Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
File: abbeedab-21fb-4993-b3ce-b753ba293d00.roa (raw, json)
Hash identifier: t/dPVnJsot2v164U+OOCBUUgncKv3rOnyj9hoccPlk0=
Subject key identifier: E1:CD:85:E9:ED:0A:21:52:9C:16:A5:9F:A9:1E:D8:C5:3C:D2:D9:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14CCFE5CC9C7FD39978792D506776536E0CDD75F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
Signing time: Fri 11 Jul 2025 20:11:12 +0000
ROA not before: Fri 11 Jul 2025 20:11:12 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:cc:fe:5c:c9:c7:fd:39:97:87:92:d5:06:77:65:36:e0:cd:d7:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:11:12 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=bdc3420c2dec8c2ecc5f62d6770f2aa2a700c0217f3f5f8f645e74a51cb101e2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c8:a5:54:9d:85:fe:77:25:ce:54:95:16:0d:
81:40:cb:55:44:f8:a1:93:41:f8:cc:39:0c:01:32:
74:17:39:dd:65:62:96:3e:61:47:4c:71:84:85:e3:
13:00:1e:2d:cb:8f:2d:23:95:20:b3:43:c5:62:88:
69:39:9e:ea:8c:a1:44:57:4d:5b:4d:5f:c2:5b:63:
45:92:4a:4b:e2:cb:af:ed:a2:a2:8b:ae:29:cb:1b:
8f:5c:93:1e:80:d7:a7:e0:7d:25:16:00:ea:dc:72:
d3:b0:da:eb:41:1b:62:e5:3d:eb:21:dd:35:b9:b1:
4c:8c:c2:35:f0:dc:95:ca:95:cb:6f:5c:ec:c8:c3:
94:f3:23:f6:cf:7e:c1:6e:40:38:be:a5:17:00:40:
4e:44:f9:cf:a9:52:0d:61:9c:c4:f1:20:c5:ad:f2:
96:ef:d5:eb:b6:82:7f:00:0d:fd:d9:ab:00:c6:c1:
92:c1:28:85:41:51:ba:ca:4b:95:27:46:5f:a0:b2:
89:11:f7:6c:82:8c:82:64:ed:5b:af:d8:64:21:48:
de:71:55:53:2a:5c:31:76:e9:be:c7:21:40:1c:e8:
dc:b6:a6:9f:2f:8d:b5:c8:50:53:76:fb:1f:23:59:
87:3c:8c:e1:5c:e3:f8:e9:b3:ea:34:c7:6d:e2:95:
e8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CD:85:E9:ED:0A:21:52:9C:16:A5:9F:A9:1E:D8:C5:3C:D2:D9:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:e000::/40
Signature Algorithm: sha256WithRSAEncryption
4a:e7:72:46:4f:0f:61:09:35:7a:e0:83:b2:25:5b:02:86:89:
83:c6:7d:dd:32:aa:f0:fe:6a:9d:b8:19:8b:67:e2:8b:a2:60:
66:f3:97:99:d6:2a:42:d4:3e:39:af:e0:3a:ad:e4:5c:68:51:
56:24:e9:7a:3f:51:8f:13:dc:41:7f:68:c9:fe:ea:c0:f6:b9:
95:2f:9e:66:3c:94:78:a2:67:e2:70:78:ac:17:98:af:bb:a3:
d4:c2:94:87:b9:59:1d:6f:1d:22:24:b2:4a:a5:8b:83:74:33:
41:32:e7:b6:40:8b:df:a5:25:37:c0:df:29:3e:f0:a7:3c:1e:
4e:f3:6e:c3:83:73:14:f9:a4:52:1c:43:69:5f:31:b4:ab:07:
17:78:9e:1d:6b:13:42:7c:db:62:d7:7e:bd:83:41:e0:e5:ad:
4d:cd:49:73:54:f8:b5:0f:98:d6:89:99:33:dc:5f:c5:aa:24:
09:20:c2:f0:e5:6d:ee:f8:4b:61:20:e9:7e:1a:9a:ef:85:f2:
e0:ec:82:e1:ee:dc:bc:63:7f:60:56:e5:1c:dc:9b:20:6a:11:
13:ca:85:22:89:7b:16:4d:f0:eb:54:e2:83:14:32:b3:4a:b6:
7b:e4:26:6c:4f:26:7a:29:59:53:50:0d:d0:22:51:dd:8f:88:
84:7c:09:d9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFMz+XMnH/TmXh5LVBndlNuDN118wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDExMTJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkYzM0MjBjMmRlYzhjMmVjYzVmNjJkNjc3MGYyYWEyYTcwMGMwMjE3ZjNm
NWY4ZjY0NWU3NGE1MWNiMTAxZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjIpVSdhf53Jc5UlRYNgUDLVUT4oZNB+Mw5DAEydBc53WVilj5hR0xxhIXj
EwAeLcuPLSOVILNDxWKIaTme6oyhRFdNW01fwltjRZJKS+LLr+2ioouuKcsbj1yT
HoDXp+B9JRYA6txy07Da60EbYuU96yHdNbmxTIzCNfDclcqVy29c7MjDlPMj9s9+
wW5AOL6lFwBATkT5z6lSDWGcxPEgxa3ylu/V67aCfwAN/dmrAMbBksEohUFRuspL
lSdGX6CyiRH3bIKMgmTtW6/YZCFI3nFVUypcMXbpvschQBzo3Lamny+NtchQU3b7
HyNZhzyM4Vzj+Omz6jTHbeKV6P8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBThzYXp
7QohUpwWpZ+pHtjFPNLZkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWJiZWVkYWItMjFmYi00OTkzLWIzY2UtYjc1M2JhMjkzZDAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDg
MA0GCSqGSIb3DQEBCwUAA4IBAQBK53JGTw9hCTV64IOyJVsChomDxn3dMqrw/mqd
uBmLZ+KLomBm85eZ1ipC1D45r+A6reRcaFFWJOl6P1GPE9xBf2jJ/urA9rmVL55m
PJR4omficHisF5ivu6PUwpSHuVkdbx0iJLJKpYuDdDNBMue2QIvfpSU3wN8pPvCn
PB5O827Dg3MU+aRSHENpXzG0qwcXeJ4daxNCfNti1369g0Hg5a1NzUlzVPi1D5jW
iZkz3F/FqiQJIMLw5W3u+EthIOl+GprvhfLg7ILh7ty8Y39gVuUc3JsgahETyoUi
iXsWTfDrVOKDFDKzSrZ75CZsTyZ6KVlTUA3QIlHdj4iEfAnZ
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:03 2025 by rpki-client