Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa
File: 45c6591c-1ba0-4769-9e6a-11566f006613.roa (raw, json)
Hash identifier: wpcn6qqSqofJ1XwdniKWQ4jpxeioD2HQbIGmQC6erEo=
Subject key identifier: 62:0A:C4:4E:D3:16:DE:AE:DF:5F:0C:E9:45:B9:D1:3F:D4:D1:27:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 415AE9B5EF97FA47A882A594C797411C6B0DD3FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa
Signing time: Tue 05 Aug 2025 19:00:09 +0000
ROA not before: Tue 05 Aug 2025 19:00:09 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:5a:e9:b5:ef:97:fa:47:a8:82:a5:94:c7:97:41:1c:6b:0d:d3:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:00:09 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=3da425351cfc05f620d04acf336477246e5f547744da437a851213558a61b4e3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3e:d3:24:8b:ae:27:c6:02:1b:cb:f7:d3:e5:
2f:28:52:31:47:b8:cf:a3:4c:59:4f:6b:f2:9b:4b:
f3:eb:ba:80:37:72:65:33:d3:68:13:e2:b9:b6:ae:
1f:98:6d:20:c6:e4:a8:97:f0:bd:67:6d:bc:e6:08:
d0:62:40:9f:32:d3:dc:3c:8b:2b:8d:e6:4e:32:f3:
c0:78:10:f0:dd:e2:32:7d:38:a9:44:51:13:72:7d:
05:71:93:62:4a:a8:27:58:73:8c:3a:c2:9b:7f:60:
a4:00:4f:a0:c5:86:6d:c8:49:96:00:03:ba:24:16:
b2:cb:a5:c4:f0:1a:22:2f:de:90:a1:d6:87:99:de:
2d:ea:3b:5d:59:ab:f2:54:77:b3:05:80:90:2e:3e:
f1:11:a1:6d:18:ad:b4:cc:51:8b:80:f9:39:3d:76:
53:e9:2f:35:0f:4b:83:bb:55:a7:c6:71:bf:de:be:
17:ee:00:36:c0:49:02:bd:65:46:9a:75:8a:90:6a:
0b:f3:87:8a:04:73:80:18:f2:44:cb:d0:06:97:ed:
e1:01:cb:a0:31:39:cf:7b:e2:9d:79:c7:f3:d5:7f:
ac:d4:6a:df:20:0f:d1:6b:1d:16:f7:52:87:95:9c:
d6:26:92:99:cb:7a:7c:e9:e3:c9:80:aa:64:db:60:
c2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0A:C4:4E:D3:16:DE:AE:DF:5F:0C:E9:45:B9:D1:3F:D4:D1:27:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
8e:25:77:37:44:74:a0:0f:d9:43:e5:bc:34:07:75:ba:62:fb:
51:5a:db:82:01:8f:dd:bf:7e:a1:f7:8e:4b:03:e6:02:85:26:
cb:bc:2e:52:ca:65:44:cf:de:f7:61:c4:ab:f0:af:eb:9e:e0:
ca:e3:36:3a:2b:22:05:e0:82:f9:02:68:5a:ee:c2:3c:9b:f3:
9b:ef:2f:4a:78:9b:a1:26:ad:70:33:f6:dd:11:d1:15:54:59:
10:fe:2f:db:5f:93:24:fc:2d:f3:2a:98:0d:73:b1:83:8f:d6:
66:38:1f:62:68:e4:7c:31:d5:54:c9:72:79:56:53:5c:7d:bb:
56:b8:65:9b:34:13:d4:b8:cb:ee:83:fc:c7:1d:b1:c7:99:43:
e2:94:30:67:06:ac:7b:20:7e:ba:99:0e:36:68:61:ac:95:fe:
ce:95:be:60:a6:90:09:8a:aa:59:9d:e6:43:6e:42:d3:b1:3b:
1f:4d:4e:5e:4a:c1:2c:49:38:d4:96:45:9b:e3:bc:76:12:17:
9b:b5:73:43:a9:82:46:8d:9e:3d:5a:61:f7:ab:ce:2f:84:4e:
54:04:76:7f:69:e4:4e:60:4b:67:44:60:21:82:be:0c:9a:b8:
a8:17:f6:b9:1f:fc:26:a3:55:be:65:60:40:6d:41:eb:fb:90:
bb:9f:d9:36
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQVrpte+X+keogqWUx5dBHGsN0/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAwMDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkYTQyNTM1MWNmYzA1ZjYyMGQwNGFjZjMzNjQ3NzI0NmU1ZjU0Nzc0NGRh
NDM3YTg1MTIxMzU1OGE2MWI0ZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKU+0ySLrifGAhvL99PlLyhSMUe4z6NMWU9r8ptL8+u6gDdyZTPTaBPiubau
H5htIMbkqJfwvWdtvOYI0GJAnzLT3DyLK43mTjLzwHgQ8N3iMn04qURRE3J9BXGT
YkqoJ1hzjDrCm39gpABPoMWGbchJlgADuiQWssulxPAaIi/ekKHWh5neLeo7XVmr
8lR3swWAkC4+8RGhbRittMxRi4D5OT12U+kvNQ9Lg7tVp8Zxv96+F+4ANsBJAr1l
Rpp1ipBqC/OHigRzgBjyRMvQBpft4QHLoDE5z3vinXnH89V/rNRq3yAP0WsdFvdS
h5Wc1iaSmct6fOnjyYCqZNtgwjMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRiCsRO
0xbert9fDOlFudE/1NEnpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDVjNjU5MWMtMWJhMC00NzY5LTllNmEtMTE1NjZmMDA2NjEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAjiV3N0R0oA/ZQ+W8NAd1umL7UVrbggGP3b9+
ofeOSwPmAoUmy7wuUsplRM/e92HEq/Cv657gyuM2OisiBeCC+QJoWu7CPJvzm+8v
SniboSatcDP23RHRFVRZEP4v21+TJPwt8yqYDXOxg4/WZjgfYmjkfDHVVMlyeVZT
XH27VrhlmzQT1LjL7oP8xx2xx5lD4pQwZwaseyB+upkONmhhrJX+zpW+YKaQCYqq
WZ3mQ25C07E7H01OXkrBLEk41JZFm+O8dhIXm7VzQ6mCRo2ePVph96vOL4ROVAR2
f2nkTmBLZ0RgIYK+DJq4qBf2uR/8JqNVvmVgQG1B6/uQu5/ZNg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:55:22 2025 by rpki-client