Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
File: c02bd597-170b-4eec-b8d1-18d678b065fa.roa (raw, json)
Hash identifier: 8mljq38Yur2nTihNUzJBf113y+3OlMzqA71EyH4vo/c=
Subject key identifier: 5C:01:05:E1:F8:77:8C:66:D9:DD:B6:DD:41:44:34:4C:33:97:A6:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C80CD32754F7B1AB8C5B28DDF17FA6D7765FF86
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
Signing time: Tue 20 May 2025 18:50:12 +0000
ROA not before: Tue 20 May 2025 18:50:12 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:80:cd:32:75:4f:7b:1a:b8:c5:b2:8d:df:17:fa:6d:77:65:ff:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:12 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=0f79ec79c7326661b52bd10c7b180acc21d57bb912ead7e5e45c14a4fd771e30, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:2e:8a:bb:dd:d7:7c:00:6a:dd:9c:1f:e8:14:
64:4e:25:70:ab:34:bb:34:85:c1:24:58:b2:27:4c:
33:22:f6:d9:87:ed:ad:2d:e3:cd:f2:40:cc:78:86:
25:02:9c:24:8c:47:8f:87:98:d7:1f:d4:79:38:a1:
f0:0d:0d:6a:ff:0f:21:29:ae:94:08:79:48:2c:07:
db:4a:44:f6:08:4c:8e:b8:83:d4:19:1f:48:f6:9c:
47:44:a7:7f:aa:07:b2:ea:66:03:91:38:5c:33:40:
1d:80:f1:ea:ab:9a:02:f9:68:86:49:8b:b0:5e:99:
70:70:07:4f:bf:63:fd:04:45:b2:89:c3:5e:57:7f:
07:d8:ee:91:65:40:ec:d6:41:ec:cd:0b:a6:80:5f:
91:c1:f3:6e:5c:45:e9:0a:24:ee:78:92:c6:ae:d4:
e1:51:90:41:d9:7c:0c:3c:49:a4:2b:f4:45:e0:b2:
52:68:b6:dc:01:b1:b9:98:67:71:14:59:b8:b6:e5:
a4:44:f4:3b:f2:31:63:41:8a:4f:29:ed:e3:b5:0f:
43:41:a9:75:55:83:f6:1f:b9:19:dc:7e:e9:aa:1d:
69:71:47:d9:38:f4:3a:db:94:bc:45:d5:44:82:24:
36:68:82:32:72:b8:94:65:8d:7a:64:05:f6:af:79:
80:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:01:05:E1:F8:77:8C:66:D9:DD:B6:DD:41:44:34:4C:33:97:A6:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8010::/48
Signature Algorithm: sha256WithRSAEncryption
16:c7:78:fb:3b:42:a6:ec:08:70:72:0a:ee:e2:22:86:3a:7d:
04:4d:47:3e:98:c3:18:bb:a6:b0:5a:2e:a2:65:14:04:39:0f:
79:39:0a:31:df:3a:6a:be:eb:7b:ba:fe:19:0c:cd:f7:82:31:
99:58:a5:bd:df:8b:a3:1e:0b:2a:a9:56:cd:29:cf:31:06:fd:
07:2d:29:b3:cd:36:33:10:6c:f2:29:57:c3:30:6c:fc:8e:b4:
e8:50:4a:82:71:e7:dd:f6:97:ee:de:84:5a:d0:10:0e:a7:77:
d3:11:9e:6f:6c:89:d3:17:a9:b7:fe:d8:f2:5f:22:9d:02:92:
3d:b3:97:30:d4:c1:7c:c5:77:d7:d0:dc:b5:e3:93:a6:36:e7:
8b:d1:a2:38:57:d8:8a:f5:ef:6f:7b:62:a4:1e:86:66:ff:07:
01:53:1c:b0:e4:12:9f:ca:69:51:d8:ef:66:c4:05:e5:77:29:
f9:e3:7a:1f:12:50:b8:c5:4c:48:ed:9f:37:89:0f:e7:c2:8e:
e9:6d:ef:86:23:49:37:31:c2:21:e7:31:e6:80:fb:81:9e:91:
99:71:8b:f7:86:5c:aa:fb:b6:d4:b1:c2:51:a8:0c:51:a6:cd:
d4:6d:ea:20:23:e0:18:45:6a:75:1e:35:b8:71:53:3a:b0:50:
a7:b9:1b:c8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDIDNMnVPexq4xbKN3xf6bXdl/4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwMTJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNzllYzc5YzczMjY2NjFiNTJiZDEwYzdiMTgwYWNjMjFkNTdiYjkxMmVh
ZDdlNWU0NWMxNGE0ZmQ3NzFlMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPcuirvd13wAat2cH+gUZE4lcKs0uzSFwSRYsidMMyL22YftrS3jzfJAzHiG
JQKcJIxHj4eY1x/UeTih8A0Nav8PISmulAh5SCwH20pE9ghMjriD1BkfSPacR0Sn
f6oHsupmA5E4XDNAHYDx6quaAvlohkmLsF6ZcHAHT79j/QRFsonDXld/B9jukWVA
7NZB7M0LpoBfkcHzblxF6Qok7niSxq7U4VGQQdl8DDxJpCv0ReCyUmi23AGxuZhn
cRRZuLblpET0O/IxY0GKTynt47UPQ0GpdVWD9h+5Gdx+6aodaXFH2Tj0OtuUvEXV
RIIkNmiCMnK4lGWNemQF9q95gEUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRcAQXh
+HeMZtndtt1BRDRMM5emTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzAyYmQ1OTctMTcwYi00ZWVjLWI4ZDEtMThkNjc4YjA2NWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
EDANBgkqhkiG9w0BAQsFAAOCAQEAFsd4+ztCpuwIcHIK7uIihjp9BE1HPpjDGLum
sFouomUUBDkPeTkKMd86ar7re7r+GQzN94IxmVilvd+Lox4LKqlWzSnPMQb9By0p
s802MxBs8ilXwzBs/I606FBKgnHn3faX7t6EWtAQDqd30xGeb2yJ0xept/7Y8l8i
nQKSPbOXMNTBfMV319DcteOTpjbni9GiOFfYivXvb3tipB6GZv8HAVMcsOQSn8pp
UdjvZsQF5Xcp+eN6HxJQuMVMSO2fN4kP58KO6W3vhiNJNzHCIecx5oD7gZ6RmXGL
94Zcqvu21LHCUagMUabN1G3qICPgGEVqdR41uHFTOrBQp7kbyA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:16 2025 by rpki-client