Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa
File: 45c6591c-1ba0-4769-9e6a-11566f006613.roa (raw, json)
Hash identifier: PQJuIyHC/ri8rAm86WB+zbTZGbafB8fmN44+F7zMEco=
Subject key identifier: 2A:68:D4:16:39:5F:B7:FA:F1:AD:8B:31:09:7A:48:0C:18:5A:0C:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59F570318D476FD67906CDBFF3EAC164E414D467
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa
Signing time: Mon 16 Jun 2025 20:01:20 +0000
ROA not before: Mon 16 Jun 2025 20:01:20 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:f5:70:31:8d:47:6f:d6:79:06:cd:bf:f3:ea:c1:64:e4:14:d4:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:01:20 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=69619600fd0dc7da1dd7025a0822def51f730b571c19e25e343527b020c2d8c2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d6:a1:36:28:23:28:17:82:11:b3:ca:33:24:
1c:ad:ec:51:62:82:a7:d3:54:da:61:6e:94:ee:3f:
fc:a1:24:4c:0c:8d:0e:66:1e:c1:6a:47:a3:7a:20:
69:09:72:f0:fa:c9:b6:90:99:c6:b5:14:e2:18:0f:
50:6b:da:3f:cf:db:07:1e:c2:4f:41:45:ec:56:32:
b4:3f:2a:ac:f2:5a:79:12:01:ab:3e:62:5e:e7:2d:
bf:b6:6d:b8:b2:ad:ba:b0:77:ba:a7:5a:eb:fe:c9:
0a:0e:64:52:07:80:7e:83:2b:f4:94:d8:38:bd:e9:
90:73:c0:02:39:cd:f2:a6:67:fd:50:cd:fc:e5:64:
ce:10:ec:e9:dd:4e:a4:fd:0d:d9:3a:f3:d6:08:20:
ad:15:c5:c5:04:e0:75:e7:b9:b0:7e:11:e6:5a:9a:
16:19:80:c6:87:43:51:42:c0:f5:0e:9b:57:03:cd:
7c:a8:6c:5e:c3:a5:f6:0e:bb:2b:7f:c7:df:03:40:
ec:48:57:2a:30:13:69:63:8d:6b:49:01:9d:67:37:
d1:b9:91:cc:9d:ca:ae:f4:aa:c7:94:35:fd:53:16:
db:36:fd:4f:53:94:43:cd:29:bd:e0:29:60:c3:95:
92:68:b1:73:68:66:e6:d5:1e:ee:91:46:ea:35:72:
a7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:68:D4:16:39:5F:B7:FA:F1:AD:8B:31:09:7A:48:0C:18:5A:0C:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
7f:bc:05:7b:27:2f:cb:3c:1a:b9:8d:ee:ad:77:ef:70:92:26:
a9:f2:9c:31:9d:4b:11:38:f7:c4:44:a3:4f:74:1e:47:5a:ca:
04:42:26:d7:dd:b9:c8:75:b7:3f:73:3d:10:e0:46:cf:da:3a:
cd:e3:03:a3:fb:33:2c:ce:92:f4:de:50:14:6a:a7:5b:67:e3:
55:39:4b:61:d3:9b:63:bd:2b:c8:40:58:d0:b1:8d:15:e9:7c:
75:cc:60:9b:53:d6:76:eb:86:fe:48:53:6c:ca:eb:1f:60:df:
d5:dc:a5:a4:04:93:b3:ef:0a:1e:59:8d:9d:53:a3:dd:d8:e1:
fe:58:4f:f7:58:1c:cf:7c:a8:65:5a:34:14:3f:52:da:c8:cb:
7e:51:54:67:56:70:cf:ff:f5:b7:e4:90:7d:b0:f4:8a:a4:da:
6b:01:f1:16:40:59:9e:10:d4:c4:73:e9:23:8b:b3:7c:55:ab:
5b:99:a7:48:7b:97:54:0c:9f:62:12:69:54:f8:e4:8c:31:6f:
2d:e7:6f:9b:4e:c5:a5:09:9a:dd:b6:24:e8:e7:bf:ac:17:01:
a1:d9:dc:e4:dd:6f:fc:88:ad:47:a4:f7:6f:e3:e5:9d:3f:93:
cc:29:99:9d:41:51:89:bd:11:83:8c:7c:37:86:82:d7:7c:a3:
ae:46:21:b4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWfVwMY1Hb9Z5Bs2/8+rBZOQU1GcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAxMjBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5NjE5NjAwZmQwZGM3ZGExZGQ3MDI1YTA4MjJkZWY1MWY3MzBiNTcxYzE5
ZTI1ZTM0MzUyN2IwMjBjMmQ4YzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvWoTYoIygXghGzyjMkHK3sUWKCp9NU2mFulO4//KEkTAyNDmYewWpHo3og
aQly8PrJtpCZxrUU4hgPUGvaP8/bBx7CT0FF7FYytD8qrPJaeRIBqz5iXuctv7Zt
uLKturB3uqda6/7JCg5kUgeAfoMr9JTYOL3pkHPAAjnN8qZn/VDN/OVkzhDs6d1O
pP0N2Trz1gggrRXFxQTgdee5sH4R5lqaFhmAxodDUULA9Q6bVwPNfKhsXsOl9g67
K3/H3wNA7EhXKjATaWONa0kBnWc30bmRzJ3KrvSqx5Q1/VMW2zb9T1OUQ80pveAp
YMOVkmixc2hm5tUe7pFG6jVyp2kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQqaNQW
OV+3+vGtizEJekgMGFoM/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDVjNjU5MWMtMWJhMC00NzY5LTllNmEtMTE1NjZmMDA2NjEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAf7wFeycvyzwauY3urXfvcJImqfKcMZ1LETj3
xESjT3QeR1rKBEIm1925yHW3P3M9EOBGz9o6zeMDo/szLM6S9N5QFGqnW2fjVTlL
YdObY70ryEBY0LGNFel8dcxgm1PWduuG/khTbMrrH2Df1dylpASTs+8KHlmNnVOj
3djh/lhP91gcz3yoZVo0FD9S2sjLflFUZ1Zwz//1t+SQfbD0iqTaawHxFkBZnhDU
xHPpI4uzfFWrW5mnSHuXVAyfYhJpVPjkjDFvLedvm07FpQma3bYk6Oe/rBcBodnc
5N1v/IitR6T3b+PlnT+TzCmZnUFRib0Rg4x8N4aC13yjrkYhtA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:25:59 2025 by rpki-client