Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
File: abbeedab-21fb-4993-b3ce-b753ba293d00.roa (raw, json)
Hash identifier: UJGVithXNBo2qOBK5AeGTaWzXR0N+c22DlBz3eWRU04=
Subject key identifier: 6A:23:32:55:19:E6:3C:7A:0D:84:50:08:6D:88:5F:66:4D:4D:07:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34B4FF71F5C65EE32D586470C82641C2E8CDC30D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
Signing time: Mon 01 Sep 2025 20:30:39 +0000
ROA not before: Mon 01 Sep 2025 20:30:39 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 15:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:b4:ff:71:f5:c6:5e:e3:2d:58:64:70:c8:26:41:c2:e8:cd:c3:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:39 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=a238b36e6cfc1f6fcf4118db1c1dc5f52df22df2f35764c1e4468032c2044238, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f5:a6:c5:55:b4:ed:20:2c:4e:a9:54:ff:e9:
2e:9a:2f:3c:e7:12:55:65:e5:fb:d3:49:43:37:cd:
df:92:82:06:26:0d:5f:16:9c:0a:48:7d:8c:1e:79:
4e:81:51:7a:41:cb:23:f7:7f:0e:82:84:61:63:c3:
9b:a5:9b:41:34:ba:26:13:22:98:89:43:cb:3b:6b:
fc:f0:e7:d0:27:9f:a9:77:26:bb:0f:70:be:5f:11:
aa:0f:83:22:11:76:e1:af:fc:ea:b9:a7:d8:12:ae:
6b:17:c9:a2:81:0a:87:61:de:5b:ed:61:f1:99:c1:
3d:8e:e5:73:d1:ea:fb:1e:d7:d0:9b:75:31:b1:38:
37:48:7c:3f:97:b7:52:06:60:d4:9f:14:6b:63:aa:
04:42:a7:00:dc:60:3b:1a:62:a3:96:98:24:5a:a5:
0e:f8:0b:38:8b:34:5e:8f:f0:30:ac:11:d6:99:46:
9d:c8:60:65:97:9b:1c:91:d1:fe:0b:8e:e6:52:ef:
b0:6e:29:5b:c3:3d:bf:54:40:d6:de:1f:7c:67:7b:
49:31:19:1f:dc:33:f6:7e:6c:ce:be:6a:5c:e5:bb:
84:c0:b6:80:68:3b:13:81:da:e4:81:e3:cf:75:ed:
cc:6a:62:36:5e:bc:10:07:63:98:d4:49:ed:d4:ed:
3a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:23:32:55:19:E6:3C:7A:0D:84:50:08:6D:88:5F:66:4D:4D:07:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:e000::/40
Signature Algorithm: sha256WithRSAEncryption
97:70:37:88:06:c0:ac:7f:f5:e7:57:30:26:70:10:07:3f:9c:
ab:31:44:73:90:2c:ea:a2:55:28:c4:36:64:ed:49:3b:f2:12:
ed:4e:13:c8:25:ac:b8:43:e5:0f:83:40:b0:1e:b4:2c:05:e1:
d8:6a:17:f6:94:18:bd:a1:e3:c8:b4:6c:7e:0f:d3:af:6d:38:
68:04:45:bb:65:6b:60:fb:b3:30:ff:55:8f:45:d8:d0:ba:0a:
c2:8e:d4:6c:c7:b1:58:a7:62:9c:9d:77:79:5a:21:a4:55:dd:
bf:4c:d5:bc:53:2d:0e:e9:ce:56:73:3c:bb:d7:70:fd:aa:c8:
a1:19:4d:6d:41:05:13:7a:f5:e9:20:01:59:d1:0d:54:7f:b1:
25:24:be:a0:b6:b0:03:58:2d:1e:aa:0b:cf:9b:53:dd:04:d4:
40:36:09:68:ae:e4:ec:82:5d:69:80:3a:58:29:16:1e:07:e2:
17:4e:a5:c3:dd:68:56:90:29:bc:fe:8d:c4:ba:d8:18:e1:4e:
00:66:bc:2c:e2:a1:e0:a7:7a:6b:db:96:f8:45:a4:97:a1:02:
81:c8:d2:91:cd:fc:0f:30:d3:a9:20:4c:f7:8d:99:06:e0:62:
16:bc:11:2d:e6:d7:41:48:cb:07:95:4d:e9:87:87:e7:85:7e:
2e:b5:07:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNLT/cfXGXuMtWGRwyCZBwujNww0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwMzlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyMzhiMzZlNmNmYzFmNmZjZjQxMThkYjFjMWRjNWY1MmRmMjJkZjJmMzU3
NjRjMWU0NDY4MDMyYzIwNDQyMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALb1psVVtO0gLE6pVP/pLpovPOcSVWXl+9NJQzfN35KCBiYNXxacCkh9jB55
ToFRekHLI/d/DoKEYWPDm6WbQTS6JhMimIlDyztr/PDn0CefqXcmuw9wvl8Rqg+D
IhF24a/86rmn2BKuaxfJooEKh2HeW+1h8ZnBPY7lc9Hq+x7X0Jt1MbE4N0h8P5e3
UgZg1J8Ua2OqBEKnANxgOxpio5aYJFqlDvgLOIs0Xo/wMKwR1plGnchgZZebHJHR
/guO5lLvsG4pW8M9v1RA1t4ffGd7STEZH9wz9n5szr5qXOW7hMC2gGg7E4Ha5IHj
z3XtzGpiNl68EAdjmNRJ7dTtOs0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRqIzJV
GeY8eg2EUAhtiF9mTU0HnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWJiZWVkYWItMjFmYi00OTkzLWIzY2UtYjc1M2JhMjkzZDAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDg
MA0GCSqGSIb3DQEBCwUAA4IBAQCXcDeIBsCsf/XnVzAmcBAHP5yrMURzkCzqolUo
xDZk7Uk78hLtThPIJay4Q+UPg0CwHrQsBeHYahf2lBi9oePItGx+D9OvbThoBEW7
ZWtg+7Mw/1WPRdjQugrCjtRsx7FYp2KcnXd5WiGkVd2/TNW8Uy0O6c5Wczy713D9
qsihGU1tQQUTevXpIAFZ0Q1Uf7ElJL6gtrADWC0eqgvPm1PdBNRANgloruTsgl1p
gDpYKRYeB+IXTqXD3WhWkCm8/o3EutgY4U4AZrws4qHgp3pr25b4RaSXoQKByNKR
zfwPMNOpIEz3jZkG4GIWvBEt5tdBSMsHlU3ph4fnhX4utQcR
-----END CERTIFICATE-----
Generated at Thu Sep 18 00:38:33 2025 by rpki-client