Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
File: ab7811c0-f548-43b8-897d-fac68de3433a.roa (raw, json)
Hash identifier: qjDC11KDjlmPzQVYEBuOyBj1s0XHaeH/tHASOwosKdM=
Subject key identifier: F5:54:B1:C3:8B:2B:75:70:8F:BC:BE:F2:CB:AF:3E:85:4F:88:BB:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73936BC606F634633378C989233462EE952C6585
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
Signing time: Fri 11 Jul 2025 20:41:16 +0000
ROA not before: Fri 11 Jul 2025 20:41:16 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:93:6b:c6:06:f6:34:63:33:78:c9:89:23:34:62:ee:95:2c:65:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:41:16 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=fc6651e9177b3e6cbe405570b2734d02fa040ead361336e1477e32f26c3b3cba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4a:c7:80:dd:3b:fc:89:ae:b6:21:b3:54:0b:
50:af:1b:7d:3a:3e:b8:4c:94:67:fd:7d:cb:42:32:
4d:68:2b:37:ba:7f:4e:c3:54:7d:57:71:95:bc:d3:
8f:5f:ce:6b:34:6c:93:40:f1:ea:f8:ca:08:db:c4:
4e:96:1f:a2:11:58:bf:f7:fe:37:52:b5:3c:aa:84:
14:28:ef:20:b1:d7:b7:8e:8c:ff:48:5d:61:08:65:
ec:82:b4:46:52:8e:26:f2:46:bc:ad:c9:75:f1:13:
67:31:13:53:c8:f9:51:5d:1b:48:ae:6d:c6:5d:94:
86:37:ab:83:72:90:a7:b9:42:53:49:a1:f6:3f:e3:
84:c6:f8:ff:99:dc:06:e2:68:81:a4:6a:76:97:22:
ac:55:23:bc:30:aa:84:ea:06:d8:47:4a:7a:bf:8c:
9b:da:5e:c8:8e:cd:af:1f:69:30:d2:66:94:6b:1a:
7e:0a:d1:c2:b2:22:77:cd:99:83:65:bf:c5:e7:19:
d5:87:7e:ea:a0:b4:e8:22:2e:92:60:f3:34:e8:20:
b2:c5:38:74:71:71:88:fe:0c:a9:9e:fc:ed:07:b9:
68:c4:85:bb:d0:41:f4:18:79:28:b3:75:bc:4c:be:
3c:b2:4c:fd:e9:a6:02:7a:38:b1:22:17:70:12:82:
d8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:54:B1:C3:8B:2B:75:70:8F:BC:BE:F2:CB:AF:3E:85:4F:88:BB:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c::/36
Signature Algorithm: sha256WithRSAEncryption
11:f8:3d:10:f0:88:9f:f8:22:6d:07:0d:bc:ef:bc:91:53:9e:
c7:a2:28:32:3a:58:91:c5:9f:e3:a8:cd:6d:e9:4e:6f:8d:f6:
7f:22:2d:de:40:d6:52:86:ef:13:5f:5f:57:b5:9c:91:c5:8d:
39:b6:54:4d:cb:9b:35:ba:4b:62:ee:c2:54:9c:6b:7b:9d:2c:
8c:9a:fa:9f:98:d2:97:6a:4a:cd:ad:e9:f5:95:7a:ee:b3:d1:
7f:97:48:b4:4d:53:e3:63:5d:32:98:da:7c:76:03:3f:25:41:
f8:91:f1:99:6f:b9:51:fe:b5:b5:37:5f:46:0a:5c:d5:48:10:
08:1c:80:d9:72:d8:50:d3:a0:a4:48:70:7c:23:9d:ac:55:4f:
62:6a:12:2a:b6:50:0e:6c:79:08:d2:85:bf:35:69:5c:6f:a5:
d4:34:c6:2f:97:59:70:39:26:41:07:7d:c1:c9:7c:50:6f:dd:
52:00:70:7a:eb:10:6a:fe:8d:7e:aa:54:95:f4:e8:89:89:cc:
f1:ea:8f:c0:62:55:d4:ce:b4:44:90:91:51:d9:56:7f:aa:20:
dc:7c:cb:be:1b:16:8e:d2:a9:c8:e6:51:d3:a7:d3:5b:ed:39:
6f:49:7e:36:70:00:2e:2a:3e:86:02:b3:61:49:19:96:cb:3d:
f8:70:5c:79
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc5Nrxgb2NGMzeMmJIzRi7pUsZYUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQxMTZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjNjY1MWU5MTc3YjNlNmNiZTQwNTU3MGIyNzM0ZDAyZmEwNDBlYWQzNjEz
MzZlMTQ3N2UzMmYyNmMzYjNjYmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZKx4DdO/yJrrYhs1QLUK8bfTo+uEyUZ/19y0IyTWgrN7p/TsNUfVdxlbzT
j1/OazRsk0Dx6vjKCNvETpYfohFYv/f+N1K1PKqEFCjvILHXt46M/0hdYQhl7IK0
RlKOJvJGvK3JdfETZzETU8j5UV0bSK5txl2Uhjerg3KQp7lCU0mh9j/jhMb4/5nc
BuJogaRqdpcirFUjvDCqhOoG2EdKer+Mm9peyI7Nrx9pMNJmlGsafgrRwrIid82Z
g2W/xecZ1Yd+6qC06CIukmDzNOggssU4dHFxiP4MqZ787Qe5aMSFu9BB9Bh5KLN1
vEy+PLJM/emmAno4sSIXcBKC2B8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT1VLHD
iyt1cI+8vvLLrz6FT4i74DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWI3ODExYzAtZjU0OC00M2I4LTg5N2QtZmFjNjhkZTM0MzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BwA
MA0GCSqGSIb3DQEBCwUAA4IBAQAR+D0Q8Iif+CJtBw2877yRU57HoigyOliRxZ/j
qM1t6U5vjfZ/Ii3eQNZShu8TX19XtZyRxY05tlRNy5s1ukti7sJUnGt7nSyMmvqf
mNKXakrNren1lXrus9F/l0i0TVPjY10ymNp8dgM/JUH4kfGZb7lR/rW1N19GClzV
SBAIHIDZcthQ06CkSHB8I52sVU9iahIqtlAObHkI0oW/NWlcb6XUNMYvl1lwOSZB
B33ByXxQb91SAHB66xBq/o1+qlSV9OiJiczx6o/AYlXUzrREkJFR2VZ/qiDcfMu+
GxaO0qnI5lHTp9Nb7TlvSX42cAAuKj6GArNhSRmWyz34cFx5
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:44:45 2025 by rpki-client