Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
File: abbeedab-21fb-4993-b3ce-b753ba293d00.roa (raw, json)
Hash identifier: 48Ad8HVHzHwCz/1H1e+WN45xbtXr3Z/VicX626gAa1U=
Subject key identifier: DD:29:9C:D0:94:FB:47:26:D9:9B:99:3D:AD:2C:8B:FF:9F:6F:0D:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33B5FD7DE2ACC80285A1288933215420ECF4ED6A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
Signing time: Tue 20 May 2025 20:00:08 +0000
ROA not before: Tue 20 May 2025 20:00:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:b5:fd:7d:e2:ac:c8:02:85:a1:28:89:33:21:54:20:ec:f4:ed:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:00:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=4ba339a07ab97c3d3df6f29a68275278232b84f2dfc60eaf8127c4bfa2f04459, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b8:46:fb:00:3b:5e:18:c8:ef:e0:6b:b6:3f:
4d:63:ed:23:d1:c4:4d:d2:e4:ba:f7:cf:e1:49:7f:
6e:25:0a:dd:fa:7f:f6:53:33:15:5a:be:f3:5c:2c:
02:62:9f:6d:c2:e7:7b:c0:95:53:b6:cd:55:51:55:
cd:e8:b8:4b:f9:ec:2c:ab:16:b5:bb:9d:91:19:2d:
88:86:77:c8:5e:27:1a:d2:56:a9:54:ec:d4:f3:4a:
b0:3e:79:ef:77:cf:ed:7d:c6:fd:af:ad:62:9e:36:
e3:09:23:b6:b4:53:c3:5f:4d:d3:98:80:7f:a1:1d:
c8:af:89:bc:ea:db:55:2f:0b:92:03:22:46:03:30:
4b:dd:98:66:e9:44:9b:4a:ec:4d:9f:dd:77:b5:dd:
c1:2e:31:cc:6e:12:5c:df:38:ab:86:4f:dc:1f:7b:
5a:d2:d5:cc:06:e5:d8:ea:47:47:e5:93:fc:01:e9:
90:b4:fc:2c:86:46:2b:13:27:8d:f5:fb:ae:f0:37:
b3:a9:fa:8d:2b:30:93:7c:af:ca:0b:98:59:fc:68:
01:82:e2:bd:90:dd:62:51:ee:e5:5c:58:96:85:37:
00:b2:3d:47:c6:61:84:94:d0:20:87:a8:b3:a4:8f:
e1:1a:4f:8e:4c:6d:80:64:68:71:b6:d8:c7:28:d7:
eb:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:29:9C:D0:94:FB:47:26:D9:9B:99:3D:AD:2C:8B:FF:9F:6F:0D:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:e000::/40
Signature Algorithm: sha256WithRSAEncryption
95:08:60:c8:a1:59:e6:41:dc:6e:b7:38:25:09:97:4e:9b:84:
d5:25:0c:05:2b:4e:66:c7:af:db:b8:77:2d:4f:99:5b:08:c1:
f4:0f:5b:a3:b1:4f:62:13:eb:1f:55:b4:a1:e1:ce:74:c5:0b:
fc:4c:29:b8:ae:bd:04:4a:47:79:06:e8:8c:7b:6c:ae:e2:46:
8e:e4:4c:b4:e6:97:23:27:37:ca:5c:7e:cc:1a:57:63:74:4e:
19:b6:48:97:e2:e7:1d:75:18:27:8a:63:ff:87:cc:50:de:35:
cc:07:58:1b:88:73:57:10:a9:e0:bc:57:2c:c4:72:ea:38:c5:
eb:e2:08:c1:76:ef:77:e8:45:93:93:b8:b4:5c:a7:05:40:e4:
5d:89:25:a2:7e:e2:8c:ad:ad:9a:ef:a3:ee:79:86:7c:61:83:
54:c0:43:42:c3:fb:d9:10:e0:04:c6:8c:70:92:8f:65:0c:14:
d9:7e:06:87:55:49:04:d3:d2:ab:7e:83:3b:f7:bd:79:02:99:
21:f4:07:3e:4e:fb:e7:56:94:a3:2d:b5:20:1e:bd:52:00:ca:
79:a3:08:29:ad:f9:71:45:f1:88:a2:61:69:e5:f7:1c:10:5c:
cb:71:f2:93:8b:84:bc:3b:cb:6a:4e:38:83:99:6b:5b:0d:8c:
04:0d:d6:62
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM7X9feKsyAKFoSiJMyFUIOz07WowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAwMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYTMzOWEwN2FiOTdjM2QzZGY2ZjI5YTY4Mjc1Mjc4MjMyYjg0ZjJkZmM2
MGVhZjgxMjdjNGJmYTJmMDQ0NTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKu4RvsAO14YyO/ga7Y/TWPtI9HETdLkuvfP4Ul/biUK3fp/9lMzFVq+81ws
AmKfbcLne8CVU7bNVVFVzei4S/nsLKsWtbudkRktiIZ3yF4nGtJWqVTs1PNKsD55
73fP7X3G/a+tYp424wkjtrRTw19N05iAf6EdyK+JvOrbVS8LkgMiRgMwS92YZulE
m0rsTZ/dd7XdwS4xzG4SXN84q4ZP3B97WtLVzAbl2OpHR+WT/AHpkLT8LIZGKxMn
jfX7rvA3s6n6jSswk3yvyguYWfxoAYLivZDdYlHu5VxYloU3ALI9R8ZhhJTQIIeo
s6SP4RpPjkxtgGRocbbYxyjX66kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdKZzQ
lPtHJtmbmT2tLIv/n28N1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWJiZWVkYWItMjFmYi00OTkzLWIzY2UtYjc1M2JhMjkzZDAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDg
MA0GCSqGSIb3DQEBCwUAA4IBAQCVCGDIoVnmQdxutzglCZdOm4TVJQwFK05mx6/b
uHctT5lbCMH0D1ujsU9iE+sfVbSh4c50xQv8TCm4rr0ESkd5BuiMe2yu4kaO5Ey0
5pcjJzfKXH7MGldjdE4ZtkiX4ucddRgnimP/h8xQ3jXMB1gbiHNXEKngvFcsxHLq
OMXr4gjBdu936EWTk7i0XKcFQORdiSWifuKMra2a76PueYZ8YYNUwENCw/vZEOAE
xoxwko9lDBTZfgaHVUkE09KrfoM79715Apkh9Ac+TvvnVpSjLbUgHr1SAMp5owgp
rflxRfGIomFp5fccEFzLcfKTi4S8O8tqTjiDmWtbDYwEDdZi
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:31 2025 by rpki-client