Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa
File: ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa (raw, json)
Hash identifier: M7dnhD1nXDGyLAyr/n+q3PtEjY8zY0E30dL5ClOE7wk=
Subject key identifier: 5C:95:66:7D:1F:29:95:31:D9:20:CE:74:6E:5B:19:4B:D5:6E:C9:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 223836895383C605A39F36D3B2C3156D0EADD43F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa
Signing time: Tue 20 May 2025 19:51:04 +0000
ROA not before: Tue 20 May 2025 19:51:04 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:38:36:89:53:83:c6:05:a3:9f:36:d3:b2:c3:15:6d:0e:ad:d4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:51:04 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e0301f8655737f20d6daca0e184774cfe756b607c628230a69cf4525f268dd63, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:eb:1f:0f:e7:ea:ab:05:5b:d3:de:06:52:b3:
fd:bd:c2:d9:6a:ac:ac:67:7d:25:a4:ba:85:bd:d7:
08:fb:0e:15:02:c8:1a:c4:73:ce:bf:85:ba:7c:47:
cb:ac:6c:b3:7f:e4:71:af:49:fa:0a:77:a8:7b:7d:
9b:74:84:71:03:32:fe:d4:f0:ee:57:7c:05:c8:c3:
03:69:d1:bd:df:8e:9a:3a:34:83:55:31:7c:64:d0:
ad:06:95:3f:60:c4:7b:f1:42:f0:91:14:a1:7e:27:
24:de:ff:53:cb:80:a8:0f:e5:f7:a2:a8:a1:79:cf:
72:d7:0e:04:82:55:65:bc:f8:d7:c8:12:d8:8d:c2:
f5:91:31:6f:a4:7d:e6:52:b7:d4:4d:27:de:a4:6e:
20:17:22:d0:88:ef:a4:39:4f:2f:96:c7:78:b5:cf:
59:b0:4a:18:1a:90:99:2f:20:60:51:29:45:bd:05:
cb:8c:67:b6:a8:3f:42:00:b5:41:8d:ff:86:f8:95:
52:2e:d6:bd:63:18:a5:e7:dd:8c:ee:6c:fe:f1:8e:
03:30:d6:81:2e:ae:94:9f:58:4a:e5:b2:9d:ed:46:
cb:db:b3:89:70:4d:2c:d7:e1:43:25:35:72:55:85:
2e:cf:6d:bc:bc:11:54:e2:32:14:04:dc:06:2f:13:
93:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:95:66:7D:1F:29:95:31:D9:20:CE:74:6E:5B:19:4B:D5:6E:C9:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e040::/46
Signature Algorithm: sha256WithRSAEncryption
45:c3:82:4f:aa:06:22:ab:3c:52:1f:65:45:3b:29:90:69:ea:
91:47:76:5b:87:a5:d9:9f:77:a8:4c:60:79:4d:e7:5a:80:07:
ae:ec:dd:b1:c8:a9:f6:be:b2:bd:f6:89:a9:87:f9:2b:53:fc:
1c:e4:cc:5a:a5:3b:27:1a:d4:b7:ef:35:a2:95:46:4d:cc:63:
8d:63:cb:89:66:42:5b:5b:7f:97:c8:11:21:31:8a:cf:cd:69:
cf:a7:51:ab:df:b5:1d:8a:4e:d7:0c:c9:ac:e3:cd:54:47:ff:
0d:90:8d:28:b1:a9:8a:d1:8d:81:65:e3:7a:f8:31:ac:59:df:
fd:71:1d:11:3b:9c:31:7e:96:0f:e6:0d:46:41:e4:20:fe:9b:
3c:26:62:7b:46:75:50:56:0f:ae:ab:57:08:66:fa:6f:2f:80:
0a:46:46:c7:1d:ba:4a:c7:10:c5:cb:85:23:2c:8a:f6:d7:c9:
e3:45:5b:fa:c9:c6:ba:fb:2f:81:cd:5d:cc:9a:76:d3:b6:ec:
45:de:35:89:eb:fb:81:7e:a3:ca:63:6d:dc:34:39:be:9a:d7:
3f:c6:66:14:da:56:6f:d2:1c:32:f0:d2:32:a3:9b:6c:75:00:
57:e4:d0:58:96:1b:5c:c7:ec:3a:55:6a:48:82:07:5a:d8:66:
44:50:c0:dd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIjg2iVODxgWjnzbTssMVbQ6t1D8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUxMDRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwMzAxZjg2NTU3MzdmMjBkNmRhY2EwZTE4NDc3NGNmZTc1NmI2MDdjNjI4
MjMwYTY5Y2Y0NTI1ZjI2OGRkNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXrHw/n6qsFW9PeBlKz/b3C2WqsrGd9JaS6hb3XCPsOFQLIGsRzzr+FunxH
y6xss3/kca9J+gp3qHt9m3SEcQMy/tTw7ld8BcjDA2nRvd+Omjo0g1UxfGTQrQaV
P2DEe/FC8JEUoX4nJN7/U8uAqA/l96KooXnPctcOBIJVZbz418gS2I3C9ZExb6R9
5lK31E0n3qRuIBci0IjvpDlPL5bHeLXPWbBKGBqQmS8gYFEpRb0Fy4xntqg/QgC1
QY3/hviVUi7WvWMYpefdjO5s/vGOAzDWgS6ulJ9YSuWyne1Gy9uziXBNLNfhQyU1
clWFLs9tvLwRVOIyFATcBi8Tk5sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRclWZ9
HymVMdkgznRuWxlL1W7JHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIxNzMwYTItYmI2My00YTk0LTgwYWUtZTg0YWNkZWY5M2IyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXg
QDANBgkqhkiG9w0BAQsFAAOCAQEARcOCT6oGIqs8Uh9lRTspkGnqkUd2W4el2Z93
qExgeU3nWoAHruzdscip9r6yvfaJqYf5K1P8HOTMWqU7JxrUt+81opVGTcxjjWPL
iWZCW1t/l8gRITGKz81pz6dRq9+1HYpO1wzJrOPNVEf/DZCNKLGpitGNgWXjevgx
rFnf/XEdETucMX6WD+YNRkHkIP6bPCZie0Z1UFYPrqtXCGb6by+ACkZGxx26SscQ
xcuFIyyK9tfJ40Vb+snGuvsvgc1dzJp207bsRd41iev7gX6jymNt3DQ5vprXP8Zm
FNpWb9IcMvDSMqObbHUAV+TQWJYbXMfsOlVqSIIHWthmRFDA3Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:07 2025 by rpki-client