Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa
File: ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa (raw, json)
Hash identifier: 0OpbDrHAE/WsHWTJNIwhZVHeFG5I9Tf1teH59hgPLHg=
Subject key identifier: 06:B6:E4:88:10:BD:61:D4:A2:48:F1:D3:45:53:CE:7B:7A:E4:73:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 187A5B832DBC40A85237E027AEF36067C89E09C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa
Signing time: Fri 11 Jul 2025 20:01:34 +0000
ROA not before: Fri 11 Jul 2025 20:01:34 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:7a:5b:83:2d:bc:40:a8:52:37:e0:27:ae:f3:60:67:c8:9e:09:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:01:34 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=c4d938fe43c8aaa84c9f93346a204db01fd7faa7330076aa0e895edac4a1759f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3e:39:85:a3:d8:6e:e9:07:3f:a9:ff:62:3c:
8b:79:53:c0:fe:e8:59:83:be:81:63:e1:8f:a1:10:
3e:c7:5b:c9:8a:be:af:0c:2f:c2:0c:19:dc:f8:97:
d9:4d:35:97:55:c0:82:85:3f:b9:18:8f:93:46:e9:
65:1f:9d:c3:96:e0:5a:1d:b3:1e:25:c9:45:de:8f:
2d:dc:51:2c:49:67:c1:67:aa:f1:7c:19:1e:74:32:
5b:47:fb:44:97:18:33:d5:cb:38:77:64:1a:55:25:
dd:51:ed:da:2d:fd:cd:b1:5b:bf:53:d4:ac:e5:d4:
32:5a:5e:03:6b:56:22:b0:3b:9e:e0:a7:c7:3c:6d:
a9:ad:34:fc:0b:bd:52:ac:8a:45:13:24:9b:19:df:
a4:b8:5c:5e:53:29:c5:b7:3e:c1:d3:7f:84:c0:57:
04:49:a3:be:1a:52:1e:24:33:76:7d:f1:35:fc:54:
c9:1d:2c:d9:71:bf:f3:25:44:00:e1:03:3f:55:5d:
9c:81:5d:dc:22:a2:fb:22:29:c0:8a:9e:e9:70:75:
f0:be:6e:35:24:49:b9:12:df:0e:56:b3:97:e4:b6:
30:e7:00:d3:d0:b3:55:38:99:64:66:da:91:48:b5:
b6:d7:1a:a5:47:03:93:a4:73:94:2d:32:4f:60:bb:
4e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B6:E4:88:10:BD:61:D4:A2:48:F1:D3:45:53:CE:7B:7A:E4:73:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e040::/46
Signature Algorithm: sha256WithRSAEncryption
13:32:04:de:53:73:1c:ec:b7:9f:82:8c:75:28:84:16:8b:a9:
48:6e:e0:e9:41:a0:b9:b9:b7:c4:47:6a:0c:6a:b7:d4:d7:df:
af:ac:5c:d2:0e:a4:b7:90:64:ff:9a:d3:f3:e1:b6:8b:92:93:
5b:de:87:c4:0f:5a:4b:79:f7:44:46:a4:b3:47:06:44:60:2c:
f8:ff:a4:58:e1:66:0e:aa:b5:8e:1e:29:36:5b:1e:ea:4c:6d:
90:46:86:f8:a9:5b:f5:c5:51:0a:f7:ec:37:d5:3a:01:48:7f:
31:69:26:9e:5c:4e:f4:42:d4:31:a3:1b:1b:6f:bd:fd:ca:69:
92:9c:3c:ac:09:07:c5:3e:0b:88:2f:b7:2a:a5:68:3f:06:b3:
1b:8a:b7:18:94:14:45:6c:7a:3b:15:47:d2:69:08:06:79:8e:
5c:41:f3:ea:7b:09:1e:c1:c9:88:fc:7c:2a:98:a9:31:36:9d:
1b:aa:eb:c6:ca:6f:0e:ff:2b:da:fb:e8:0d:77:bf:b8:70:fe:
ce:4c:9b:a1:a6:80:09:e1:78:d3:b4:04:b0:dd:63:21:83:fc:
e4:33:65:a9:5d:5a:b6:4c:21:89:11:b3:35:b0:4b:8c:25:bd:
2e:ce:d0:0c:f1:c9:c3:21:b2:93:6d:92:f8:07:ae:92:ff:7a:
47:26:bb:df
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGHpbgy28QKhSN+AnrvNgZ8ieCcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAxMzRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0ZDkzOGZlNDNjOGFhYTg0YzlmOTMzNDZhMjA0ZGIwMWZkN2ZhYTczMzAw
NzZhYTBlODk1ZWRhYzRhMTc1OWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8+OYWj2G7pBz+p/2I8i3lTwP7oWYO+gWPhj6EQPsdbyYq+rwwvwgwZ3PiX
2U01l1XAgoU/uRiPk0bpZR+dw5bgWh2zHiXJRd6PLdxRLElnwWeq8XwZHnQyW0f7
RJcYM9XLOHdkGlUl3VHt2i39zbFbv1PUrOXUMlpeA2tWIrA7nuCnxzxtqa00/Au9
UqyKRRMkmxnfpLhcXlMpxbc+wdN/hMBXBEmjvhpSHiQzdn3xNfxUyR0s2XG/8yVE
AOEDP1VdnIFd3CKi+yIpwIqe6XB18L5uNSRJuRLfDlazl+S2MOcA09CzVTiZZGba
kUi1ttcapUcDk6RzlC0yT2C7TiMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQGtuSI
EL1h1KJI8dNFU857euRzeDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIxNzMwYTItYmI2My00YTk0LTgwYWUtZTg0YWNkZWY5M2IyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXg
QDANBgkqhkiG9w0BAQsFAAOCAQEAEzIE3lNzHOy3n4KMdSiEFoupSG7g6UGgubm3
xEdqDGq31Nffr6xc0g6kt5Bk/5rT8+G2i5KTW96HxA9aS3n3REaks0cGRGAs+P+k
WOFmDqq1jh4pNlse6kxtkEaG+Klb9cVRCvfsN9U6AUh/MWkmnlxO9ELUMaMbG2+9
/cppkpw8rAkHxT4LiC+3KqVoPwazG4q3GJQURWx6OxVH0mkIBnmOXEHz6nsJHsHJ
iPx8KpipMTadG6rrxspvDv8r2vvoDXe/uHD+zkyboaaACeF407QEsN1jIYP85DNl
qV1atkwhiRGzNbBLjCW9Ls7QDPHJwyGyk22S+Aeukv96Rya73w==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:17 2025 by rpki-client