c:40:82:47:ed:51:e1:a1:a4:41:f6:
a0:aa:98:ce:d2:9b:c7:6f:b3:42:6a:c4:54:03:2d:68:87:f5:
34:d0:ab:da:d4:79:47:d9:a0:ea:5d:ab:44:c7:a5:1f:21:c6:
36:40:de:e4:00:7e:bb:9f:8c:2d:ee:34:5e:2e:9e:98:78:eb:
b5:8a:9e:42
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUBUgo7cPqIFOjCPPEea1FBo3DuYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzExMTBaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4ZDE5ZjBhMjQxYzgxN2RlNjMxMmU4OGNmMjFmNGM3YTI2NmMxOTRkZjhk
ZWMxNzkyOWM5ZjIwNTk3ZTk2MTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIpfiN0LIGhtwbVQuOEXKPtMPHXvrj5E3Ptdfg3gSEA4+VPu1+ev9YJFpwaG
5kNkJ1SIB0j1d1Zaqewv2hIXhIiElcYpo+/glSGxvHnflgtI30xrTy3++yIZVFIX
WdKs1WoAcL4nKzGTh9IItoTfV52UbnG8BkDFguda9HpVNXrnEOy2WU+eINGR/TM4
q3s1aCdfLVwTGgXOe8qKGgEKaDfBiNWyD3E9T9N8MldodblcN31kdnrEznmMb8Cf
L2bMg6c9gYhfnoPgO5o4yPibZvTK4AAIp8YMNLawuZuPtOiJLGWnvU7v+Tb7/IJn
y/TDEPMEQuFptdrBsF8oZ1/HWysCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRIvuS+
bq4wWmJEVXGw+GvSODOqoTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkzZjEyNjktM2JhNC00ZGVhLTgyOWEtOTg1ZGRhNjc0OWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HUw
DQYJKoZIhvcNAQELBQADggEBAAfu0gLSUaY3NvmFrbIRcdMpjOduY57Pjprt6sUE
Ore8NxCOt2LE1DxBaCkmWRTp1kVLqgzNZ0QGyMLAq24SSUD3h53Gblum/xlW9NdN
akcIP99HPTQ518M8HF9eRP5Y/+hQTo355635okcbJjnIvATytt4QkGPyGjzBMZyS
exHrDnqoBItvAbpXM0LCpYEkM9DrKkod2hP8iVT44c4MloRqgSIypih1nEFDFeza
QJ9LT/M/8bLt6s+qqOuMQIJH7VHhoaRB9qCqmM7Sm8dvs0JqxFQDLWiH9TTQq9rU
eUfZoOpdq0THpR8hxjZA3uQAfrufjC3uNF4unph467WKnkI=
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:02 2025 by rpki-client