Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c0520c80-698f-4538-b32e-e9663caeb979.roa
File: c0520c80-698f-4538-b32e-e9663caeb979.roa (raw, json)
Hash identifier: T2U3gkxj6iagCHfSAaassvoa8Mp2oqaDzAiMtyx2nvI=
Subject key identifier: 53:EE:AD:ED:9C:76:20:FB:11:EC:99:25:6A:2A:31:C7:00:A2:20:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 680C349756DC6955039DD0C045EC6D6FC92C93D2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c0520c80-698f-4538-b32e-e9663caeb979.roa
Signing time: Tue 20 May 2025 18:50:53 +0000
ROA not before: Tue 20 May 2025 18:50:53 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8050::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:0c:34:97:56:dc:69:55:03:9d:d0:c0:45:ec:6d:6f:c9:2c:93:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:53 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=7036fc40bfebe86cd6b66699d29a0c698c63d893748614c9bf0e3bf66db82558, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9d:b9:48:6e:ef:e5:5a:77:fe:b5:79:76:59:
e5:0d:9e:29:af:b0:24:89:5d:b8:c1:fd:ba:ac:00:
c0:dd:c2:b2:fe:d0:4d:f0:37:06:28:a4:4e:a5:d4:
dd:7c:10:8c:11:60:ae:15:68:0b:b8:cc:53:2c:4c:
96:e5:5e:ee:93:5e:1d:90:65:37:6b:34:b2:ee:5d:
1e:e1:2b:3a:81:c3:17:ce:72:6e:e8:2c:a2:d5:77:
dd:f2:55:20:b2:9a:74:cb:1c:c8:02:e5:ce:81:a7:
89:f0:74:c5:43:40:7a:b7:e1:8c:5e:f9:85:4a:99:
17:47:9b:d6:44:f6:54:01:40:a8:38:d3:6f:25:35:
9f:28:00:12:1f:7f:11:71:83:80:49:74:17:68:a3:
83:20:c2:84:37:04:e7:8a:c7:ce:61:e0:18:cb:d4:
66:f8:21:3e:c0:82:1d:a0:ad:44:b9:48:86:dc:16:
1d:b5:f7:c5:ab:84:04:ec:13:c6:26:20:35:54:8d:
c5:a7:14:5d:da:cb:9c:f3:93:d4:6e:0e:04:80:b3:
72:98:23:f6:76:b0:92:91:7d:54:22:98:6d:3a:a6:
c1:98:fe:e8:a1:e5:8a:79:af:16:51:19:f5:41:84:
a9:6c:f2:c5:27:58:d7:af:2b:d1:c0:47:14:3e:16:
10:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EE:AD:ED:9C:76:20:FB:11:EC:99:25:6A:2A:31:C7:00:A2:20:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c0520c80-698f-4538-b32e-e9663caeb979.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8050::/48
Signature Algorithm: sha256WithRSAEncryption
c2:e1:a4:a1:6e:28:19:07:7f:58:22:6a:28:2e:fe:30:c4:40:
f0:5d:df:de:2d:f7:92:f6:10:32:d9:0e:b4:f1:a1:6c:22:6a:
ac:56:b8:f4:41:99:96:72:3e:67:f7:53:8a:5a:21:91:64:a1:
0b:6c:d0:9b:40:d8:aa:0c:56:20:8d:e1:e3:d5:8c:be:25:bd:
c2:0c:a5:7a:7b:c6:48:73:31:26:30:ee:9e:e0:d7:f8:05:94:
06:ca:fa:95:9f:06:c5:26:b8:c9:6a:13:05:80:f5:d5:67:fe:
92:62:1c:ff:6b:fb:fb:dc:7d:71:0d:d7:10:f3:26:7d:33:c7:
4b:68:63:0e:f2:b5:91:44:e6:f0:43:71:c7:48:04:fd:59:b3:
87:3f:4a:8c:d9:66:8e:07:01:a5:c6:8d:d3:9e:02:3b:44:77:
9b:0a:13:ae:1f:75:08:c7:9c:62:30:15:29:f4:4c:30:c1:23:
42:7f:49:76:06:e5:8c:2c:67:30:11:fe:1e:de:2b:77:eb:a9:
dd:06:8c:07:d5:ae:e3:18:d2:b6:e5:3c:1d:f1:d5:0e:5e:72:
65:d3:11:61:02:17:71:6f:9a:c1:59:40:93:93:9f:17:cc:6d:
4b:3f:31:55:ed:46:6a:58:8c:07:28:c2:54:62:62:7d:f4:13:
d9:6f:91:d9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaAw0l1bcaVUDndDARextb8ksk9IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwNTNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwMzZmYzQwYmZlYmU4NmNkNmI2NjY5OWQyOWEwYzY5OGM2M2Q4OTM3NDg2
MTRjOWJmMGUzYmY2NmRiODI1NTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiduUhu7+Vad/61eXZZ5Q2eKa+wJIlduMH9uqwAwN3Csv7QTfA3BiikTqXU
3XwQjBFgrhVoC7jMUyxMluVe7pNeHZBlN2s0su5dHuErOoHDF85ybugsotV33fJV
ILKadMscyALlzoGnifB0xUNAerfhjF75hUqZF0eb1kT2VAFAqDjTbyU1nygAEh9/
EXGDgEl0F2ijgyDChDcE54rHzmHgGMvUZvghPsCCHaCtRLlIhtwWHbX3xauEBOwT
xiYgNVSNxacUXdrLnPOT1G4OBICzcpgj9nawkpF9VCKYbTqmwZj+6KHlinmvFlEZ
9UGEqWzyxSdY168r0cBHFD4WEOcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRT7q3t
nHYg+xHsmSVqKjHHAKIgSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzA1MjBjODAtNjk4Zi00NTM4LWIzMmUtZTk2NjNjYWViOTc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
UDANBgkqhkiG9w0BAQsFAAOCAQEAwuGkoW4oGQd/WCJqKC7+MMRA8F3f3i33kvYQ
MtkOtPGhbCJqrFa49EGZlnI+Z/dTilohkWShC2zQm0DYqgxWII3h49WMviW9wgyl
envGSHMxJjDunuDX+AWUBsr6lZ8GxSa4yWoTBYD11Wf+kmIc/2v7+9x9cQ3XEPMm
fTPHS2hjDvK1kUTm8ENxx0gE/Vmzhz9KjNlmjgcBpcaN054CO0R3mwoTrh91CMec
YjAVKfRMMMEjQn9JdgbljCxnMBH+Ht4rd+up3QaMB9Wu4xjStuU8HfHVDl5yZdMR
YQIXcW+awVlAk5OfF8xtSz8xVe1GaliMByjCVGJiffQT2W+R2Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:58 2025 by rpki-client