Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
File: ab7811c0-f548-43b8-897d-fac68de3433a.roa (raw, json)
Hash identifier: zz/Z+kyI7n/InL1sClJhhrSLL8yzG6BOKouwGId31N4=
Subject key identifier: 48:C7:7F:0C:44:12:F4:7E:05:E9:FF:03:F5:47:02:34:A0:1D:6F:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 443C483C70A07F151FE4E1F028B1636DC9185C61
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
Signing time: Tue 20 May 2025 20:31:26 +0000
ROA not before: Tue 20 May 2025 20:31:26 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:3c:48:3c:70:a0:7f:15:1f:e4:e1:f0:28:b1:63:6d:c9:18:5c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:31:26 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c330dc9b65a9903adeb07aacd361b9d0fbdce8b1c2869c5ed3063db7ab7dfc50, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e8:db:8d:a4:c2:01:ae:2c:44:29:5a:45:11:
21:5d:e4:dd:10:00:3c:66:86:d2:65:d2:da:e2:41:
09:e4:3e:fb:0c:6c:46:e0:fd:9a:81:20:35:88:cd:
17:02:1d:02:4f:8e:5d:ab:0b:12:20:1d:c2:9b:6f:
2e:70:ea:a2:e8:11:36:26:f1:d3:11:82:7a:75:3b:
47:20:24:ba:1d:2f:d8:77:8d:e2:9e:76:80:ae:6a:
d4:fa:a4:61:77:f8:1f:98:bb:9f:62:78:79:15:42:
5d:91:d0:c1:2a:5b:99:79:e1:6d:b5:bd:c7:09:03:
50:ff:62:79:c4:e0:0e:4a:aa:84:ad:31:33:0a:a2:
76:99:38:a1:8b:33:a6:8b:5b:69:d1:b5:e9:1d:3c:
06:ae:90:8b:93:36:22:07:4a:ce:61:31:89:81:51:
2b:c1:e4:93:fa:62:b8:13:cd:12:ac:c5:57:4c:b2:
62:a2:d3:ed:86:00:93:75:bb:e8:cd:4c:38:38:fc:
90:64:f6:48:c4:07:38:c0:ab:55:83:bd:19:6a:86:
87:72:69:10:de:21:65:8d:ad:04:2f:70:ec:f1:df:
ac:7d:a8:f7:65:63:91:47:b4:f0:9d:37:7f:d7:90:
25:d1:28:55:94:35:42:40:d6:6b:53:39:bb:20:28:
58:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C7:7F:0C:44:12:F4:7E:05:E9:FF:03:F5:47:02:34:A0:1D:6F:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c::/36
Signature Algorithm: sha256WithRSAEncryption
91:23:48:cf:65:74:6c:63:e7:7d:a5:5b:42:18:af:8d:55:2e:
ec:83:25:8c:1b:6e:64:7c:9d:36:25:ac:cb:85:75:68:66:c5:
47:f9:50:5c:0b:94:7b:97:62:b7:0a:7e:bc:74:0f:4a:86:a9:
6d:83:85:68:6f:04:73:47:f5:6c:15:1d:34:f3:7b:d4:44:db:
7b:6f:d9:d0:cb:05:ef:30:2e:5c:bb:89:07:61:50:9f:30:3d:
76:d5:6c:2a:f2:a0:28:59:bd:63:1f:3d:a7:2e:d1:e3:5f:5d:
62:b0:61:fa:f2:2a:0f:78:81:75:79:dc:d1:3b:97:1a:e8:43:
81:d6:68:bb:f9:91:af:cc:8c:68:5e:15:8e:b0:70:85:bc:df:
09:25:60:3c:63:c0:91:79:22:66:11:33:72:b3:c3:12:d6:c2:
12:fa:d0:e1:99:23:f0:5c:6d:04:db:30:c7:b0:13:50:da:14:
d5:af:0e:e6:03:6e:97:5f:45:2a:32:d5:23:9b:0f:6e:f2:7e:
73:5b:20:eb:8e:fa:64:7c:13:61:b1:01:ab:1b:41:fb:c2:85:
03:c5:8d:af:34:bb:9b:f2:1f:d7:86:dd:31:5c:4b:85:dd:44:
60:08:18:7f:9e:1a:76:6a:23:c9:b1:09:28:46:76:d3:9b:ff:
e9:32:67:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURDxIPHCgfxUf5OHwKLFjbckYXGEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMxMjZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzMzBkYzliNjVhOTkwM2FkZWIwN2FhY2QzNjFiOWQwZmJkY2U4YjFjMjg2
OWM1ZWQzMDYzZGI3YWI3ZGZjNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIzo242kwgGuLEQpWkURIV3k3RAAPGaG0mXS2uJBCeQ++wxsRuD9moEgNYjN
FwIdAk+OXasLEiAdwptvLnDqougRNibx0xGCenU7RyAkuh0v2HeN4p52gK5q1Pqk
YXf4H5i7n2J4eRVCXZHQwSpbmXnhbbW9xwkDUP9iecTgDkqqhK0xMwqidpk4oYsz
potbadG16R08Bq6Qi5M2IgdKzmExiYFRK8Hkk/piuBPNEqzFV0yyYqLT7YYAk3W7
6M1MODj8kGT2SMQHOMCrVYO9GWqGh3JpEN4hZY2tBC9w7PHfrH2o92VjkUe08J03
f9eQJdEoVZQ1QkDWa1M5uyAoWFUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRIx38M
RBL0fgXp/wP1RwI0oB1vKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWI3ODExYzAtZjU0OC00M2I4LTg5N2QtZmFjNjhkZTM0MzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BwA
MA0GCSqGSIb3DQEBCwUAA4IBAQCRI0jPZXRsY+d9pVtCGK+NVS7sgyWMG25kfJ02
JazLhXVoZsVH+VBcC5R7l2K3Cn68dA9Khqltg4VobwRzR/VsFR0083vURNt7b9nQ
ywXvMC5cu4kHYVCfMD121Wwq8qAoWb1jHz2nLtHjX11isGH68ioPeIF1edzRO5ca
6EOB1mi7+ZGvzIxoXhWOsHCFvN8JJWA8Y8CReSJmETNys8MS1sIS+tDhmSPwXG0E
2zDHsBNQ2hTVrw7mA26XX0UqMtUjmw9u8n5zWyDrjvpkfBNhsQGrG0H7woUDxY2v
NLub8h/Xht0xXEuF3URgCBh/nhp2aiPJsQkoRnbTm//pMmeU
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:15 2025 by rpki-client