Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab51a88f-7495-4754-985a-700885d2554a.roa
File: ab51a88f-7495-4754-985a-700885d2554a.roa (raw, json)
Hash identifier: wdnxegQToAVcwkRfksmdn2QfhJXJUPUK3VMsX6mT1vQ=
Subject key identifier: C4:9A:F3:51:E2:90:58:71:6E:5D:4F:46:E7:23:04:EE:4D:62:BF:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A8F16BA02D4607E427BEDAE7DEB4628BEE0631C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab51a88f-7495-4754-985a-700885d2554a.roa
Signing time: Fri 11 Jul 2025 19:30:57 +0000
ROA not before: Fri 11 Jul 2025 19:30:57 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:e040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:8f:16:ba:02:d4:60:7e:42:7b:ed:ae:7d:eb:46:28:be:e0:63:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:30:57 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=abb2a017fe1921c418b4a2be0f02fd6a83efce6999be255ab27df751815dc206, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:79:15:36:ec:76:6c:45:14:f0:1f:f8:ba:8a:
97:ce:50:95:56:7a:21:2d:8a:ab:e6:e8:08:2b:ea:
cd:18:27:26:ee:eb:74:16:69:e4:c5:b6:34:57:10:
15:90:49:02:1b:c9:56:b6:5f:45:87:51:a9:64:3f:
43:d5:9d:fa:cc:a5:60:93:f8:9e:ff:41:fe:6c:b9:
cb:3e:fe:a0:41:ab:45:6a:d1:8e:58:5c:8f:aa:8c:
5e:ec:4e:cd:28:0b:c1:69:f4:e9:37:dd:fa:69:85:
73:b2:13:4c:6c:e8:ba:f8:0b:a2:c2:4a:40:40:04:
21:79:09:08:3a:f8:df:f2:9e:18:f9:22:33:dd:03:
9e:70:87:63:e3:96:e6:7c:a0:d1:79:fe:ca:9e:d3:
21:1f:07:7c:0e:74:e9:7c:18:e4:bd:9c:11:d6:43:
69:fe:d5:55:22:ce:44:68:8b:e6:e1:c9:44:55:94:
c6:6d:cc:a2:4b:dc:14:8e:09:9e:f8:c7:14:bf:13:
8e:93:a4:2f:c8:01:13:1e:8b:af:27:76:b2:ab:b3:
bc:9b:ea:c3:a1:f0:fd:8b:90:dd:5f:7e:4b:ce:24:
fd:df:64:4a:d1:73:df:4a:be:96:4b:c3:3a:3a:f9:
e8:b6:ec:e4:db:49:9a:07:3f:1a:57:93:39:ac:b1:
22:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9A:F3:51:E2:90:58:71:6E:5D:4F:46:E7:23:04:EE:4D:62:BF:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab51a88f-7495-4754-985a-700885d2554a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:e040::/46
Signature Algorithm: sha256WithRSAEncryption
a1:73:55:9a:a1:a0:19:72:e4:c9:fd:33:cb:fb:fc:be:74:1a:
1b:94:7c:a1:87:74:05:75:f2:80:9c:ba:d5:b4:d5:bb:19:0c:
05:d9:70:99:b0:c4:a0:ef:f1:f2:a0:b9:2a:4c:32:0c:fb:35:
11:8f:ce:73:19:22:6c:ab:f5:49:88:2b:df:bc:44:74:93:17:
1f:d7:9a:dc:fd:9c:9f:53:8e:b0:f6:df:7a:cf:c2:fa:9c:89:
77:b1:eb:7d:ce:c4:22:ed:5b:02:a4:93:66:1c:1e:42:ce:e0:
d8:09:c0:7f:3d:be:85:73:4b:9a:cf:35:99:65:4d:b0:57:58:
a2:f3:99:8d:89:32:b7:32:4d:ee:25:4d:18:98:31:30:f2:f9:
d9:54:34:ba:4b:d3:9c:bc:a3:40:15:0c:89:ef:e0:a7:d2:ee:
74:31:76:74:4a:04:63:c4:57:9f:bf:c8:e8:2e:1b:5c:36:da:
23:19:21:67:2d:19:b7:db:fa:6d:a6:4f:ee:82:4b:79:7a:fe:
5b:eb:b2:e9:4d:c1:1b:42:6d:a1:92:5e:d1:d6:3d:3d:65:68:
a4:c3:cc:08:57:74:01:75:d9:af:54:9c:ce:41:8c:bf:f2:ee:
03:af:2e:0e:f4:64:e6:0a:53:1a:63:96:b0:d8:99:44:3d:b1:
e1:ab:71:c3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeo8WugLUYH5Ce+2ufetGKL7gYxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMwNTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiYjJhMDE3ZmUxOTIxYzQxOGI0YTJiZTBmMDJmZDZhODNlZmNlNjk5OWJl
MjU1YWIyN2RmNzUxODE1ZGMyMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAId5FTbsdmxFFPAf+LqKl85QlVZ6IS2Kq+boCCvqzRgnJu7rdBZp5MW2NFcQ
FZBJAhvJVrZfRYdRqWQ/Q9Wd+sylYJP4nv9B/my5yz7+oEGrRWrRjlhcj6qMXuxO
zSgLwWn06Tfd+mmFc7ITTGzouvgLosJKQEAEIXkJCDr43/KeGPkiM90DnnCHY+OW
5nyg0Xn+yp7TIR8HfA506XwY5L2cEdZDaf7VVSLORGiL5uHJRFWUxm3MokvcFI4J
nvjHFL8TjpOkL8gBEx6Lryd2squzvJvqw6Hw/YuQ3V9+S84k/d9kStFz30q+lkvD
Ojr56Lbs5NtJmgc/GleTOayxIi8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTEmvNR
4pBYcW5dT0bnIwTuTWK/WjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWI1MWE4OGYtNzQ5NS00NzU0LTk4NWEtNzAwODg1ZDI1NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hfg
QDANBgkqhkiG9w0BAQsFAAOCAQEAoXNVmqGgGXLkyf0zy/v8vnQaG5R8oYd0BXXy
gJy61bTVuxkMBdlwmbDEoO/x8qC5KkwyDPs1EY/OcxkibKv1SYgr37xEdJMXH9ea
3P2cn1OOsPbfes/C+pyJd7Hrfc7EIu1bAqSTZhweQs7g2AnAfz2+hXNLms81mWVN
sFdYovOZjYkytzJN7iVNGJgxMPL52VQ0ukvTnLyjQBUMie/gp9LudDF2dEoEY8RX
n7/I6C4bXDbaIxkhZy0Zt9v6baZP7oJLeXr+W+uy6U3BG0JtoZJe0dY9PWVopMPM
CFd0AXXZr1SczkGMv/LuA68uDvRk5gpTGmOWsNiZRD2x4atxww==
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:15 2025 by rpki-client