Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
File: 62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa (raw, json)
Hash identifier: kg8/iHv7tOQzjqa7rKyHtuvkExz9fmp6G6jfPTlqiF0=
Subject key identifier: BF:70:E6:80:BF:43:58:C9:D7:3D:1A:2B:BC:48:77:33:BE:B9:CC:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19B23CDBF428F9D7E310D58F5E45828955760507
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
Signing time: Tue 05 Aug 2025 19:01:32 +0000
ROA not before: Tue 05 Aug 2025 19:01:32 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:b2:3c:db:f4:28:f9:d7:e3:10:d5:8f:5e:45:82:89:55:76:05:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:01:32 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=de81059472c25d3069229bf660bc755e4a19b97044ecdbc80059717d0781268a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0a:bf:ad:5c:e4:4e:61:d5:c2:0f:5e:74:4c:
66:a2:3a:51:08:9b:89:50:d7:36:41:21:3b:a9:a7:
2f:da:05:7c:71:29:a8:06:d5:58:75:cc:77:66:72:
7b:45:37:e1:4f:75:37:63:4f:19:c4:8b:d1:e7:91:
7e:79:c7:d6:99:7d:fa:32:0d:01:ce:6d:ce:a6:c4:
e3:55:a0:5c:a0:86:f4:4c:09:5e:d4:45:25:66:e2:
b0:0f:39:37:43:97:24:d5:ea:37:4a:f1:9e:28:58:
b3:26:03:5f:32:b2:e3:9f:3d:28:fc:6a:18:d1:80:
66:b3:54:83:df:3f:42:d5:17:80:8f:37:db:d5:d6:
68:44:90:c5:cd:6e:ba:a0:a7:bf:9e:2d:f9:5d:2c:
c0:99:45:0e:5d:cf:d8:a2:f4:dd:7f:7b:27:1a:69:
13:d6:84:1f:6f:6e:44:70:19:5d:6c:49:ae:82:52:
21:f5:0e:f1:45:f1:54:f6:02:fb:d1:18:42:ec:45:
34:41:cf:23:32:c7:55:73:b5:1e:db:68:46:7a:55:
03:e4:0e:49:1b:61:f8:78:91:98:78:3f:90:bb:6f:
4d:cc:1a:ae:ea:97:5b:0f:d9:ed:34:90:a3:33:20:
2f:19:e1:5a:a5:ae:e1:df:60:5f:a9:55:65:73:48:
6c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:70:E6:80:BF:43:58:C9:D7:3D:1A:2B:BC:48:77:33:BE:B9:CC:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1080::/48
Signature Algorithm: sha256WithRSAEncryption
49:fe:06:e3:e7:a7:cb:0a:17:ee:d9:fe:60:20:88:b5:ec:21:
50:cf:44:49:12:f9:2e:a4:0c:74:a0:d1:7f:7f:b2:54:ac:4d:
62:c3:46:1a:fd:27:e1:84:ed:e0:6f:2c:75:5d:bf:7e:e4:24:
7d:ca:2b:53:ac:0d:f7:9b:3c:48:a5:12:01:aa:15:e1:d2:aa:
b1:d8:5c:92:74:9e:72:7a:d1:d4:80:14:05:4b:04:5e:be:07:
42:09:f2:f8:4a:be:e7:7a:ff:30:fd:d5:4d:78:81:0f:87:fb:
d1:83:47:7c:c8:90:0a:18:93:73:eb:c7:83:c8:c4:f6:8f:93:
a3:5e:45:af:27:87:53:b8:ca:4f:5c:e0:af:71:b8:9d:23:86:
c0:8a:68:45:97:ae:04:b5:53:43:a6:53:db:41:bd:47:50:55:
0b:83:62:4f:1d:6d:14:e2:58:43:cb:9d:57:2c:c7:b5:21:e5:
bc:f4:ca:90:36:2f:27:0b:4b:fd:a0:c6:7a:7a:74:09:3c:8e:
04:e9:59:a5:0a:45:5c:9d:07:7c:1b:db:f6:53:35:d7:0e:a9:
cd:a2:4c:65:b3:06:d5:c8:ec:7f:06:f7:54:5d:73:b3:6f:d7:
88:df:eb:cf:9e:06:37:20:ae:76:7f:53:b8:f7:31:b3:a3:ac:
08:38:35:d8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGbI82/Qo+dfjENWPXkWCiVV2BQcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAxMzJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlODEwNTk0NzJjMjVkMzA2OTIyOWJmNjYwYmM3NTVlNGExOWI5NzA0NGVj
ZGJjODAwNTk3MTdkMDc4MTI2OGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0Kv61c5E5h1cIPXnRMZqI6UQibiVDXNkEhO6mnL9oFfHEpqAbVWHXMd2Zy
e0U34U91N2NPGcSL0eeRfnnH1pl9+jINAc5tzqbE41WgXKCG9EwJXtRFJWbisA85
N0OXJNXqN0rxnihYsyYDXzKy4589KPxqGNGAZrNUg98/QtUXgI8329XWaESQxc1u
uqCnv54t+V0swJlFDl3P2KL03X97JxppE9aEH29uRHAZXWxJroJSIfUO8UXxVPYC
+9EYQuxFNEHPIzLHVXO1HttoRnpVA+QOSRth+HiRmHg/kLtvTcwaruqXWw/Z7TSQ
ozMgLxnhWqWu4d9gX6lVZXNIbN0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS/cOaA
v0NYydc9Giu8SHczvrnMfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJmZjRlNWUtOWU2NS00NGZjLWFmN2YtNGU0NDkzNWNlYjQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
gDANBgkqhkiG9w0BAQsFAAOCAQEASf4G4+enywoX7tn+YCCItewhUM9ESRL5LqQM
dKDRf3+yVKxNYsNGGv0n4YTt4G8sdV2/fuQkfcorU6wN95s8SKUSAaoV4dKqsdhc
knSecnrR1IAUBUsEXr4HQgny+Eq+53r/MP3VTXiBD4f70YNHfMiQChiTc+vHg8jE
9o+To15FryeHU7jKT1zgr3G4nSOGwIpoRZeuBLVTQ6ZT20G9R1BVC4NiTx1tFOJY
Q8udVyzHtSHlvPTKkDYvJwtL/aDGenp0CTyOBOlZpQpFXJ0HfBvb9lM11w6pzaJM
ZbMG1cjsfwb3VF1zs2/XiN/rz54GNyCudn9TuPcxs6OsCDg12A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:19 2025 by rpki-client