Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
File: 68ece0e7-075e-4bcd-873e-0c74882a8546.roa (raw, json)
Hash identifier: EGMbS5zpjkeZwNnpKj2WcFQ90sxIlgb8G9WOZOVnWCw=
Subject key identifier: 82:C6:C6:9D:0A:A8:88:C0:EC:43:EB:60:1C:82:AD:45:DC:A4:EB:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F4C19B2F3CBF5151CE8FF24627EBDB09014AFCB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
Signing time: Tue 20 May 2025 19:10:47 +0000
ROA not before: Tue 20 May 2025 19:10:47 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:4c:19:b2:f3:cb:f5:15:1c:e8:ff:24:62:7e:bd:b0:90:14:af:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:47 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=546ed86b850ac16a355e0be295335b78a2318dc8e05ce9ea0c419dc0b3b46dea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:53:5d:bb:f6:7c:06:d3:e0:ea:17:35:70:31:
53:a1:a3:65:39:a3:cb:17:8f:c5:dc:ab:c6:0c:60:
3c:73:41:cb:36:89:47:0f:f6:07:df:b3:fa:55:b9:
7b:e2:6e:13:cf:c0:ce:44:ff:81:16:b0:8e:60:c5:
ed:7a:a3:57:03:d5:f7:b7:51:42:2b:3f:c4:99:14:
e2:b6:74:1f:f1:0d:95:76:b4:6c:e0:35:fc:6b:cd:
1d:e1:1d:e5:f8:01:2c:63:8f:39:7b:a1:4d:ee:f0:
e2:74:2f:f8:e2:10:40:f0:2a:06:69:03:b0:75:c5:
6f:26:e2:8e:44:14:d7:3e:f3:fc:82:b6:2a:3f:7b:
74:12:09:c6:58:b4:e9:31:1b:38:62:cd:77:90:b3:
1f:ce:f8:24:44:f9:e7:ea:e2:54:fa:91:81:10:21:
66:dc:1e:34:5d:3c:af:74:06:89:cf:d0:4f:61:a3:
69:a4:53:3d:f6:1d:21:37:3e:72:b5:01:05:c6:97:
54:fc:96:59:18:4b:7b:f1:11:53:c9:1f:d1:5e:c7:
4f:14:87:cf:c9:ef:46:3e:4d:37:2a:d8:58:c1:e0:
28:58:16:a1:50:cb:31:20:08:26:0f:c1:45:c8:35:
ad:e3:99:cf:3c:d8:f9:a9:04:62:1f:ff:66:b3:50:
44:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C6:C6:9D:0A:A8:88:C0:EC:43:EB:60:1C:82:AD:45:DC:A4:EB:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8080::/48
Signature Algorithm: sha256WithRSAEncryption
62:51:1d:9c:be:e3:93:4d:df:ff:91:db:b2:e8:c4:92:d2:c9:
89:e5:79:df:4a:be:ca:25:86:01:c4:88:46:bb:e9:9d:42:ae:
59:18:2b:04:55:e5:b3:d4:4f:dc:b3:bd:2b:70:d2:8e:af:3a:
b5:3c:73:0b:0e:2a:7c:4b:f6:16:9c:3d:b1:56:a0:3b:7d:d0:
e0:eb:d8:cd:63:0e:b6:9c:e1:b5:f2:6e:3a:44:a2:57:2f:54:
24:7e:49:00:8f:04:e6:37:e5:de:11:d5:e4:94:f5:87:78:c2:
ea:66:4d:da:28:4c:a3:1f:7b:4f:3b:1b:6f:9e:18:34:f7:f9:
b0:79:26:d3:27:d5:48:d4:b7:33:04:62:ed:ff:1b:6c:6f:64:
52:89:f1:e4:d4:f6:a3:89:45:23:80:e5:3a:fd:00:05:2d:24:
39:ef:9c:d3:5a:6a:6a:13:8a:1e:96:bc:e0:fe:38:5f:0e:2e:
ff:92:e9:8b:2c:58:b9:b4:62:8e:fb:d0:3b:37:12:7f:b4:9f:
41:8c:71:13:49:58:ae:8d:3a:0d:22:19:28:21:18:7b:3a:4b:
56:c0:92:a3:49:82:da:de:1d:70:d7:a4:ab:96:f9:a6:1c:47:
27:24:9b:c7:e3:0b:4c:a0:fa:ba:69:ee:26:0d:18:a9:54:67:
21:07:93:d8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUL0wZsvPL9RUc6P8kYn69sJAUr8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwNDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0NmVkODZiODUwYWMxNmEzNTVlMGJlMjk1MzM1Yjc4YTIzMThkYzhlMDVj
ZTllYTBjNDE5ZGMwYjNiNDZkZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFTXbv2fAbT4OoXNXAxU6GjZTmjyxePxdyrxgxgPHNByzaJRw/2B9+z+lW5
e+JuE8/AzkT/gRawjmDF7XqjVwPV97dRQis/xJkU4rZ0H/ENlXa0bOA1/GvNHeEd
5fgBLGOPOXuhTe7w4nQv+OIQQPAqBmkDsHXFbybijkQU1z7z/IK2Kj97dBIJxli0
6TEbOGLNd5CzH874JET55+riVPqRgRAhZtweNF08r3QGic/QT2GjaaRTPfYdITc+
crUBBcaXVPyWWRhLe/ERU8kf0V7HTxSHz8nvRj5NNyrYWMHgKFgWoVDLMSAIJg/B
Rcg1reOZzzzY+akEYh//ZrNQRB8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSCxsad
CqiIwOxD62Acgq1F3KTr/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhlY2UwZTctMDc1ZS00YmNkLTg3M2UtMGM3NDg4MmE4NTQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
gDANBgkqhkiG9w0BAQsFAAOCAQEAYlEdnL7jk03f/5HbsujEktLJieV530q+yiWG
AcSIRrvpnUKuWRgrBFXls9RP3LO9K3DSjq86tTxzCw4qfEv2Fpw9sVagO33Q4OvY
zWMOtpzhtfJuOkSiVy9UJH5JAI8E5jfl3hHV5JT1h3jC6mZN2ihMox97Tzsbb54Y
NPf5sHkm0yfVSNS3MwRi7f8bbG9kUonx5NT2o4lFI4DlOv0ABS0kOe+c01pqahOK
Hpa84P44Xw4u/5LpiyxYubRijvvQOzcSf7SfQYxxE0lYro06DSIZKCEYezpLVsCS
o0mC2t4dcNekq5b5phxHJySbx+MLTKD6umnuJg0YqVRnIQeT2A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:59 2025 by rpki-client