Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
File: ab7811c0-f548-43b8-897d-fac68de3433a.roa (raw, json)
Hash identifier: J5bMZxv3M4jvzr2bKG+NCn+wPoZkxyj07RrigDSDfUQ=
Subject key identifier: 0C:1D:B5:6A:3B:A1:8B:E3:3A:0E:A6:79:5C:9E:EE:30:6E:7D:48:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C36B184B287CE642C6E2385673D7B509BA89919
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
Signing time: Mon 01 Sep 2025 21:11:23 +0000
ROA not before: Mon 01 Sep 2025 21:11:23 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:36:b1:84:b2:87:ce:64:2c:6e:23:85:67:3d:7b:50:9b:a8:99:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:11:23 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=992d28fc733f7f9bcc0f86bf5756dc478c316941dff87d0c8bd48850a13edc30, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ed:6c:f2:cc:89:94:47:e4:73:54:44:8c:65:
74:4e:c8:e5:5d:85:bd:30:da:3c:5b:5c:78:3a:78:
fa:d9:ab:de:83:b2:37:73:83:4d:6a:8f:5d:9f:5c:
71:e9:c9:9d:4b:65:e2:ff:37:e9:57:d0:39:90:7c:
dd:2e:f4:f7:05:10:8d:48:bd:86:ef:fe:45:46:0c:
75:42:61:a7:25:0c:0a:67:36:53:36:d5:49:2e:96:
ce:32:c8:c5:69:91:bf:15:a1:4b:ac:5a:a1:b7:e9:
a4:cf:4d:a8:1d:af:68:10:b3:31:e4:0e:e9:38:8e:
e7:9c:92:38:8c:70:ac:e2:90:22:df:ec:09:e5:cb:
ee:8c:9c:91:d3:97:f7:c7:47:a5:de:ac:b7:d2:6e:
d6:8d:dc:72:e2:32:aa:6c:c0:da:61:b3:16:87:27:
f4:2e:6e:bb:2d:3f:5e:89:d0:21:6c:65:8c:7b:7d:
7b:67:59:00:8d:74:09:51:73:fb:1a:3e:15:88:77:
98:f9:61:80:4d:09:57:0f:ce:ed:dd:f5:22:d8:29:
4c:73:93:22:25:75:e1:f8:e6:b9:6a:a2:67:c8:33:
6c:64:1d:82:1d:b8:a8:a0:5f:9f:25:27:c2:dc:04:
a7:1e:07:51:1a:51:5e:6d:97:c5:27:cd:e2:ff:ab:
81:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:1D:B5:6A:3B:A1:8B:E3:3A:0E:A6:79:5C:9E:EE:30:6E:7D:48:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c::/36
Signature Algorithm: sha256WithRSAEncryption
82:53:e6:11:91:55:90:35:37:1c:76:bf:a4:5a:08:8b:44:90:
78:65:13:1a:28:c5:d1:95:32:78:ef:3b:72:6a:bc:5b:dc:b4:
4b:fe:fd:14:d7:94:80:e8:8e:7d:4b:21:9e:2b:c6:1f:8f:ce:
38:85:cc:3d:c5:88:11:2f:ec:6a:2d:ff:ab:9b:da:d4:9b:8e:
68:2c:d3:6b:3f:ca:44:95:a9:e2:e2:9f:82:e3:aa:e6:4e:af:
dd:e2:46:98:cb:a2:2f:1f:e8:f3:b8:45:38:b5:76:8f:cc:12:
ba:02:18:c1:c0:58:32:35:55:a7:ec:51:64:78:4c:e2:80:6f:
74:fe:e4:c3:9f:f2:ea:dc:c4:bf:78:be:90:56:5e:6c:a0:09:
57:20:a7:c4:c9:94:08:ea:5f:8d:d4:48:96:e3:95:61:9b:08:
c6:bc:fc:dc:70:b5:5c:60:24:22:64:89:55:22:47:f4:9f:85:
9b:5f:8a:74:c0:90:f3:02:3d:7d:10:88:36:b9:d9:1b:11:c0:
24:1f:61:1d:08:31:fc:11:66:91:bb:73:c5:10:f3:2d:5b:d2:
55:73:1f:ba:1e:30:9f:f3:be:52:a8:da:d9:35:e4:47:a4:8d:
8e:9c:3d:23:9c:80:7b:5d:e5:6e:bd:f4:a2:1e:36:99:7b:e7:
13:58:cd:68
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbDaxhLKHzmQsbiOFZz17UJuomRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTExMjNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5MmQyOGZjNzMzZjdmOWJjYzBmODZiZjU3NTZkYzQ3OGMzMTY5NDFkZmY4
N2QwYzhiZDQ4ODUwYTEzZWRjMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPtbPLMiZRH5HNURIxldE7I5V2FvTDaPFtceDp4+tmr3oOyN3ODTWqPXZ9c
cenJnUtl4v836VfQOZB83S709wUQjUi9hu/+RUYMdUJhpyUMCmc2UzbVSS6WzjLI
xWmRvxWhS6xaobfppM9NqB2vaBCzMeQO6TiO55ySOIxwrOKQIt/sCeXL7oyckdOX
98dHpd6st9Ju1o3ccuIyqmzA2mGzFocn9C5uuy0/XonQIWxljHt9e2dZAI10CVFz
+xo+FYh3mPlhgE0JVw/O7d31ItgpTHOTIiV14fjmuWqiZ8gzbGQdgh24qKBfnyUn
wtwEpx4HURpRXm2XxSfN4v+rgXkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQMHbVq
O6GL4zoOpnlcnu4wbn1ISzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWI3ODExYzAtZjU0OC00M2I4LTg5N2QtZmFjNjhkZTM0MzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BwA
MA0GCSqGSIb3DQEBCwUAA4IBAQCCU+YRkVWQNTccdr+kWgiLRJB4ZRMaKMXRlTJ4
7ztyarxb3LRL/v0U15SA6I59SyGeK8Yfj844hcw9xYgRL+xqLf+rm9rUm45oLNNr
P8pElani4p+C46rmTq/d4kaYy6IvH+jzuEU4tXaPzBK6AhjBwFgyNVWn7FFkeEzi
gG90/uTDn/Lq3MS/eL6QVl5soAlXIKfEyZQI6l+N1EiW45VhmwjGvPzccLVcYCQi
ZIlVIkf0n4WbX4p0wJDzAj19EIg2udkbEcAkH2EdCDH8EWaRu3PFEPMtW9JVcx+6
HjCf875SqNrZNeRHpI2OnD0jnIB7XeVuvfSiHjaZe+cTWM1o
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:31 2025 by rpki-client