Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa
File: ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa (raw, json)
Hash identifier: zrGBmtKz33SotJ00hWRCm7MMvPMJpV/2zDzf3YnLfts=
Subject key identifier: 92:57:98:26:23:0E:5F:D2:30:45:FB:D1:07:5F:8B:9A:32:E2:BF:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C2CD71A2A8AF00D48299E445D6819411860D9BE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa
Signing time: Mon 16 Jun 2025 21:01:00 +0000
ROA not before: Mon 16 Jun 2025 21:01:00 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:2c:d7:1a:2a:8a:f0:0d:48:29:9e:44:5d:68:19:41:18:60:d9:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:01:00 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=95d16968c0caf3aa0135a832f8c4f1337fbd9a7de1cbf037afb275a398e875e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:31:fa:dd:b5:f2:6c:38:89:06:0e:6d:a2:86:
c2:89:dd:13:d9:6e:45:db:f1:3d:4c:aa:52:67:41:
63:22:df:24:40:2c:76:b8:d4:4e:62:f8:ad:46:9d:
f9:df:02:87:f3:8d:d2:ce:51:af:71:76:27:d1:cc:
4b:e9:d2:17:a5:83:92:06:2e:a2:8f:64:70:9a:d4:
7c:61:7d:4f:64:1e:62:e8:f0:4a:a1:0b:60:07:f6:
00:8a:f8:0f:f8:90:48:d1:83:d6:49:e4:f3:ae:c8:
53:8b:72:35:12:24:6b:2e:b8:87:79:64:e4:8f:bd:
23:24:09:12:be:19:d0:ec:a8:9d:9a:15:ec:55:f1:
f1:5b:d8:1e:99:08:0c:71:28:45:eb:b8:1e:99:51:
83:a1:98:36:2f:55:12:88:3a:7e:6a:f9:36:81:2c:
e1:ae:6b:96:c1:75:37:dc:01:d0:d6:f6:e9:b7:62:
77:09:4c:1b:db:41:0a:7b:c3:16:4e:98:f1:23:14:
de:5f:8f:73:5a:ff:f4:74:b5:f3:1e:9b:d1:d2:97:
4a:4b:5d:06:39:30:02:5d:ff:fb:04:3d:4c:ed:f9:
a3:25:d2:56:93:d1:d0:5f:ab:0e:66:f8:e1:24:21:
d0:3c:c3:0c:a7:cd:66:a4:a0:00:98:5c:0a:4f:04:
8a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:57:98:26:23:0E:5F:D2:30:45:FB:D1:07:5F:8B:9A:32:E2:BF:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e040::/46
Signature Algorithm: sha256WithRSAEncryption
24:db:2c:ee:27:00:ca:2f:a4:1b:69:ea:e1:eb:55:b6:41:58:
37:c6:41:e6:59:62:ef:10:b4:97:6b:7b:35:ae:18:58:8f:87:
83:78:2e:c8:a1:a8:93:cd:ff:fe:4f:f3:04:d2:07:82:b3:b5:
c5:50:d3:73:24:10:bc:8b:48:44:1d:e1:17:24:c0:e3:f5:71:
97:fe:98:5c:b5:8c:72:19:1e:c7:3a:96:42:ff:71:ce:24:fb:
c3:85:eb:50:85:1a:6a:be:25:dc:9b:31:f6:a6:f7:33:db:4c:
b5:aa:f0:87:11:d2:3a:2b:33:60:e6:3f:02:f6:67:25:7a:b6:
3d:eb:b4:45:41:a7:28:5f:45:e5:ed:db:60:32:5c:0b:92:e8:
3a:79:e7:5b:d6:9d:ff:d1:44:f6:c9:16:07:64:82:3d:29:24:
85:71:70:41:c9:af:31:76:69:49:8f:29:3c:47:1d:d3:ba:e2:
4f:92:9f:4d:6f:c3:25:34:db:5e:12:08:9d:7c:fa:9e:f0:67:
06:8d:43:fa:cf:58:cc:99:68:a5:69:f3:4e:c4:3d:0b:3c:cf:
44:17:6c:f6:d6:3d:f6:72:e5:1c:4f:39:d2:fd:a0:4b:b7:37:
17:91:ff:2c:b7:85:d6:4f:36:e8:85:4c:9f:86:d3:ce:17:b3:
e0:ce:7c:d3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULCzXGiqK8A1IKZ5EXWgZQRhg2b4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAxMDBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1ZDE2OTY4YzBjYWYzYWEwMTM1YTgzMmY4YzRmMTMzN2ZiZDlhN2RlMWNi
ZjAzN2FmYjI3NWEzOThlODc1ZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgx+t218mw4iQYObaKGwondE9luRdvxPUyqUmdBYyLfJEAsdrjUTmL4rUad
+d8Ch/ON0s5Rr3F2J9HMS+nSF6WDkgYuoo9kcJrUfGF9T2QeYujwSqELYAf2AIr4
D/iQSNGD1knk867IU4tyNRIkay64h3lk5I+9IyQJEr4Z0OyonZoV7FXx8VvYHpkI
DHEoReu4HplRg6GYNi9VEog6fmr5NoEs4a5rlsF1N9wB0Nb26bdidwlMG9tBCnvD
Fk6Y8SMU3l+Pc1r/9HS18x6b0dKXSktdBjkwAl3/+wQ9TO35oyXSVpPR0F+rDmb4
4SQh0DzDDKfNZqSgAJhcCk8EipkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSSV5gm
Iw5f0jBF+9EHX4uaMuK/XzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIxNzMwYTItYmI2My00YTk0LTgwYWUtZTg0YWNkZWY5M2IyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXg
QDANBgkqhkiG9w0BAQsFAAOCAQEAJNss7icAyi+kG2nq4etVtkFYN8ZB5lli7xC0
l2t7Na4YWI+Hg3guyKGok83//k/zBNIHgrO1xVDTcyQQvItIRB3hFyTA4/Vxl/6Y
XLWMchkexzqWQv9xziT7w4XrUIUaar4l3Jsx9qb3M9tMtarwhxHSOiszYOY/AvZn
JXq2Peu0RUGnKF9F5e3bYDJcC5LoOnnnW9ad/9FE9skWB2SCPSkkhXFwQcmvMXZp
SY8pPEcd07riT5KfTW/DJTTbXhIInXz6nvBnBo1D+s9YzJlopWnzTsQ9CzzPRBds
9tY99nLlHE850v2gS7c3F5H/LLeF1k826IVMn4bTzhez4M580w==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:47 2025 by rpki-client