Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
File: ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa (raw, json)
Hash identifier: 7Kn9KSCpwqgWStwVq0rDRT944JaJED5Y2nTlsbcQiZ4=
Subject key identifier: AC:10:F5:FC:E0:68:34:1F:DC:84:06:6F:08:CC:3A:1F:2E:AB:B1:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 309A98D3E17F5633A198C8B59E23B68237D83CB4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
Signing time: Tue 05 Aug 2025 19:01:03 +0000
ROA not before: Tue 05 Aug 2025 19:01:03 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:9a:98:d3:e1:7f:56:33:a1:98:c8:b5:9e:23:b6:82:37:d8:3c:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:01:03 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=3834f2b49935c4b67a1d419e2cb8788d34bada8f7510c1b2fbbcdc07a52ab7a6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:33:ac:30:1e:6b:a0:41:c8:30:09:1f:b5:c7:
aa:29:58:bd:00:27:40:0f:04:a4:f5:9f:13:81:5c:
02:b3:45:12:8e:ca:1c:d7:ec:42:fc:b5:e8:df:b5:
09:0c:96:1f:9a:d7:bc:50:26:a1:ac:70:ce:2f:de:
5b:a1:b9:fe:8c:a0:b8:da:74:fc:1f:31:4e:c1:f9:
37:65:56:6e:2f:bc:65:6b:9c:bc:62:7a:c8:a7:68:
fa:e7:5a:34:28:a8:d3:9d:03:f4:bd:4d:62:cb:81:
c5:f9:51:36:a5:e2:d0:29:8d:cc:05:10:1d:37:16:
d2:c8:1a:17:37:22:98:6f:42:df:35:99:fd:7b:ed:
bd:09:77:5a:38:70:96:83:68:b8:d7:a3:9d:b7:8e:
41:5f:42:ab:c8:29:2b:89:e0:62:e7:1c:60:dc:22:
b5:6f:f1:d4:03:b8:2c:2e:81:53:0f:6f:5c:09:9c:
43:f2:31:56:b7:16:b6:b9:a2:bb:92:7a:ad:c2:5c:
c7:08:7a:d1:d5:5c:44:da:ed:4a:50:8b:45:99:50:
d5:47:ee:12:ff:fc:98:90:9d:5e:b9:89:6f:53:7d:
ea:4e:3f:14:69:55:57:2d:e3:5c:1c:01:fe:ac:2b:
c8:95:f4:97:35:68:9b:ba:6e:83:b9:a3:e6:b0:59:
35:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:10:F5:FC:E0:68:34:1F:DC:84:06:6F:08:CC:3A:1F:2E:AB:B1:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
a1:dc:c6:b7:db:c8:29:4c:41:6b:53:08:34:ef:ca:6a:68:4a:
e1:a0:1f:44:2c:15:4d:23:9a:dc:d6:3d:67:b5:bd:b0:01:78:
b9:c9:dd:a3:ec:38:1a:c7:f1:5b:d8:6d:6f:e8:51:a6:da:49:
25:a6:b8:a1:e5:b0:09:41:32:af:8e:da:0a:4a:37:30:39:88:
b1:a0:70:8b:95:41:40:f2:f4:87:10:3c:22:da:12:07:8d:b2:
c8:6f:7a:0f:84:96:03:a8:10:f3:e3:3f:c7:3f:76:1d:ab:9a:
74:ea:79:d1:59:9a:86:66:74:20:75:16:44:b0:15:e4:c9:19:
bd:0e:51:08:b6:ae:20:25:d4:d7:d2:ba:d0:93:d9:e1:c2:16:
48:33:57:51:02:31:f5:cb:b0:1c:97:57:84:67:c8:dc:4c:af:
79:5b:cb:58:d8:ea:2b:8a:d6:89:15:20:6b:17:f0:92:bb:64:
23:b2:21:19:86:f0:5d:a8:3d:62:35:1e:f1:f5:c1:b1:89:dd:
b4:7c:fe:8b:63:70:7c:3b:70:be:44:06:bf:56:7a:06:f4:0b:
15:23:3f:93:c6:14:ed:e1:10:f2:41:ed:ea:60:61:d1:7f:89:
96:9b:43:2c:a5:a8:2a:d0:4a:a1:08:60:50:dd:9b:8b:44:59:
6f:29:86:80
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMJqY0+F/VjOhmMi1niO2gjfYPLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAxMDNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4MzRmMmI0OTkzNWM0YjY3YTFkNDE5ZTJjYjg3ODhkMzRiYWRhOGY3NTEw
YzFiMmZiYmNkYzA3YTUyYWI3YTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMczrDAea6BByDAJH7XHqilYvQAnQA8EpPWfE4FcArNFEo7KHNfsQvy16N+1
CQyWH5rXvFAmoaxwzi/eW6G5/oyguNp0/B8xTsH5N2VWbi+8ZWucvGJ6yKdo+uda
NCio050D9L1NYsuBxflRNqXi0CmNzAUQHTcW0sgaFzcimG9C3zWZ/XvtvQl3Wjhw
loNouNejnbeOQV9Cq8gpK4ngYuccYNwitW/x1AO4LC6BUw9vXAmcQ/IxVrcWtrmi
u5J6rcJcxwh60dVcRNrtSlCLRZlQ1UfuEv/8mJCdXrmJb1N96k4/FGlVVy3jXBwB
/qwryJX0lzVom7pug7mj5rBZNZECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSsEPX8
4Gg0H9yEBm8IzDofLquxZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIxZmRjNGEtZmExYS00ODEzLTgyNzItOTYwMWEzZDc1NWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAodzGt9vIKUxBa1MINO/KamhK4aAfRCwVTSOa
3NY9Z7W9sAF4ucndo+w4GsfxW9htb+hRptpJJaa4oeWwCUEyr47aCko3MDmIsaBw
i5VBQPL0hxA8ItoSB42yyG96D4SWA6gQ8+M/xz92HauadOp50VmahmZ0IHUWRLAV
5MkZvQ5RCLauICXU19K60JPZ4cIWSDNXUQIx9cuwHJdXhGfI3EyveVvLWNjqK4rW
iRUgaxfwkrtkI7IhGYbwXag9YjUe8fXBsYndtHz+i2NwfDtwvkQGv1Z6BvQLFSM/
k8YU7eEQ8kHt6mBh0X+JlptDLKWoKtBKoQhgUN2bi0RZbymGgA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:05 2025 by rpki-client