Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
File: ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa (raw, json)
Hash identifier: nobsol+bmqCCjAXV7jaLZE7AXvUZxIoBtnM+RwDGlq4=
Subject key identifier: 53:A2:8D:A2:20:D3:16:55:B8:6C:53:52:19:F8:12:5A:11:21:96:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73280D80F5FAA25138A029825E7AA18EE827B89B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
Signing time: Fri 11 Jul 2025 19:10:19 +0000
ROA not before: Fri 11 Jul 2025 19:10:19 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:28:0d:80:f5:fa:a2:51:38:a0:29:82:5e:7a:a1:8e:e8:27:b8:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:10:19 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=fbcdb6364b045723471f14ecb4e39b5b4241438b6bfcd26e8f55a051d239cbd1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a1:71:d5:35:3d:8d:4a:5c:a4:23:d7:d5:22:
47:0b:94:25:4f:c7:aa:14:da:b7:8d:63:ab:84:1e:
8b:88:b9:1a:f8:42:43:0f:5c:fb:db:fb:c5:7c:0e:
be:ce:61:5c:27:be:61:f7:7f:bf:bf:a2:36:39:5c:
5e:e4:f5:5f:1a:93:70:91:f9:68:31:40:3f:7d:69:
42:7f:7f:09:d6:43:54:73:c7:89:6e:44:60:77:02:
f7:0c:5e:d5:63:a0:6a:75:ac:0c:25:42:03:cd:41:
6c:f5:13:ec:b4:e5:b8:98:ce:16:b8:9d:e0:c9:0c:
ce:07:5d:e4:cf:dd:0a:30:15:0b:01:fa:b8:ba:3a:
b0:ce:d0:e7:50:ab:f2:5d:8c:96:6c:e4:34:fe:32:
7d:8c:18:d5:00:6d:dc:52:dc:4e:13:22:d7:8e:5e:
be:08:1c:07:4d:5d:03:4e:6b:2b:d1:c6:56:6b:fa:
d7:aa:59:e0:11:4f:88:b9:73:ae:d4:ef:fe:fc:87:
d6:93:71:e5:70:b6:29:d8:33:7f:d8:b7:c4:d0:49:
10:5b:42:fb:e7:56:9d:e7:5b:db:a5:61:8c:70:dc:
a2:a6:2a:22:68:4b:5c:85:6d:73:07:ae:04:84:12:
8f:bb:75:2c:59:a5:86:da:ae:c7:39:4f:7a:e0:2d:
04:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A2:8D:A2:20:D3:16:55:B8:6C:53:52:19:F8:12:5A:11:21:96:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
20:b5:76:34:43:b0:5f:a7:f8:50:89:97:25:46:f8:8c:91:e8:
e9:fe:e2:d8:98:e9:78:88:7d:aa:26:3d:57:fd:bb:26:17:be:
fc:15:70:93:c7:dc:d5:4a:b6:98:b8:72:65:85:94:74:e7:d2:
00:31:27:7e:90:96:c9:f2:b2:63:84:88:18:39:f2:6f:a6:ca:
88:3a:21:35:00:9d:4e:68:5d:0a:88:51:7b:fa:7b:3c:04:c8:
dc:e1:ca:89:d0:88:45:b0:3b:fa:f2:2d:df:46:ff:16:76:8b:
83:d7:de:cb:c6:9b:97:0a:8d:a0:63:96:60:06:43:ee:71:24:
a7:c4:68:39:70:1d:ca:f3:3d:c3:de:32:3b:b3:56:ee:56:4d:
fd:d3:9b:fe:64:21:a5:5e:e0:31:9c:6a:cb:22:a0:d2:13:3e:
c1:bb:69:88:69:14:03:c8:f5:b9:0f:9d:57:92:55:9b:26:be:
24:ad:a3:a8:4b:60:9b:14:c0:ec:35:e2:35:44:03:e4:9e:42:
b5:1c:f6:c1:8c:f2:c0:73:23:e4:63:8f:64:9e:5a:6e:30:46:
fe:e9:af:d7:6b:75:bb:01:ea:80:42:91:a2:a6:e2:9a:3d:eb:
21:6b:76:49:f7:d2:e9:b8:2f:be:d0:3b:0d:21:09:66:fb:aa:
d3:b2:f5:85
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcygNgPX6olE4oCmCXnqhjugnuJswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTEwMTlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiY2RiNjM2NGIwNDU3MjM0NzFmMTRlY2I0ZTM5YjViNDI0MTQzOGI2YmZj
ZDI2ZThmNTVhMDUxZDIzOWNiZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKhcdU1PY1KXKQj19UiRwuUJU/HqhTat41jq4Qei4i5GvhCQw9c+9v7xXwO
vs5hXCe+Yfd/v7+iNjlcXuT1XxqTcJH5aDFAP31pQn9/CdZDVHPHiW5EYHcC9wxe
1WOganWsDCVCA81BbPUT7LTluJjOFrid4MkMzgdd5M/dCjAVCwH6uLo6sM7Q51Cr
8l2MlmzkNP4yfYwY1QBt3FLcThMi145evggcB01dA05rK9HGVmv616pZ4BFPiLlz
rtTv/vyH1pNx5XC2Kdgzf9i3xNBJEFtC++dWnedb26VhjHDcoqYqImhLXIVtcweu
BIQSj7t1LFmlhtquxzlPeuAtBCsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRToo2i
INMWVbhsU1IZ+BJaESGWeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIyMzJiODYtOWJkNi00MDljLThkZTUtOTJiZmZmMmE4YjVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
wDANBgkqhkiG9w0BAQsFAAOCAQEAILV2NEOwX6f4UImXJUb4jJHo6f7i2JjpeIh9
qiY9V/27Jhe+/BVwk8fc1Uq2mLhyZYWUdOfSADEnfpCWyfKyY4SIGDnyb6bKiDoh
NQCdTmhdCohRe/p7PATI3OHKidCIRbA7+vIt30b/FnaLg9fey8ablwqNoGOWYAZD
7nEkp8RoOXAdyvM9w94yO7NW7lZN/dOb/mQhpV7gMZxqyyKg0hM+wbtpiGkUA8j1
uQ+dV5JVmya+JK2jqEtgmxTA7DXiNUQD5J5CtRz2wYzywHMj5GOPZJ5abjBG/umv
12t1uwHqgEKRoqbimj3rIWt2SffS6bgvvtA7DSEJZvuq07L1hQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:50 2025 by rpki-client