Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
File: ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa (raw, json)
Hash identifier: C4VlJkkYEYLWKFRRRBVH6Rofvd886LCqdGTrhGmPSCM=
Subject key identifier: 3E:43:7B:DC:F6:21:80:0B:F6:68:0A:C7:02:68:47:02:74:A4:C7:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55BFD88EC580C9D55EDB257CFAF73D4C3C9E399F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
Signing time: Tue 20 May 2025 18:40:21 +0000
ROA not before: Tue 20 May 2025 18:40:21 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:bf:d8:8e:c5:80:c9:d5:5e:db:25:7c:fa:f7:3d:4c:3c:9e:39:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:40:21 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=87df97e4341742f3e4f0f7dd5567db60764b752e4466ece621c7f51440964e6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f7:a6:39:e4:6d:7b:11:01:66:f5:c3:82:cc:
75:5f:98:bd:b7:17:61:af:b0:e1:4e:40:f5:c3:69:
d7:54:60:e6:1b:00:85:24:66:60:50:f7:a8:6f:e7:
8f:70:fd:53:b9:c5:b7:5b:d3:da:72:84:58:25:17:
96:5a:59:3b:8d:c4:f4:5e:b3:fe:3a:bd:db:66:1b:
37:6e:6f:9a:ea:c9:3a:cf:38:1b:8b:0f:3b:65:31:
ff:7e:b4:d7:84:32:51:5c:a8:aa:a7:48:09:84:d4:
9d:6c:d8:e7:07:b2:da:be:93:85:0e:8b:e4:38:6e:
f0:cf:a1:db:3d:f3:28:1f:86:c4:d5:61:6c:db:2a:
25:57:6f:a8:ed:9f:aa:53:33:e6:ee:86:89:55:46:
0f:92:79:4d:31:90:15:ac:ab:61:6e:89:16:8a:f0:
24:3f:9f:64:c2:29:8f:c8:9b:66:50:6c:03:6b:98:
eb:10:26:a9:c6:06:3f:0d:e4:26:4e:83:6f:ac:be:
8e:2e:b0:b5:c2:82:01:3d:a4:0c:0a:88:8b:44:f7:
57:73:1b:4a:7c:df:14:6e:30:b9:48:94:f0:36:43:
dc:c5:9c:22:61:92:6a:82:1f:32:a9:0c:2a:28:38:
ad:68:22:0a:54:e5:3c:8b:29:14:80:b4:f5:8f:a9:
e8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:43:7B:DC:F6:21:80:0B:F6:68:0A:C7:02:68:47:02:74:A4:C7:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
0c:4c:5b:38:e5:d5:9a:64:5c:ae:2e:70:cf:82:f8:fa:54:b0:
63:ac:a0:76:35:d7:b1:07:61:c3:8c:7d:3a:99:72:1c:26:b2:
42:90:5d:45:4d:cd:98:68:76:f9:17:d0:65:bc:f1:c5:12:12:
3b:52:c6:e0:3f:86:13:b1:28:66:73:2d:ac:9a:ba:45:8e:40:
b3:f2:d0:17:5e:20:0e:db:f1:f8:0d:31:dc:92:e2:31:15:d3:
c1:92:e7:4e:6f:e3:5f:6a:0f:80:91:7f:e2:37:02:23:ba:b3:
88:16:c4:78:24:84:74:36:d5:4e:c2:3c:9b:71:95:c9:88:f4:
f0:19:c3:29:d8:8c:b7:ca:fd:a0:b5:16:56:a9:03:a8:49:85:
90:f0:b7:b9:0c:e5:9f:60:da:a7:c1:26:56:7b:08:1b:e3:1c:
be:b9:07:06:3d:d4:e8:99:ff:5c:e0:49:eb:7f:0b:27:08:2a:
48:7b:f8:ad:46:86:3c:ca:4b:d6:c5:93:94:3d:37:a4:76:5e:
a1:1b:ed:b0:48:6b:7b:ca:ef:b6:aa:0b:29:9a:f1:61:e0:4e:
dc:64:61:0f:38:b1:49:8a:90:8c:3a:a6:58:71:9a:10:3b:f1:
76:33:45:7f:3b:ca:0c:df:8f:5e:4f:92:c0:3e:91:e0:91:26:
98:c5:fa:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVb/YjsWAydVe2yV8+vc9TDyeOZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQwMjFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3ZGY5N2U0MzQxNzQyZjNlNGYwZjdkZDU1NjdkYjYwNzY0Yjc1MmU0NDY2
ZWNlNjIxYzdmNTE0NDA5NjRlNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIz3pjnkbXsRAWb1w4LMdV+YvbcXYa+w4U5A9cNp11Rg5hsAhSRmYFD3qG/n
j3D9U7nFt1vT2nKEWCUXllpZO43E9F6z/jq922YbN25vmurJOs84G4sPO2Ux/360
14QyUVyoqqdICYTUnWzY5wey2r6ThQ6L5Dhu8M+h2z3zKB+GxNVhbNsqJVdvqO2f
qlMz5u6GiVVGD5J5TTGQFayrYW6JForwJD+fZMIpj8ibZlBsA2uY6xAmqcYGPw3k
Jk6Db6y+ji6wtcKCAT2kDAqIi0T3V3MbSnzfFG4wuUiU8DZD3MWcImGSaoIfMqkM
Kig4rWgiClTlPIspFIC09Y+p6BcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ+Q3vc
9iGAC/ZoCscCaEcCdKTHXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIxZmRjNGEtZmExYS00ODEzLTgyNzItOTYwMWEzZDc1NWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
wDANBgkqhkiG9w0BAQsFAAOCAQEADExbOOXVmmRcri5wz4L4+lSwY6ygdjXXsQdh
w4x9OplyHCayQpBdRU3NmGh2+RfQZbzxxRISO1LG4D+GE7EoZnMtrJq6RY5As/LQ
F14gDtvx+A0x3JLiMRXTwZLnTm/jX2oPgJF/4jcCI7qziBbEeCSEdDbVTsI8m3GV
yYj08BnDKdiMt8r9oLUWVqkDqEmFkPC3uQzln2Dap8EmVnsIG+McvrkHBj3U6Jn/
XOBJ638LJwgqSHv4rUaGPMpL1sWTlD03pHZeoRvtsEhre8rvtqoLKZrxYeBO3GRh
DzixSYqQjDqmWHGaEDvxdjNFfzvKDN+PXk+SwD6R4JEmmMX61w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:26 2025 by rpki-client