Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
File: ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa (raw, json)
Hash identifier: 1BYkWG71nbTetOpjiQiPe7dUtGXrHpw2pRRMcPDzGxY=
Subject key identifier: FF:C6:B5:59:9E:CE:4C:D7:2B:9C:76:B9:41:2B:60:B1:C8:72:E6:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F73F7B90F881627AE56368B452DABA2C38D1BF9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
Signing time: Tue 05 Aug 2025 19:10:49 +0000
ROA not before: Tue 05 Aug 2025 19:10:49 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:73:f7:b9:0f:88:16:27:ae:56:36:8b:45:2d:ab:a2:c3:8d:1b:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:10:49 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=b0f1b2729aa04744be26b56ba189d7390ed9851da6aba9e82aab645b51996085, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a0:f9:e2:f1:74:ca:f3:dc:0c:46:c6:4b:2a:
9a:64:e4:1d:64:13:95:7e:f9:18:05:b0:51:9d:ac:
0c:0e:06:66:56:f2:5f:21:28:c7:8d:75:e1:6a:71:
33:65:76:cd:ef:f7:f1:ec:12:3b:96:90:7f:8e:4a:
c2:62:46:f8:54:36:8f:7e:98:07:32:67:db:82:18:
9e:99:e1:60:b2:37:4f:13:8b:b8:ae:1e:a7:99:19:
51:13:fa:36:e4:c3:2d:fc:19:e0:27:57:ca:0d:73:
79:f8:bb:5f:90:05:c2:01:a0:af:ed:dc:15:67:09:
da:b0:27:cc:ea:56:e7:15:b0:49:3a:bf:ba:e1:5c:
5f:5f:bf:23:53:60:d1:66:a5:80:b3:05:76:e3:93:
a2:8a:19:c1:03:94:20:d8:f6:b3:79:df:5e:55:e2:
5e:7c:db:8f:e8:da:72:50:9c:dd:c0:d1:3b:76:fd:
22:41:3d:e0:c4:aa:00:d3:5a:ab:95:24:d5:ba:4f:
cf:a4:88:33:8b:1c:5e:7a:b9:ec:28:57:7d:78:73:
6a:7b:b1:2b:3e:07:7a:d1:1c:d9:3d:72:2a:cf:4d:
5b:10:03:c2:93:d3:9c:1f:fe:db:f4:6f:2d:f8:cc:
45:1b:d0:54:51:69:24:45:96:85:bd:b6:7c:e2:b3:
59:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C6:B5:59:9E:CE:4C:D7:2B:9C:76:B9:41:2B:60:B1:C8:72:E6:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
1f:89:60:fe:d1:6b:2f:00:fc:42:87:b6:33:c6:cb:fe:21:77:
f8:81:ee:8d:20:9b:b2:31:53:17:d0:20:1f:32:cb:de:2c:54:
ee:9f:97:a1:8d:75:c1:e5:46:74:58:4a:d8:21:40:3d:63:a0:
5b:0e:4c:8d:8d:70:ae:cf:6a:0e:8e:37:39:2d:42:6e:e9:04:
02:f1:cc:d9:11:16:c6:a7:d3:c3:07:79:86:f8:2f:ae:34:fc:
cd:eb:81:b3:85:c8:3a:ec:1a:80:19:88:52:a2:75:66:36:ce:
9c:3b:90:ee:76:18:53:f0:23:e5:bc:51:6e:a5:c6:24:cb:d9:
4d:c2:f0:31:59:74:3e:76:33:f1:36:9e:57:74:ae:2e:cc:ac:
b4:66:4b:03:59:85:49:ba:a9:3e:ac:0b:78:95:69:e8:60:5d:
f3:04:fa:fe:16:e5:0f:1d:46:29:a3:4a:9c:3f:42:9c:16:08:
ed:86:5b:e6:f3:1e:ad:48:bc:c9:bb:df:a0:22:05:f1:d9:94:
b0:e8:ca:bd:d5:53:33:86:8a:be:f7:18:ca:d2:ec:42:e5:3d:
79:3a:68:88:65:31:5c:a1:ea:64:5d:71:b1:d9:79:39:1d:1a:
37:18:b2:12:87:7e:89:59:10:a4:c1:f3:67:7b:5c:fc:0a:f7:
18:d0:05:92
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUT3P3uQ+IFieuVjaLRS2rosONG/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTEwNDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwZjFiMjcyOWFhMDQ3NDRiZTI2YjU2YmExODlkNzM5MGVkOTg1MWRhNmFi
YTllODJhYWI2NDViNTE5OTYwODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCg+eLxdMrz3AxGxksqmmTkHWQTlX75GAWwUZ2sDA4GZlbyXyEox4114Wpx
M2V2ze/38ewSO5aQf45KwmJG+FQ2j36YBzJn24IYnpnhYLI3TxOLuK4ep5kZURP6
NuTDLfwZ4CdXyg1zefi7X5AFwgGgr+3cFWcJ2rAnzOpW5xWwSTq/uuFcX1+/I1Ng
0WalgLMFduOToooZwQOUINj2s3nfXlXiXnzbj+jaclCc3cDRO3b9IkE94MSqANNa
q5Uk1bpPz6SIM4scXnq57ChXfXhzanuxKz4HetEc2T1yKs9NWxADwpPTnB/+2/Rv
LfjMRRvQVFFpJEWWhb22fOKzWUUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT/xrVZ
ns5M1yucdrlBK2CxyHLmajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIyMzJiODYtOWJkNi00MDljLThkZTUtOTJiZmZmMmE4YjVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
wDANBgkqhkiG9w0BAQsFAAOCAQEAH4lg/tFrLwD8Qoe2M8bL/iF3+IHujSCbsjFT
F9AgHzLL3ixU7p+XoY11weVGdFhK2CFAPWOgWw5MjY1wrs9qDo43OS1CbukEAvHM
2REWxqfTwwd5hvgvrjT8zeuBs4XIOuwagBmIUqJ1ZjbOnDuQ7nYYU/Aj5bxRbqXG
JMvZTcLwMVl0PnYz8TaeV3SuLsystGZLA1mFSbqpPqwLeJVp6GBd8wT6/hblDx1G
KaNKnD9CnBYI7YZb5vMerUi8ybvfoCIF8dmUsOjKvdVTM4aKvvcYytLsQuU9eTpo
iGUxXKHqZF1xsdl5OR0aNxiyEod+iVkQpMHzZ3tc/Ar3GNAFkg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:16 2025 by rpki-client