Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
File: 493f1269-3ba4-4dea-829a-985dda6749ee.roa (raw, json)
Hash identifier: bQGVrYSLbLS/sgP6uD1TPhjzGqsmNLa1n5zRHK8ntZ0=
Subject key identifier: E6:7E:33:43:2E:41:2D:D6:9A:53:B9:DB:D4:6B:41:EB:30:62:53:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D6E3B3DB9EBF37BC956BC9F4AE27145E5ED77D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
Signing time: Tue 10 Jun 2025 17:21:08 +0000
ROA not before: Tue 10 Jun 2025 17:21:08 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:6e:3b:3d:b9:eb:f3:7b:c9:56:bc:9f:4a:e2:71:45:e5:ed:77:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:21:08 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=25563414e3a5f73d68921dd10fcc27206815ca0d02c30179421f810588ccab49, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:61:ec:10:2c:c6:3a:66:f7:2d:40:aa:d8:36:
63:14:55:e8:60:c0:8e:b7:61:78:1c:b2:31:5f:0d:
42:36:7d:33:68:c3:f7:d3:15:f1:a4:58:ea:fa:92:
57:05:c8:35:3f:71:9e:3f:93:55:f8:ac:eb:e3:41:
d4:de:51:e0:dd:d9:64:06:4a:0f:59:74:10:ad:dd:
db:2a:e3:4a:03:a9:42:da:d5:cc:58:7f:5b:33:6a:
7c:2c:bd:c1:e8:ef:2b:58:d0:06:bb:b5:73:6e:a9:
94:29:29:10:90:bf:6c:42:a8:8f:82:20:b2:1e:25:
93:d2:cc:c4:51:5a:d5:16:8d:e8:36:ec:99:18:13:
65:a4:ce:2a:61:04:6c:92:12:33:15:48:de:ac:3e:
51:88:7a:57:a8:b7:41:91:aa:e8:40:8c:2c:1c:cd:
c1:97:93:82:9d:39:b1:0d:6c:5f:c2:9f:f8:7d:d0:
34:c6:53:2d:63:87:67:6f:ca:79:e9:7d:76:76:3d:
84:0e:df:89:07:d3:e0:4e:cb:90:9c:42:88:19:47:
b0:72:7e:3e:b3:c3:55:01:b2:b4:3b:70:38:55:ba:
97:d6:65:16:5e:96:b3:a9:26:26:6c:0d:ec:ae:5e:
63:a5:d5:b6:8a:dd:a8:a9:98:c9:46:35:57:d7:a5:
28:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7E:33:43:2E:41:2D:D6:9A:53:B9:DB:D4:6B:41:EB:30:62:53:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075::/32
Signature Algorithm: sha256WithRSAEncryption
0a:b9:1d:66:8c:d5:ec:dd:68:90:c1:46:c3:ae:90:87:9d:75:
cf:d8:c6:1b:64:49:e4:a4:e9:7e:9b:e5:33:07:9e:ad:cc:df:
ae:6a:98:dd:76:f3:be:29:32:f6:6d:b3:09:eb:5c:60:41:33:
43:65:3f:22:1c:d6:8a:63:7c:5f:16:49:94:4a:a4:09:11:c5:
c4:7f:f3:ee:ba:43:b0:ed:07:1a:b7:15:d3:d2:52:0f:38:12:
94:c0:f7:18:4f:7b:40:0e:66:b9:84:84:4e:97:78:7e:81:1c:
58:51:7b:56:5f:5e:6d:07:7c:0c:5d:d6:e8:67:a4:78:47:a8:
c2:f6:74:3e:8c:9f:7b:f3:b6:05:a4:f0:76:0a:c5:17:61:69:
39:d4:f7:98:64:00:bc:79:bd:4d:e4:22:75:1a:00:98:34:c9:
b4:a0:f0:81:00:e2:2c:3e:09:2b:14:6a:56:78:af:45:b9:6e:
b8:f0:06:64:f6:7c:2d:84:8e:52:a4:b6:2f:3d:72:a7:ce:b1:
4e:8b:aa:ab:87:d6:2e:91:be:c3:91:d9:0e:1b:24:5b:1e:ec:
01:00:7a:8a:8b:78:60:31:f7:87:17:1c:73:b7:09:02:40:69:
79:2b:cb:84:7b:be:b5:ba:c4:db:5b:09:a5:44:53:ad:74:d4:
da:11:6b:b1
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUXW47Pbnr83vJVryfSuJxReXtd9MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIxMDhaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1NTYzNDE0ZTNhNWY3M2Q2ODkyMWRkMTBmY2MyNzIwNjgxNWNhMGQwMmMz
MDE3OTQyMWY4MTA1ODhjY2FiNDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMth7BAsxjpm9y1Aqtg2YxRV6GDAjrdheByyMV8NQjZ9M2jD99MV8aRY6vqS
VwXINT9xnj+TVfis6+NB1N5R4N3ZZAZKD1l0EK3d2yrjSgOpQtrVzFh/WzNqfCy9
wejvK1jQBru1c26plCkpEJC/bEKoj4Igsh4lk9LMxFFa1RaN6DbsmRgTZaTOKmEE
bJISMxVI3qw+UYh6V6i3QZGq6ECMLBzNwZeTgp05sQ1sX8Kf+H3QNMZTLWOHZ2/K
eel9dnY9hA7fiQfT4E7LkJxCiBlHsHJ+PrPDVQGytDtwOFW6l9ZlFl6Ws6kmJmwN
7K5eY6XVtordqKmYyUY1V9elKPUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTmfjND
LkEt1ppTudvUa0HrMGJTMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkzZjEyNjktM2JhNC00ZGVhLTgyOWEtOTg1ZGRhNjc0OWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HUw
DQYJKoZIhvcNAQELBQADggEBAAq5HWaM1ezdaJDBRsOukIeddc/YxhtkSeSk6X6b
5TMHnq3M365qmN12874pMvZtswnrXGBBM0NlPyIc1opjfF8WSZRKpAkRxcR/8+66
Q7DtBxq3FdPSUg84EpTA9xhPe0AOZrmEhE6XeH6BHFhRe1ZfXm0HfAxd1uhnpHhH
qML2dD6Mn3vztgWk8HYKxRdhaTnU95hkALx5vU3kInUaAJg0ybSg8IEA4iw+CSsU
alZ4r0W5brjwBmT2fC2EjlKkti89cqfOsU6LqquH1i6RvsOR2Q4bJFse7AEAeoqL
eGAx94cXHHO3CQJAaXkry4R7vrW6xNtbCaVEU6101NoRa7E=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:30 2025 by rpki-client