Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
File: 62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa (raw, json)
Hash identifier: v7a7AKc4mCCwD9k6CUfQylD0jlNPG7wLZVzHr4UKi8E=
Subject key identifier: BB:E7:24:2C:63:64:1D:35:E8:D2:91:30:65:05:8F:8A:7A:61:A7:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06BFCAC7B61868ACBEEDD1E95D71407F2EC544D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
Signing time: Mon 16 Jun 2025 20:00:47 +0000
ROA not before: Mon 16 Jun 2025 20:00:47 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:bf:ca:c7:b6:18:68:ac:be:ed:d1:e9:5d:71:40:7f:2e:c5:44:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:47 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=a95724250e03cc494f64243998bc3160de141325dcb1704225f656f036d6b44e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6f:86:a0:ab:5e:a7:a5:4e:86:d0:e5:1a:52:
ea:1a:44:84:b2:34:0f:7f:f5:9f:3a:80:a9:82:9c:
53:26:f4:fd:c1:13:5c:a3:1b:a8:e6:52:ea:2b:f8:
d4:76:8d:8e:d5:53:d9:c5:e8:c7:65:1c:d7:98:43:
d1:2f:a2:9b:f8:4b:e2:eb:d2:f6:fc:92:3a:87:32:
4b:b8:50:86:ed:f5:03:58:9b:94:b9:57:a0:ec:5d:
e5:66:23:7d:c5:47:12:00:63:b2:03:78:b9:70:5c:
2e:e5:7e:8a:97:35:7f:1d:48:ed:d1:ad:cf:1e:4d:
4c:11:7a:59:17:92:8d:d2:f1:49:05:6e:8c:ff:66:
6e:d0:ff:93:24:12:60:47:86:f7:5b:93:f0:98:e1:
15:6a:87:9f:b2:aa:67:99:b3:97:87:a8:cf:30:fc:
5b:4c:0d:af:0f:0d:ce:e2:d7:fd:c0:13:24:d9:a5:
bc:9c:0a:41:1e:a1:35:b0:55:cd:06:0c:89:80:6c:
f7:f8:0e:42:32:c2:36:af:1d:6f:c3:4d:f4:a5:73:
13:cd:7f:7b:71:57:1b:e9:41:b0:b6:93:ea:73:46:
62:fa:3d:01:53:bd:1c:b1:14:36:71:5b:b6:22:8d:
08:94:2b:1c:f7:5b:d7:f6:ad:2c:13:89:b0:5f:64:
5e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E7:24:2C:63:64:1D:35:E8:D2:91:30:65:05:8F:8A:7A:61:A7:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1080::/48
Signature Algorithm: sha256WithRSAEncryption
72:93:3c:cc:cf:f0:c7:dd:d9:32:39:43:ed:99:a5:75:69:75:
1e:54:13:61:2e:39:52:1d:c9:45:9d:23:11:0a:c1:0e:74:97:
e7:b7:60:b1:a3:04:d0:ba:ee:8a:1f:50:f2:fb:af:6a:a3:a5:
95:f7:f9:99:4d:b3:ff:a9:7c:37:c2:b2:06:3e:30:7b:9d:85:
52:29:c8:7a:5a:a8:83:8b:a3:69:eb:f7:47:fd:ef:95:fa:88:
a9:e0:55:35:7e:15:c7:28:d1:85:f5:b1:d3:ae:61:6f:7f:ca:
57:66:66:86:1c:8c:e2:45:03:4b:cc:70:39:bc:0c:be:27:5d:
94:b3:80:e9:5f:43:ad:f0:08:e3:a7:cb:37:d2:9b:49:ab:d9:
8f:f1:a9:c2:13:ab:81:36:e5:ef:e1:1d:b9:61:07:05:5f:3a:
81:42:70:40:8c:f2:6b:b5:4e:5d:fa:68:af:d4:00:f0:1c:1c:
58:28:10:5b:01:56:fe:49:e1:36:34:3c:5d:5b:b0:10:d7:06:
27:72:d7:47:f6:11:78:99:d7:1a:f1:e6:87:e8:b9:dc:62:d6:
58:69:51:ba:b6:15:3a:20:6c:7d:d1:0c:95:56:0e:f3:fb:f4:
ea:84:99:be:88:45:aa:1e:92:14:6c:2e:3b:8a:3c:68:66:bd:
43:31:23:d4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBr/Kx7YYaKy+7dHpXXFAfy7FRNEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwNDdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5NTcyNDI1MGUwM2NjNDk0ZjY0MjQzOTk4YmMzMTYwZGUxNDEzMjVkY2Ix
NzA0MjI1ZjY1NmYwMzZkNmI0NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRvhqCrXqelTobQ5RpS6hpEhLI0D3/1nzqAqYKcUyb0/cETXKMbqOZS6iv4
1HaNjtVT2cXox2Uc15hD0S+im/hL4uvS9vySOocyS7hQhu31A1iblLlXoOxd5WYj
fcVHEgBjsgN4uXBcLuV+ipc1fx1I7dGtzx5NTBF6WReSjdLxSQVujP9mbtD/kyQS
YEeG91uT8JjhFWqHn7KqZ5mzl4eozzD8W0wNrw8NzuLX/cATJNmlvJwKQR6hNbBV
zQYMiYBs9/gOQjLCNq8db8NN9KVzE81/e3FXG+lBsLaT6nNGYvo9AVO9HLEUNnFb
tiKNCJQrHPdb1/atLBOJsF9kXrECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS75yQs
Y2QdNejSkTBlBY+KemGnKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJmZjRlNWUtOWU2NS00NGZjLWFmN2YtNGU0NDkzNWNlYjQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAcpM8zM/wx93ZMjlD7ZmldWl1HlQTYS45Uh3J
RZ0jEQrBDnSX57dgsaME0Lruih9Q8vuvaqOllff5mU2z/6l8N8KyBj4we52FUinI
elqog4ujaev3R/3vlfqIqeBVNX4VxyjRhfWx065hb3/KV2ZmhhyM4kUDS8xwObwM
viddlLOA6V9DrfAI46fLN9KbSavZj/GpwhOrgTbl7+EduWEHBV86gUJwQIzya7VO
Xfpor9QA8BwcWCgQWwFW/knhNjQ8XVuwENcGJ3LXR/YReJnXGvHmh+i53GLWWGlR
urYVOiBsfdEMlVYO8/v06oSZvohFqh6SFGwuO4o8aGa9QzEj1A==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:24 2025 by rpki-client