Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
File: ab7811c0-f548-43b8-897d-fac68de3433a.roa (raw, json)
Hash identifier: +rZYdNCI2gXcaYyFyaowSEvdhtZqMbuBDn85kJ3YBmQ=
Subject key identifier: 5B:4D:1A:DC:AD:5C:3F:C2:2D:31:67:73:17:6B:3A:2D:21:D5:D9:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FD7F52555E1B563CEE507549498D699A8A4DA0A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
Signing time: Mon 16 Jun 2025 21:41:33 +0000
ROA not before: Mon 16 Jun 2025 21:41:33 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:d7:f5:25:55:e1:b5:63:ce:e5:07:54:94:98:d6:99:a8:a4:da:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:41:33 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=a829a50048400b43904d1e92b0fdf8178adf695b56550cd2a82e0d9da3936e6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:00:b5:7a:cd:65:96:a1:e8:df:2d:be:01:0f:
72:32:21:7b:ed:d2:e2:66:dc:45:7e:99:84:b7:51:
29:7d:99:9c:82:b5:c9:c8:17:7d:e1:87:1c:3c:73:
b5:23:6b:16:3d:4d:5f:20:1f:c9:2b:b8:8e:91:56:
63:08:1f:13:bd:04:69:36:8f:bb:56:e5:82:6b:fb:
c0:be:a6:d0:ad:55:b3:0c:03:e4:55:9e:e2:fd:50:
2a:6c:5c:50:59:20:72:9d:60:29:d4:4e:ff:14:2b:
48:9e:2d:20:cb:d9:0f:ea:35:0e:dc:08:d6:c3:96:
fd:dc:69:9d:04:a6:a7:ba:e4:34:27:f3:9a:8d:be:
b1:0e:76:57:2c:1a:17:db:a8:e4:08:59:cd:a4:93:
74:90:40:53:aa:10:05:11:b5:5b:d9:09:4f:6f:44:
60:6e:af:49:34:13:ed:e6:67:18:73:53:64:39:47:
be:cb:d0:29:38:76:5f:87:35:29:b8:01:f1:6f:0b:
f7:00:bc:cc:cc:62:c8:c8:01:b9:3a:1d:e5:de:99:
70:ad:e1:c9:c9:e9:8e:1e:7b:88:0c:38:98:d0:d0:
d1:30:46:fe:ea:7b:b7:c1:63:dd:53:65:61:3a:40:
82:09:c1:c2:08:50:ce:cb:ea:7f:80:ab:f9:63:15:
47:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:4D:1A:DC:AD:5C:3F:C2:2D:31:67:73:17:6B:3A:2D:21:D5:D9:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c::/36
Signature Algorithm: sha256WithRSAEncryption
3c:6a:ae:74:10:1d:eb:78:0e:be:d6:5a:46:74:24:01:17:8e:
58:67:f5:d9:31:bb:fd:84:63:a0:2a:9d:c7:79:e7:92:ac:60:
54:06:aa:4e:3d:9e:00:73:44:13:c8:01:a2:2b:e9:0c:f4:ba:
9b:4b:2b:aa:36:41:7e:cc:bb:e4:dc:d3:95:0f:46:d0:89:cd:
3e:3d:21:50:25:e1:95:f0:b2:06:0f:85:48:6f:b0:6c:3d:c6:
f1:d3:a1:a8:b1:0c:c7:39:6a:b5:85:b7:09:3c:66:a7:a4:9f:
4b:fa:3f:33:f6:5a:a0:cd:da:c7:03:a6:6e:8d:2e:dc:9e:53:
87:03:09:36:11:bc:50:8f:15:ac:83:60:a4:8a:46:d4:de:30:
7f:e6:7d:f3:59:33:a2:6f:8b:53:0f:2d:5d:f1:0a:6b:4d:42:
ce:37:0a:ad:16:2d:88:1c:bd:98:dc:03:39:92:e8:1d:b6:0b:
61:f1:5b:22:20:f6:5f:8e:4b:98:ae:ce:20:5f:2a:a8:7d:cf:
7c:d7:98:5a:63:4d:d1:7c:22:18:c0:8c:0f:82:19:55:fe:6c:
06:ad:43:f4:ce:53:86:53:c7:c0:f0:0b:a5:e8:fb:08:a9:d6:
77:b1:1e:9b:83:6d:8b:b0:39:21:2c:03:9e:fd:e3:12:01:2f:
16:bd:2d:4e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUL9f1JVXhtWPO5QdUlJjWmaik2gowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQxMzNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4MjlhNTAwNDg0MDBiNDM5MDRkMWU5MmIwZmRmODE3OGFkZjY5NWI1NjU1
MGNkMmE4MmUwZDlkYTM5MzZlNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUAtXrNZZah6N8tvgEPcjIhe+3S4mbcRX6ZhLdRKX2ZnIK1ycgXfeGHHDxz
tSNrFj1NXyAfySu4jpFWYwgfE70EaTaPu1blgmv7wL6m0K1VswwD5FWe4v1QKmxc
UFkgcp1gKdRO/xQrSJ4tIMvZD+o1DtwI1sOW/dxpnQSmp7rkNCfzmo2+sQ52Vywa
F9uo5AhZzaSTdJBAU6oQBRG1W9kJT29EYG6vSTQT7eZnGHNTZDlHvsvQKTh2X4c1
KbgB8W8L9wC8zMxiyMgBuTod5d6ZcK3hycnpjh57iAw4mNDQ0TBG/up7t8Fj3VNl
YTpAggnBwghQzsvqf4Cr+WMVRyMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbTRrc
rVw/wi0xZ3MXazotIdXZHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWI3ODExYzAtZjU0OC00M2I4LTg5N2QtZmFjNjhkZTM0MzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BwA
MA0GCSqGSIb3DQEBCwUAA4IBAQA8aq50EB3reA6+1lpGdCQBF45YZ/XZMbv9hGOg
Kp3HeeeSrGBUBqpOPZ4Ac0QTyAGiK+kM9LqbSyuqNkF+zLvk3NOVD0bQic0+PSFQ
JeGV8LIGD4VIb7BsPcbx06GosQzHOWq1hbcJPGanpJ9L+j8z9lqgzdrHA6ZujS7c
nlOHAwk2EbxQjxWsg2CkikbU3jB/5n3zWTOib4tTDy1d8QprTULONwqtFi2IHL2Y
3AM5kugdtgth8VsiIPZfjkuYrs4gXyqofc9815haY03RfCIYwIwPghlV/mwGrUP0
zlOGU8fA8Aul6PsIqdZ3sR6bg22LsDkhLAOe/eMSAS8WvS1O
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:41 2025 by rpki-client