Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa
File: 45c6591c-1ba0-4769-9e6a-11566f006613.roa (raw, json)
Hash identifier: RduzPTXadM4Vc7qYw5ENbQKEF8WdQWll9x4a9PBZZRs=
Subject key identifier: E2:8D:0E:32:B6:90:D0:78:84:9E:D0:49:32:5C:66:59:1D:A6:09:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C471DBE4A6B3EB94B515653B91AA3A6974375C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa
Signing time: Fri 11 Jul 2025 19:00:12 +0000
ROA not before: Fri 11 Jul 2025 19:00:12 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:47:1d:be:4a:6b:3e:b9:4b:51:56:53:b9:1a:a3:a6:97:43:75:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:00:12 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=64f05a1a58d5c6cb0a0c3922577f2f680b3f12d84edb4e73a034634bb584cdcb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7e:ff:e3:57:79:67:57:4e:e8:44:fa:7b:e5:
e7:7f:de:b2:c4:52:5b:2a:26:08:a8:06:df:7e:b6:
cd:d4:2c:1e:c2:0e:06:70:0a:81:51:04:70:68:08:
9c:1c:75:44:60:74:84:53:27:8d:eb:b1:c1:59:84:
13:32:41:5e:18:25:db:38:2b:79:01:1d:f0:11:98:
b3:02:00:52:2b:e3:12:44:92:0e:1a:06:13:cf:0d:
2a:5c:26:82:f6:1b:34:75:5a:b9:a5:4c:12:24:dd:
64:a8:1c:9f:50:17:77:77:94:f6:5f:7e:43:d8:b3:
d6:74:58:27:da:95:4a:2e:1e:28:b1:94:b2:cd:f2:
ed:1f:12:ea:16:75:33:63:18:41:01:e2:8f:24:05:
fd:03:5d:0a:d9:9d:d7:43:3b:a7:3e:9a:b6:70:26:
f6:5f:7f:cc:63:8c:02:14:94:a4:8b:99:e5:58:84:
cf:cb:e9:83:7e:24:17:52:5a:dd:af:65:78:9b:f6:
52:a8:69:d9:cc:30:6d:47:e7:09:a6:59:4b:00:c3:
1b:da:b9:2f:8b:96:27:04:4b:9d:d4:4d:10:78:a8:
c5:a7:81:a2:cc:51:ee:bd:c5:a5:e4:79:8e:65:2c:
e2:2f:9e:f4:51:44:b0:d4:76:66:8e:df:29:83:79:
15:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:8D:0E:32:B6:90:D0:78:84:9E:D0:49:32:5C:66:59:1D:A6:09:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
bc:3b:51:b1:eb:58:15:23:1e:34:4b:90:34:79:e0:04:be:a3:
07:9a:ee:9c:7f:c6:22:61:12:47:96:ca:3f:ad:ec:e0:1c:98:
75:f1:c5:4b:1d:90:27:1f:0c:71:cd:27:e3:9a:5b:52:5b:b5:
43:20:2b:3a:a1:14:d2:df:92:21:34:9a:97:75:c2:fa:5c:d3:
32:3e:96:47:6d:70:51:44:2d:05:52:ef:dd:1f:0b:21:e4:ac:
04:d6:ac:a4:19:fe:2a:96:f6:ed:cc:6b:60:9c:6d:46:8a:1e:
af:d9:5b:46:41:65:97:e0:dd:66:c2:8a:ec:b6:79:ca:ef:1b:
e0:96:3c:c1:a0:20:18:7e:8f:ff:61:0d:81:f4:28:3a:2f:22:
6f:60:07:e6:a6:08:1c:f7:7f:29:8d:0b:59:04:38:7a:a8:46:
6f:4b:4c:6f:5d:62:07:31:75:f0:50:7e:07:b5:d2:f6:40:f0:
fb:09:7b:05:be:b5:fc:36:6c:2f:e6:70:8f:1c:b3:61:27:aa:
ed:94:94:61:87:b3:3d:dd:10:81:a1:eb:58:df:0f:cf:77:a3:
35:8c:10:6e:f9:5b:e1:98:a3:87:e8:80:c0:52:21:b0:3e:f7:
64:91:b9:2c:d8:e3:b9:40:3f:d5:ef:04:aa:c0:9f:51:f0:0e:
95:52:93:d1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbEcdvkprPrlLUVZTuRqjppdDdcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTAwMTJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0ZjA1YTFhNThkNWM2Y2IwYTBjMzkyMjU3N2YyZjY4MGIzZjEyZDg0ZWRi
NGU3M2EwMzQ2MzRiYjU4NGNkY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALV+/+NXeWdXTuhE+nvl53/essRSWyomCKgG3362zdQsHsIOBnAKgVEEcGgI
nBx1RGB0hFMnjeuxwVmEEzJBXhgl2zgreQEd8BGYswIAUivjEkSSDhoGE88NKlwm
gvYbNHVauaVMEiTdZKgcn1AXd3eU9l9+Q9iz1nRYJ9qVSi4eKLGUss3y7R8S6hZ1
M2MYQQHijyQF/QNdCtmd10M7pz6atnAm9l9/zGOMAhSUpIuZ5ViEz8vpg34kF1Ja
3a9leJv2Uqhp2cwwbUfnCaZZSwDDG9q5L4uWJwRLndRNEHioxaeBosxR7r3FpeR5
jmUs4i+e9FFEsNR2Zo7fKYN5FekCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTijQ4y
tpDQeISe0EkyXGZZHaYJsDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDVjNjU5MWMtMWJhMC00NzY5LTllNmEtMTE1NjZmMDA2NjEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAvDtRsetYFSMeNEuQNHngBL6jB5runH/GImES
R5bKP63s4ByYdfHFSx2QJx8Mcc0n45pbUlu1QyArOqEU0t+SITSal3XC+lzTMj6W
R21wUUQtBVLv3R8LIeSsBNaspBn+Kpb27cxrYJxtRooer9lbRkFll+DdZsKK7LZ5
yu8b4JY8waAgGH6P/2ENgfQoOi8ib2AH5qYIHPd/KY0LWQQ4eqhGb0tMb11iBzF1
8FB+B7XS9kDw+wl7Bb61/DZsL+ZwjxyzYSeq7ZSUYYezPd0QgaHrWN8Pz3ejNYwQ
bvlb4Zijh+iAwFIhsD73ZJG5LNjjuUA/1e8EqsCfUfAOlVKT0Q==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:47 2025 by rpki-client