Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
File: 52b24640-f60c-42e4-9476-345e951e2387.roa (raw, json)
Hash identifier: AqFAqJGdaHV2eib20usAo289HxeEA5p6SNT3TgMGPm4=
Subject key identifier: 49:EC:FA:62:74:29:2D:58:4F:2B:C9:78:FB:16:D6:8D:5A:07:BC:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20EC65527ADA1C2AC539FBF64536C17FAEA526DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
Signing time: Tue 20 May 2025 18:40:04 +0000
ROA not before: Tue 20 May 2025 18:40:04 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:ec:65:52:7a:da:1c:2a:c5:39:fb:f6:45:36:c1:7f:ae:a5:26:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:40:04 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=f19249f37bf2137bd92a3b1c38e628bf33bcbc35b040a511898412f9649828e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:42:33:57:c4:23:c0:25:8d:9e:f3:7f:0b:6d:
31:1c:fa:a8:4e:97:16:84:4e:74:b8:dd:9d:77:46:
ca:e9:e2:2e:4b:a0:c5:4c:5a:5c:10:d1:f2:41:4b:
5b:cd:99:c8:a5:93:fa:de:2e:a9:47:21:2a:f2:d3:
d6:c9:19:c1:55:c6:07:23:f2:9f:cf:61:a6:93:c7:
21:54:b4:2c:52:2e:a8:7c:14:5c:5b:c3:45:38:b5:
f3:6f:ac:14:9d:96:08:74:93:19:82:8d:ae:b1:0b:
51:44:e9:87:0d:28:e6:bc:8c:db:15:3e:34:cb:63:
f7:6f:85:f2:a6:02:d8:e5:0a:4d:5c:86:49:b6:ea:
2b:92:21:05:f0:f1:34:14:b6:41:4e:d6:73:54:6e:
57:e3:70:82:ac:b9:56:4c:de:d2:1e:55:c7:fa:38:
94:8a:c2:50:2f:8d:03:ca:25:35:fc:32:ff:54:48:
52:f9:0c:ba:7a:7f:84:75:29:40:f8:a0:59:5c:2b:
a3:38:9c:7b:42:19:ba:61:78:48:50:29:47:f3:74:
19:93:6b:43:e6:ca:19:c2:44:90:41:13:22:e0:a7:
ac:58:dc:64:11:7b:14:9e:27:8a:a2:b4:5b:e6:d6:
45:13:aa:89:56:fa:eb:eb:53:b5:9f:b0:93:21:c0:
19:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:EC:FA:62:74:29:2D:58:4F:2B:C9:78:FB:16:D6:8D:5A:07:BC:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5040::/48
Signature Algorithm: sha256WithRSAEncryption
67:7a:ea:f2:89:df:8f:2a:4e:b2:15:75:8d:bb:31:ce:7d:9e:
35:9b:e4:8a:80:35:58:58:51:db:5f:60:1b:51:a4:69:ff:5b:
ea:1e:62:6b:02:22:fe:9f:e3:ef:d2:25:11:27:ee:8b:08:44:
8f:d2:03:e8:5e:69:71:81:35:4a:54:b0:03:e0:d6:4a:92:8b:
ed:cf:e6:3d:31:04:e6:15:74:37:4d:03:72:55:71:ce:c8:e9:
f4:37:61:05:8f:59:61:0b:a7:89:dd:d7:39:03:b0:7c:e8:82:
c3:fa:36:f8:3e:4a:05:4d:b6:e6:57:a8:95:ec:32:94:77:90:
4a:05:85:4c:71:a6:16:8f:11:aa:b0:32:b7:41:08:f6:82:d2:
f3:ec:ca:c5:f3:c0:89:47:f4:eb:d7:aa:bb:8d:97:37:97:0c:
66:74:80:c9:a9:db:7a:f4:5f:ac:81:0c:fa:41:02:86:ca:35:
59:c8:a6:b3:74:f7:53:fb:b6:d6:54:44:d5:1a:97:98:33:73:
47:a8:aa:f5:7c:73:81:ca:7b:b2:7e:77:54:8b:9b:4e:12:43:
61:a6:4f:9c:96:00:65:0e:57:21:81:47:05:42:6b:2d:5f:ec:
8e:f3:0a:ce:45:2c:48:88:f7:c9:cf:84:73:db:81:9e:ef:46:
40:8e:0b:a9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIOxlUnraHCrFOfv2RTbBf66lJt4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQwMDRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxOTI0OWYzN2JmMjEzN2JkOTJhM2IxYzM4ZTYyOGJmMzNiY2JjMzViMDQw
YTUxMTg5ODQxMmY5NjQ5ODI4ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdCM1fEI8AljZ7zfwttMRz6qE6XFoROdLjdnXdGyuniLkugxUxaXBDR8kFL
W82ZyKWT+t4uqUchKvLT1skZwVXGByPyn89hppPHIVS0LFIuqHwUXFvDRTi182+s
FJ2WCHSTGYKNrrELUUTphw0o5ryM2xU+NMtj92+F8qYC2OUKTVyGSbbqK5IhBfDx
NBS2QU7Wc1RuV+Nwgqy5Vkze0h5Vx/o4lIrCUC+NA8olNfwy/1RIUvkMunp/hHUp
QPigWVwrozice0IZumF4SFApR/N0GZNrQ+bKGcJEkEETIuCnrFjcZBF7FJ4niqK0
W+bWRROqiVb66+tTtZ+wkyHAGWMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRJ7Ppi
dCktWE8ryXj7FtaNWge8jjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTJiMjQ2NDAtZjYwYy00MmU0LTk0NzYtMzQ1ZTk1MWUyMzg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAZ3rq8onfjypOshV1jbsxzn2eNZvkioA1WFhR
219gG1Gkaf9b6h5iawIi/p/j79IlESfuiwhEj9ID6F5pcYE1SlSwA+DWSpKL7c/m
PTEE5hV0N00DclVxzsjp9DdhBY9ZYQunid3XOQOwfOiCw/o2+D5KBU225leolewy
lHeQSgWFTHGmFo8RqrAyt0EI9oLS8+zKxfPAiUf069equ42XN5cMZnSAyanbevRf
rIEM+kEChso1Wcims3T3U/u21lRE1RqXmDNzR6iq9Xxzgcp7sn53VIubThJDYaZP
nJYAZQ5XIYFHBUJrLV/sjvMKzkUsSIj3yc+Ec9uBnu9GQI4LqQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:18 2025 by rpki-client