Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa
File: 62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa (raw, json)
Hash identifier: mLvCT0ryqpUjW2lfEZuEMYMVM3aN2wtfgRGpYTtIRTA=
Subject key identifier: AE:B5:48:D1:E6:D3:F7:F5:D6:76:B5:97:EB:03:7D:D4:B5:1A:62:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19FEC37E4DA61140BD6A2959A3CB332B4DE0D1BB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa
Signing time: Fri 16 May 2025 17:31:06 +0000
ROA not before: Fri 16 May 2025 17:31:06 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:fe:c3:7e:4d:a6:11:40:bd:6a:29:59:a3:cb:33:2b:4d:e0:d1:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:31:06 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=10b6bd11d36e16fb66fa481d1cb4432a9455af88e98acc65c4a3e844708132ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2b:41:40:8f:23:d3:37:5a:93:03:5f:13:93:
a7:e6:d5:4c:46:1a:e3:22:6c:14:e7:29:b7:ee:f1:
99:1b:e1:59:46:7b:ac:43:de:6f:09:9b:8c:f7:5a:
08:1c:b7:a2:3c:ec:5b:b4:48:8b:f8:54:50:31:d0:
01:2c:d5:26:e3:09:df:37:68:63:6c:19:99:bc:49:
a0:e9:5c:c0:77:f5:c3:88:19:30:df:8d:0a:d9:c2:
38:dd:87:96:1e:53:37:13:99:1f:ba:74:fe:5f:c5:
6a:12:88:a4:90:57:d6:97:1e:25:c9:ed:24:99:50:
01:1d:00:18:0b:23:89:e8:f5:bb:d8:7e:bb:79:99:
ea:10:18:be:00:3b:3d:d2:11:dc:6a:a9:ee:39:be:
a6:98:b4:88:38:82:19:03:51:e9:28:52:fb:70:64:
4a:85:10:5a:6b:d7:46:5d:78:cd:3a:dc:3b:b4:d0:
20:99:68:86:23:17:e0:17:27:a4:e0:3e:3d:63:7b:
6d:70:2c:fe:6a:41:3d:e5:65:31:44:1f:55:90:99:
7b:02:2b:08:7d:8b:58:18:1a:b7:8a:2b:93:ca:7d:
a7:6b:8b:9d:11:ae:f0:1e:6c:15:51:b0:01:20:b9:
c4:c7:5d:4c:d6:91:cf:a7:4b:bf:76:3c:68:04:cc:
8c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:B5:48:D1:E6:D3:F7:F5:D6:76:B5:97:EB:03:7D:D4:B5:1A:62:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:840::/46
Signature Algorithm: sha256WithRSAEncryption
40:f5:3f:65:2d:29:b9:bc:52:49:e4:d3:ef:1a:d6:28:11:35:
f8:6c:4c:83:ca:9b:f4:38:1c:3b:62:07:86:fd:21:a6:18:51:
dd:fc:65:a5:73:fa:0b:3b:4e:0b:1e:2e:f7:9e:fe:4f:6f:94:
5b:53:b1:d8:3d:42:e0:4d:cb:71:03:e4:87:de:8d:f1:b6:19:
47:67:93:ea:da:45:81:bc:5d:92:89:40:a5:bf:48:bf:e3:f6:
25:6e:df:4d:12:92:81:5e:9d:25:10:bb:ff:42:74:02:4d:62:
0f:70:e6:03:6d:77:9c:62:6c:82:18:7b:7f:e1:2e:8c:27:75:
67:25:90:ff:78:09:c7:0f:17:7a:80:05:66:49:67:87:51:78:
bc:45:2f:f7:dc:6b:88:10:f3:21:b0:2d:c7:60:d4:a5:40:67:
37:28:18:bb:ce:22:e9:15:1b:cd:71:32:5a:29:e6:48:71:8e:
32:fb:b6:05:07:0f:c5:9e:8f:53:93:46:d4:34:e6:77:60:f3:
82:17:e9:a0:1d:a3:e9:25:cb:ba:91:96:95:82:b2:f8:a6:43:
c7:5b:e3:ac:20:a5:61:84:3d:44:01:16:2f:cd:0d:fd:b5:a8:
e2:0b:73:79:42:5a:ce:7e:b0:c8:62:57:44:e2:86:7b:dd:15:
a3:9a:c8:ba
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGf7Dfk2mEUC9ailZo8szK03g0bswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzMxMDZaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwYjZiZDExZDM2ZTE2ZmI2NmZhNDgxZDFjYjQ0MzJhOTQ1NWFmODhlOThh
Y2M2NWM0YTNlODQ0NzA4MTMyY2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQrQUCPI9M3WpMDXxOTp+bVTEYa4yJsFOcpt+7xmRvhWUZ7rEPebwmbjPda
CBy3ojzsW7RIi/hUUDHQASzVJuMJ3zdoY2wZmbxJoOlcwHf1w4gZMN+NCtnCON2H
lh5TNxOZH7p0/l/FahKIpJBX1pceJcntJJlQAR0AGAsjiej1u9h+u3mZ6hAYvgA7
PdIR3Gqp7jm+ppi0iDiCGQNR6ShS+3BkSoUQWmvXRl14zTrcO7TQIJlohiMX4Bcn
pOA+PWN7bXAs/mpBPeVlMUQfVZCZewIrCH2LWBgat4ork8p9p2uLnRGu8B5sFVGw
ASC5xMddTNaRz6dLv3Y8aATMjOkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSutUjR
5tP39dZ2tZfrA33UtRpitjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJkZGM1MmEtOGE0Zi00ZWYyLTk1ZWMtZGJmM2E3NmJlOThkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUI
QDANBgkqhkiG9w0BAQsFAAOCAQEAQPU/ZS0pubxSSeTT7xrWKBE1+GxMg8qb9Dgc
O2IHhv0hphhR3fxlpXP6CztOCx4u957+T2+UW1Ox2D1C4E3LcQPkh96N8bYZR2eT
6tpFgbxdkolApb9Iv+P2JW7fTRKSgV6dJRC7/0J0Ak1iD3DmA213nGJsghh7f+Eu
jCd1ZyWQ/3gJxw8XeoAFZklnh1F4vEUv99xriBDzIbAtx2DUpUBnNygYu84i6RUb
zXEyWinmSHGOMvu2BQcPxZ6PU5NG1DTmd2DzghfpoB2j6SXLupGWlYKy+KZDx1vj
rCClYYQ9RAEWL80N/bWo4gtzeUJazn6wyGJXROKGe90Vo5rIug==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:10 2025 by rpki-client