Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
File: 62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa (raw, json)
Hash identifier: X4VRPAoIn+jArO8FInJXBfwl15md1j9wR0M4irbfoyw=
Subject key identifier: C4:CF:BF:1A:07:B5:90:69:E0:47:22:28:27:4B:BB:72:B2:C8:3D:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43D417240B066C6CCCBC70B0E1C383B29043ECDB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
Signing time: Fri 11 Jul 2025 19:01:33 +0000
ROA not before: Fri 11 Jul 2025 19:01:33 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:d4:17:24:0b:06:6c:6c:cc:bc:70:b0:e1:c3:83:b2:90:43:ec:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:01:33 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=49992672740e845a57d392ed296a184c2ee39e68d2d6ca14f42b3d5cdf25807d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7c:84:1e:a2:6d:3b:95:f4:56:ce:b9:3f:b3:
cc:f6:2f:6a:36:c1:47:d3:f1:60:0d:ba:21:5b:8a:
82:82:70:18:d1:d3:fb:ca:55:6e:f1:4e:71:ff:ce:
86:88:4d:41:e0:ec:51:6f:c4:29:b7:95:dc:23:11:
a6:b5:ee:81:fd:aa:99:70:de:43:5c:88:a1:11:bb:
ab:9e:fd:a2:ca:90:13:3b:03:61:e9:d9:f3:f3:a8:
1d:b6:dd:b6:86:b6:40:25:43:f7:8f:4e:5a:44:9d:
31:2c:54:ba:ec:62:5f:ec:04:a0:50:0b:ff:14:9c:
85:9c:a2:ce:37:3c:66:14:91:22:7a:26:80:5e:f2:
5a:c7:25:8d:50:0d:f2:fc:50:03:e4:b8:34:0e:fa:
ea:84:81:30:9c:df:c8:30:3b:70:eb:5a:60:2a:fb:
8b:44:dd:55:eb:85:eb:d4:69:ed:ea:ac:25:8b:6b:
4b:55:f1:d4:1d:5f:40:85:98:d6:85:cd:98:89:c6:
ff:ab:6b:1d:92:15:20:40:22:5a:86:bb:df:7c:87:
98:36:01:73:6b:cc:c4:cc:91:87:f2:b0:6b:9a:95:
84:26:d1:2a:e4:55:94:a2:15:52:72:48:8a:4a:de:
80:fc:df:74:05:3c:0e:62:9d:58:54:de:cd:b5:93:
94:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:CF:BF:1A:07:B5:90:69:E0:47:22:28:27:4B:BB:72:B2:C8:3D:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1080::/48
Signature Algorithm: sha256WithRSAEncryption
a3:4b:33:93:cb:bc:dd:20:9b:da:93:df:f3:07:b6:86:c5:1e:
72:6b:fb:f2:60:24:ee:79:55:6f:88:69:d0:6a:4f:2b:ad:58:
bf:3e:1e:d7:c2:6f:ee:1c:8a:b3:1f:87:8d:2d:fd:91:0e:7b:
52:d2:97:16:b0:52:7a:b1:51:be:33:77:26:5b:cb:51:f3:ec:
ac:2c:ab:cc:33:1d:06:2e:b4:4f:35:89:ea:ae:d6:c2:68:33:
08:82:34:70:58:61:94:9a:06:74:d8:5a:8b:1d:b9:9b:15:6b:
4d:0e:f5:27:5b:64:7f:43:07:7d:1f:32:1f:8a:89:be:f5:ca:
38:f7:e4:0c:46:25:35:7a:21:39:e2:14:46:a1:0f:bd:53:ee:
38:4a:a0:27:73:b0:ae:00:81:01:51:6c:c2:7b:4b:d2:55:a4:
e5:68:49:fb:41:a0:e0:2e:e2:99:f2:48:39:25:77:d3:33:81:
21:b4:7f:81:e9:9b:bc:4b:88:cd:d0:34:70:f9:8d:10:28:16:
61:76:2a:60:02:36:e2:4d:13:fe:5f:f2:3b:2a:f6:63:4d:4a:
7e:7b:e2:bb:26:a9:28:33:d3:39:10:9d:9f:c2:8a:2e:3b:df:
6d:0b:8b:59:e2:4f:00:f6:20:57:4a:a9:36:81:53:95:47:34:
8f:c9:a6:ab
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQ9QXJAsGbGzMvHCw4cODspBD7NswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTAxMzNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5OTkyNjcyNzQwZTg0NWE1N2QzOTJlZDI5NmExODRjMmVlMzllNjhkMmQ2
Y2ExNGY0MmIzZDVjZGYyNTgwN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJp8hB6ibTuV9FbOuT+zzPYvajbBR9PxYA26IVuKgoJwGNHT+8pVbvFOcf/O
hohNQeDsUW/EKbeV3CMRprXugf2qmXDeQ1yIoRG7q579osqQEzsDYenZ8/OoHbbd
toa2QCVD949OWkSdMSxUuuxiX+wEoFAL/xSchZyizjc8ZhSRInomgF7yWscljVAN
8vxQA+S4NA766oSBMJzfyDA7cOtaYCr7i0TdVeuF69Rp7eqsJYtrS1Xx1B1fQIWY
1oXNmInG/6trHZIVIEAiWoa733yHmDYBc2vMxMyRh/Kwa5qVhCbRKuRVlKIVUnJI
ikregPzfdAU8DmKdWFTezbWTlJkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTEz78a
B7WQaeBHIignS7tyssg9NzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJmZjRlNWUtOWU2NS00NGZjLWFmN2YtNGU0NDkzNWNlYjQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAo0szk8u83SCb2pPf8we2hsUecmv78mAk7nlV
b4hp0GpPK61Yvz4e18Jv7hyKsx+HjS39kQ57UtKXFrBSerFRvjN3JlvLUfPsrCyr
zDMdBi60TzWJ6q7WwmgzCII0cFhhlJoGdNhaix25mxVrTQ71J1tkf0MHfR8yH4qJ
vvXKOPfkDEYlNXohOeIURqEPvVPuOEqgJ3OwrgCBAVFswntL0lWk5WhJ+0Gg4C7i
mfJIOSV30zOBIbR/gembvEuIzdA0cPmNECgWYXYqYAI24k0T/l/yOyr2Y01Kfnvi
uyapKDPTORCdn8KKLjvfbQuLWeJPAPYgV0qpNoFTlUc0j8mmqw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:55 2025 by rpki-client