Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
File: ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa (raw, json)
Hash identifier: hyoCJz7vHWrAXQxMk6ZwRDBQZf1ZFER9X6L5ehlOboQ=
Subject key identifier: 4C:06:C1:A0:D0:9B:B7:91:34:D7:4A:AD:A0:E5:2A:83:F5:80:C4:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 115E6BD12D861BAA19968F239237D172BF4DC702
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
Signing time: Fri 11 Jul 2025 19:01:11 +0000
ROA not before: Fri 11 Jul 2025 19:01:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:5e:6b:d1:2d:86:1b:aa:19:96:8f:23:92:37:d1:72:bf:4d:c7:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:01:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=40454265dc1757f657d25935188fee6075cb9ec516e84f252b71ed58b115660e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c3:8a:fa:f2:94:9a:76:52:99:e0:00:20:e1:
5d:04:da:df:42:c0:c8:3b:c6:c1:ab:f0:29:a6:08:
f3:90:b0:0f:c9:15:4e:2f:75:87:84:6c:50:c3:f5:
ee:97:44:a4:e4:42:8a:4f:7a:32:49:fe:ff:5a:2a:
c4:78:6a:12:98:8e:6d:95:be:6e:06:b9:a9:92:e8:
ef:f6:48:89:a5:64:61:1b:0b:c1:fa:7e:ea:25:6f:
c1:d1:28:e1:d4:24:18:37:f9:ff:dc:d2:67:80:dd:
b0:cc:d3:fa:08:a0:2e:22:20:6a:27:45:e5:0e:70:
98:d5:b9:9a:16:25:c0:16:1c:7a:16:2f:38:7d:1b:
1d:92:0a:8a:f4:2f:22:b5:51:9b:d0:8b:fb:b0:2b:
57:9a:6f:19:44:5c:e5:a9:b9:57:9a:eb:72:d4:aa:
c7:49:7e:cc:4d:b7:5f:f9:b7:db:6e:16:e4:be:34:
d3:b3:db:35:e6:6a:ea:fb:37:f5:3f:ec:2e:d2:3b:
54:4d:c0:85:a4:a3:b5:4b:9e:53:f2:64:35:ec:52:
b9:bf:56:2a:d3:2c:ce:ad:5f:c5:26:6c:65:ee:d7:
b2:a8:53:bf:01:50:ee:f6:50:25:3b:11:fe:5f:c3:
49:ce:92:7d:bd:7d:59:97:d7:6e:ba:6b:53:31:ca:
32:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:06:C1:A0:D0:9B:B7:91:34:D7:4A:AD:A0:E5:2A:83:F5:80:C4:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
53:7e:18:43:4f:a1:39:32:bd:63:ca:29:f7:49:e0:4f:b4:8b:
eb:30:83:87:3d:9f:b7:34:fb:5c:a0:ba:fa:aa:d1:f3:db:d5:
77:48:22:a9:93:5d:73:f6:57:c3:25:b5:dc:c9:a4:bf:16:6f:
fb:db:f1:d1:06:44:8a:63:a9:40:d8:74:35:d1:cb:a8:fe:a8:
96:7a:4e:89:9a:b4:ad:7e:fa:f2:c2:ad:95:38:b5:d4:cf:b6:
e2:14:cb:85:2e:fa:33:90:1f:a6:f1:5d:ee:36:ed:b1:0f:f2:
bf:ef:59:90:fc:9a:bc:8e:a2:74:8e:75:07:c7:af:f3:72:a7:
53:0f:87:34:e6:cd:e5:f3:94:8b:03:e9:8d:21:37:45:04:70:
63:53:c4:4b:cb:91:ca:c4:22:31:44:dc:64:39:e0:32:af:0d:
37:da:e7:44:48:d1:51:e1:b2:59:fa:0b:07:25:d4:3e:c4:25:
56:84:ea:b5:81:5f:af:ee:ad:7b:1a:68:22:7c:f9:6e:fa:00:
fa:e5:0a:d0:9b:d8:50:73:aa:8c:bd:91:c9:29:73:44:a4:bd:
dc:c4:8c:ba:ac:4d:f6:03:ae:ad:42:c8:93:4a:ba:e8:ca:98:
76:98:f8:ee:8e:48:35:09:74:73:8e:0b:7a:e5:f3:33:6c:c7:
fe:58:78:81
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEV5r0S2GG6oZlo8jkjfRcr9NxwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTAxMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwNDU0MjY1ZGMxNzU3ZjY1N2QyNTkzNTE4OGZlZTYwNzVjYjllYzUxNmU4
NGYyNTJiNzFlZDU4YjExNTY2MGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrDivrylJp2UpngACDhXQTa30LAyDvGwavwKaYI85CwD8kVTi91h4RsUMP1
7pdEpORCik96Mkn+/1oqxHhqEpiObZW+bga5qZLo7/ZIiaVkYRsLwfp+6iVvwdEo
4dQkGDf5/9zSZ4DdsMzT+gigLiIgaidF5Q5wmNW5mhYlwBYcehYvOH0bHZIKivQv
IrVRm9CL+7ArV5pvGURc5am5V5rrctSqx0l+zE23X/m3224W5L4007PbNeZq6vs3
9T/sLtI7VE3AhaSjtUueU/JkNexSub9WKtMszq1fxSZsZe7XsqhTvwFQ7vZQJTsR
/l/DSc6Sfb19WZfXbrprUzHKMtMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRMBsGg
0Ju3kTTXSq2g5SqD9YDEvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIxZmRjNGEtZmExYS00ODEzLTgyNzItOTYwMWEzZDc1NWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAU34YQ0+hOTK9Y8op90ngT7SL6zCDhz2ftzT7
XKC6+qrR89vVd0giqZNdc/ZXwyW13MmkvxZv+9vx0QZEimOpQNh0NdHLqP6olnpO
iZq0rX768sKtlTi11M+24hTLhS76M5AfpvFd7jbtsQ/yv+9ZkPyavI6idI51B8ev
83KnUw+HNObN5fOUiwPpjSE3RQRwY1PES8uRysQiMUTcZDngMq8NN9rnREjRUeGy
WfoLByXUPsQlVoTqtYFfr+6texpoInz5bvoA+uUK0JvYUHOqjL2RySlzRKS93MSM
uqxN9gOurULIk0q66MqYdpj47o5INQl0c44LeuXzM2zH/lh4gQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:58 2025 by rpki-client