Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
File: 62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa (raw, json)
Hash identifier: uHTDnsapZ4vj2IQV2MtX/+djxMR2RvOf60Vcy5ssmJM=
Subject key identifier: 8A:FF:2A:D1:C3:47:A6:0A:BC:1A:9F:EC:52:BA:39:8E:2D:5B:90:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C55C9F0348A13B2D68E3E83D4EA8071689F1D0F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
Signing time: Tue 20 May 2025 18:51:19 +0000
ROA not before: Tue 20 May 2025 18:51:19 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:55:c9:f0:34:8a:13:b2:d6:8e:3e:83:d4:ea:80:71:68:9f:1d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:51:19 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=223c1e45f4b52ff0f0ce3bf1a48b10f6fafdbc53c78951891955fb55f21001ee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d0:45:26:56:55:80:6b:9c:7c:86:70:39:44:
d6:d9:07:20:24:ec:9e:3f:e9:82:7e:61:4f:a7:3e:
8a:1c:40:d0:d6:19:d9:9a:0d:79:90:da:7f:4b:2a:
f1:ea:1c:2d:f7:e3:90:70:fa:de:cf:22:8d:bf:e0:
8f:93:70:9e:d4:67:a0:4f:13:bc:24:0d:d6:e6:ab:
70:8f:08:d6:1b:a7:2a:d9:05:94:73:9e:5e:34:65:
00:26:d0:c2:bc:7a:df:f9:03:ee:c6:c9:56:a3:33:
ff:d4:02:56:92:d0:18:f6:eb:99:2d:ca:67:2e:9c:
29:c9:d2:bd:1e:ed:c4:73:62:21:3a:02:6c:9c:d1:
d7:dc:7d:4d:59:49:93:b7:2a:cf:91:06:5b:fe:01:
58:61:d2:f2:0b:6f:fe:66:13:de:d5:73:9c:15:62:
47:b4:69:05:69:d4:c3:59:34:1c:7d:9d:13:b7:f7:
23:c7:ef:a5:ed:4e:c6:84:43:cd:b4:a4:52:8a:28:
fe:71:c0:50:8e:bb:f2:09:56:94:f1:3f:27:89:a5:
91:76:8b:81:c3:98:bd:36:06:46:f6:fe:e7:a0:29:
a2:11:d6:ad:a1:e1:85:38:cc:13:67:ff:0c:31:99:
7e:63:8b:4c:6b:58:35:d3:dc:4a:af:9f:54:99:e4:
49:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:FF:2A:D1:C3:47:A6:0A:BC:1A:9F:EC:52:BA:39:8E:2D:5B:90:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1080::/48
Signature Algorithm: sha256WithRSAEncryption
5e:91:40:10:05:30:c7:7a:0d:ce:77:91:54:b5:9d:23:41:a4:
41:67:83:e9:0f:ec:e7:62:e4:da:73:dd:22:14:7e:f9:8c:29:
82:27:c0:6f:f1:4a:56:e0:b3:10:16:f6:4c:e4:05:0c:64:ca:
f0:f1:12:3c:09:f4:34:38:b5:5c:0c:34:4d:08:2e:e8:49:4e:
d4:6e:c8:44:7d:9f:b6:28:e1:90:0a:20:84:a5:b7:bb:5f:cc:
60:91:e6:9b:78:21:e0:a7:6c:ce:71:d3:51:da:78:cb:0e:a7:
16:fb:c9:b2:84:1a:47:ad:5a:a7:a4:d3:20:be:9b:03:76:cc:
99:90:05:6b:d3:d8:4e:c3:90:c2:49:73:6e:dd:3f:f1:42:1a:
d6:23:66:f4:fb:97:03:b5:13:b3:0f:da:ee:e6:85:60:2d:1c:
fe:53:64:52:6c:d4:60:3f:4b:57:07:fd:be:96:0b:d1:fd:db:
b1:62:f2:3f:11:c1:0f:43:5a:03:0d:f1:66:31:1f:13:4a:26:
af:89:8b:2a:d6:a3:df:0a:97:ca:ca:ee:54:b2:42:a2:5b:f1:
fe:48:8a:04:a0:5e:e7:5e:76:a9:c6:8d:d1:a9:79:21:f0:74:
1d:4a:d1:55:2c:38:1f:8e:9d:a4:39:51:79:a4:62:69:e1:12:
74:6b:b6:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHFXJ8DSKE7LWjj6D1OqAcWifHQ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUxMTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyM2MxZTQ1ZjRiNTJmZjBmMGNlM2JmMWE0OGIxMGY2ZmFmZGJjNTNjNzg5
NTE4OTE5NTVmYjU1ZjIxMDAxZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJDQRSZWVYBrnHyGcDlE1tkHICTsnj/pgn5hT6c+ihxA0NYZ2ZoNeZDaf0sq
8eocLffjkHD63s8ijb/gj5NwntRnoE8TvCQN1uarcI8I1hunKtkFlHOeXjRlACbQ
wrx63/kD7sbJVqMz/9QCVpLQGPbrmS3KZy6cKcnSvR7txHNiIToCbJzR19x9TVlJ
k7cqz5EGW/4BWGHS8gtv/mYT3tVznBViR7RpBWnUw1k0HH2dE7f3I8fvpe1OxoRD
zbSkUooo/nHAUI678glWlPE/J4mlkXaLgcOYvTYGRvb+56ApohHWraHhhTjME2f/
DDGZfmOLTGtYNdPcSq+fVJnkSQcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSK/yrR
w0emCrwan+xSujmOLVuQZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJmZjRlNWUtOWU2NS00NGZjLWFmN2YtNGU0NDkzNWNlYjQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAXpFAEAUwx3oNzneRVLWdI0GkQWeD6Q/s52Lk
2nPdIhR++YwpgifAb/FKVuCzEBb2TOQFDGTK8PESPAn0NDi1XAw0TQgu6ElO1G7I
RH2ftijhkAoghKW3u1/MYJHmm3gh4KdsznHTUdp4yw6nFvvJsoQaR61ap6TTIL6b
A3bMmZAFa9PYTsOQwklzbt0/8UIa1iNm9PuXA7UTsw/a7uaFYC0c/lNkUmzUYD9L
Vwf9vpYL0f3bsWLyPxHBD0NaAw3xZjEfE0omr4mLKtaj3wqXysruVLJColvx/kiK
BKBe5152qcaN0al5IfB0HUrRVSw4H46dpDlReaRiaeESdGu2zw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:54 2025 by rpki-client