Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
File: ab7811c0-f548-43b8-897d-fac68de3433a.roa (raw, json)
Hash identifier: WjoF9QSHjRRyiMCD9vpG+i4jykW92hSdI7gp1D45U3c=
Subject key identifier: 93:37:42:15:65:2C:B6:5B:33:58:92:4C:79:C2:7F:97:4E:83:57:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5768CA113D8ED6D0867A645ED02984E120BF8724
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
Signing time: Tue 05 Aug 2025 20:11:35 +0000
ROA not before: Tue 05 Aug 2025 20:11:35 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:68:ca:11:3d:8e:d6:d0:86:7a:64:5e:d0:29:84:e1:20:bf:87:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:35 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=96d171a4307c5306d1d8cacc08f63568e2014521e372432d845137571977f70d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4c:29:95:98:c6:38:39:98:9d:d9:f3:5f:31:
a1:31:ed:28:e8:b0:74:f2:e3:29:48:88:e1:c0:a1:
f1:ee:c9:fc:b0:7d:3b:a9:55:0d:bf:4b:08:75:74:
25:19:c7:f5:cf:9b:7e:51:af:a2:e5:ea:35:b8:1d:
59:c1:4a:ae:cf:fb:41:ff:2b:15:8f:d3:86:7e:81:
b5:e6:0e:56:47:a2:12:3e:87:42:94:d0:74:73:6d:
38:3e:73:13:38:9a:28:9c:d6:b9:70:ca:16:5c:cf:
58:9c:50:88:e0:6e:f4:ec:bc:e2:8c:6e:79:63:2d:
7c:18:eb:43:4f:5a:7c:e7:8f:a3:60:90:33:9c:ac:
98:51:22:87:9b:c7:ab:db:d6:5f:b0:44:18:66:2a:
7e:99:de:46:d6:89:5c:26:af:48:fe:b5:6d:c8:d2:
a5:8b:cd:50:90:40:37:56:13:c8:19:1c:a9:23:3d:
e4:79:5a:c3:c9:9a:33:ce:46:fc:1f:eb:1c:a1:34:
3f:c2:0c:b4:5c:52:a3:ca:a6:bf:11:c8:3d:b8:5d:
7d:16:8e:76:4e:07:4b:e0:cc:ed:6e:44:99:01:b6:
52:f2:bb:7c:e0:93:3e:e2:dc:e0:d1:c4:ee:b4:86:
c6:b9:c5:0b:64:f9:eb:6f:68:eb:0d:fe:2c:fc:b4:
0a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:37:42:15:65:2C:B6:5B:33:58:92:4C:79:C2:7F:97:4E:83:57:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c::/36
Signature Algorithm: sha256WithRSAEncryption
13:1e:9c:1e:fe:0c:7a:da:e2:ed:7f:cc:31:51:1a:46:27:64:
b6:96:b9:ee:a5:38:9f:b7:61:cf:ef:d1:45:30:ab:56:d3:e8:
26:ac:37:d0:b3:a3:06:30:dd:d6:d1:d8:c8:33:4d:73:25:2c:
ae:02:c1:44:a8:26:40:5a:10:57:a0:4d:da:af:8a:71:fd:dc:
df:fc:5f:84:af:1f:d3:93:86:63:84:ea:1a:c6:50:0b:67:10:
74:a5:9a:97:e2:fc:ea:21:d5:a4:50:ea:f5:5e:f3:4e:11:f3:
d9:f5:de:5c:fa:c2:64:bc:34:46:22:60:07:9c:b9:d4:9d:d8:
eb:61:2a:11:d7:55:03:19:75:99:24:be:b4:0e:0c:b1:d5:dc:
44:a5:98:24:83:14:78:dc:75:f8:a3:82:04:37:46:73:94:18:
a7:45:5a:cc:80:0f:64:ed:f2:9f:fa:c5:a9:ba:2e:d8:a8:30:
a4:9c:bc:46:c4:ad:5a:7b:b6:75:64:3b:47:61:c9:a4:50:d1:
00:22:c6:aa:ff:1b:6e:ee:bb:f2:7b:ce:18:1e:a6:77:41:36:
2a:6e:f1:20:8c:38:6b:80:e4:47:81:6d:15:67:22:13:9d:c8:
82:9f:d8:fe:61:ca:0e:38:58:07:a3:6c:d2:8a:41:5e:29:52:
63:12:e4:7c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV2jKET2O1tCGemRe0CmE4SC/hyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMzVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2ZDE3MWE0MzA3YzUzMDZkMWQ4Y2FjYzA4ZjYzNTY4ZTIwMTQ1MjFlMzcy
NDMyZDg0NTEzNzU3MTk3N2Y3MGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJMKZWYxjg5mJ3Z818xoTHtKOiwdPLjKUiI4cCh8e7J/LB9O6lVDb9LCHV0
JRnH9c+bflGvouXqNbgdWcFKrs/7Qf8rFY/Thn6BteYOVkeiEj6HQpTQdHNtOD5z
EziaKJzWuXDKFlzPWJxQiOBu9Oy84oxueWMtfBjrQ09afOePo2CQM5ysmFEih5vH
q9vWX7BEGGYqfpneRtaJXCavSP61bcjSpYvNUJBAN1YTyBkcqSM95Hlaw8maM85G
/B/rHKE0P8IMtFxSo8qmvxHIPbhdfRaOdk4HS+DM7W5EmQG2UvK7fOCTPuLc4NHE
7rSGxrnFC2T5629o6w3+LPy0Cs0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSTN0IV
ZSy2WzNYkkx5wn+XToNXZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWI3ODExYzAtZjU0OC00M2I4LTg5N2QtZmFjNjhkZTM0MzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BwA
MA0GCSqGSIb3DQEBCwUAA4IBAQATHpwe/gx62uLtf8wxURpGJ2S2lrnupTift2HP
79FFMKtW0+gmrDfQs6MGMN3W0djIM01zJSyuAsFEqCZAWhBXoE3ar4px/dzf/F+E
rx/Tk4ZjhOoaxlALZxB0pZqX4vzqIdWkUOr1XvNOEfPZ9d5c+sJkvDRGImAHnLnU
ndjrYSoR11UDGXWZJL60Dgyx1dxEpZgkgxR43HX4o4IEN0ZzlBinRVrMgA9k7fKf
+sWpui7YqDCknLxGxK1ae7Z1ZDtHYcmkUNEAIsaq/xtu7rvye84YHqZ3QTYqbvEg
jDhrgORHgW0VZyITnciCn9j+YcoOOFgHo2zSikFeKVJjEuR8
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:07 2025 by rpki-client