Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
File: aa679cd8-5924-43d7-8928-c65bc2ec3659.roa (raw, json)
Hash identifier: 2QYiOSDVcGw5XNW9mSNbsYxu6I5OhGD+etMu+RKstBk=
Subject key identifier: 54:C4:5F:8B:FF:37:A1:88:E0:A0:F9:43:E2:BC:9C:38:E4:FF:DE:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 636D36D3D6FA23E56BCBED44B0F494E77DD254DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
Signing time: Fri 26 Sep 2025 19:41:58 +0000
ROA not before: Fri 26 Sep 2025 19:41:58 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:6d:36:d3:d6:fa:23:e5:6b:cb:ed:44:b0:f4:94:e7:7d:d2:54:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:41:58 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=ad166b20ed3279e57f36fe3b59f47b79fcce48f7d45b30922b2726372737492e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:aa:01:e1:cc:99:5a:1d:77:bf:0d:29:4c:09:
04:5c:8d:9d:60:69:c8:ab:4b:7d:23:b1:3b:f2:18:
1c:1a:16:01:cb:e4:5e:c2:b2:20:1d:5a:ba:fe:b0:
f6:59:53:32:16:cc:c6:bb:40:8b:a0:2c:72:51:df:
c6:c5:c2:9c:50:33:06:45:49:42:b4:68:99:61:00:
b6:75:33:5a:5a:e1:1e:1c:ba:51:db:17:ce:36:f6:
09:47:5d:da:1c:62:c9:62:dd:7c:2b:45:a1:6e:df:
91:4b:b0:32:b2:94:05:ca:86:79:52:c3:63:ef:d6:
30:d8:ce:11:a2:3d:6e:d5:eb:1b:74:fa:91:e1:34:
4c:50:16:cf:05:c7:0f:ca:2d:a5:f7:b7:dd:56:d0:
57:d3:97:6b:61:5b:37:ee:ba:34:25:37:d5:9e:d5:
f0:b7:81:53:82:76:e5:da:1f:bc:c4:89:9c:97:51:
90:af:96:1a:c5:dd:be:90:5b:b8:ec:cb:da:31:74:
d6:ae:b0:cd:77:3e:ac:5e:cd:e7:b5:70:0f:50:4f:
a5:21:6c:7b:f9:32:07:be:59:a9:1d:79:e2:27:ba:
85:7c:6b:bd:79:35:89:d5:f6:5d:1e:60:25:fa:6d:
2e:5e:8f:8f:d4:07:c7:be:76:5e:2e:f9:71:9b:4b:
2f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:C4:5F:8B:FF:37:A1:88:E0:A0:F9:43:E2:BC:9C:38:E4:FF:DE:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:c000::/40
Signature Algorithm: sha256WithRSAEncryption
2c:a2:62:b8:13:23:82:99:41:9d:7a:69:10:b0:84:89:e4:1d:
fe:63:b5:5a:21:58:76:03:97:c2:b8:98:37:79:1e:e0:85:74:
40:e9:5c:52:39:db:e4:bd:d2:35:f9:19:e5:ea:7b:4f:b9:a5:
a7:5a:a0:c2:76:af:4e:26:f2:64:ec:ae:29:3e:c6:7d:64:f0:
17:4d:0a:b6:0f:2c:c8:78:dc:49:b1:b1:fe:59:51:d1:ce:4f:
ae:74:e9:ff:03:26:27:83:91:cf:ab:9b:e7:fb:c8:ae:3a:9d:
bd:bf:cc:77:5b:ef:17:ff:85:b9:80:a3:c4:ec:33:80:1c:9b:
c6:cb:48:9d:f0:5f:59:2f:5b:54:61:de:85:eb:44:f9:e0:ac:
2e:6f:5a:dd:5d:f4:6b:d7:af:0f:4a:73:fb:a0:8d:7a:76:f0:
bb:49:20:fb:7e:cc:2c:39:40:b5:5a:21:99:75:7b:8a:74:f7:
d4:b0:f6:ac:44:f4:99:72:26:b6:a3:ef:a8:53:0e:58:22:01:
43:7d:d9:a6:ef:1b:f2:29:86:fd:ee:b4:ba:ce:1c:da:4b:de:
06:44:06:8b:f4:7a:09:18:9a:08:df:81:43:c9:0d:a0:f2:f6:
71:91:35:96:6b:a6:97:76:d5:bd:96:1b:19:b9:f8:63:91:5d:
2a:50:47:7e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY20209b6I+Vry+1EsPSU533SVN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQxNThaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkMTY2YjIwZWQzMjc5ZTU3ZjM2ZmUzYjU5ZjQ3Yjc5ZmNjZTQ4ZjdkNDVi
MzA5MjJiMjcyNjM3MjczNzQ5MmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2qAeHMmVodd78NKUwJBFyNnWBpyKtLfSOxO/IYHBoWAcvkXsKyIB1auv6w
9llTMhbMxrtAi6AsclHfxsXCnFAzBkVJQrRomWEAtnUzWlrhHhy6UdsXzjb2CUdd
2hxiyWLdfCtFoW7fkUuwMrKUBcqGeVLDY+/WMNjOEaI9btXrG3T6keE0TFAWzwXH
D8otpfe33VbQV9OXa2FbN+66NCU31Z7V8LeBU4J25dofvMSJnJdRkK+WGsXdvpBb
uOzL2jF01q6wzXc+rF7N57VwD1BPpSFse/kyB75ZqR154ie6hXxrvXk1idX2XR5g
JfptLl6Pj9QHx752Xi75cZtLL2kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRUxF+L
/zehiOCg+UPivJw45P/exzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWE2NzljZDgtNTkyNC00M2Q3LTg5MjgtYzY1YmMyZWMzNjU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HjA
MA0GCSqGSIb3DQEBCwUAA4IBAQAsomK4EyOCmUGdemkQsISJ5B3+Y7VaIVh2A5fC
uJg3eR7ghXRA6VxSOdvkvdI1+Rnl6ntPuaWnWqDCdq9OJvJk7K4pPsZ9ZPAXTQq2
DyzIeNxJsbH+WVHRzk+udOn/AyYng5HPq5vn+8iuOp29v8x3W+8X/4W5gKPE7DOA
HJvGy0id8F9ZL1tUYd6F60T54Kwub1rdXfRr168PSnP7oI16dvC7SSD7fswsOUC1
WiGZdXuKdPfUsPasRPSZcia2o++oUw5YIgFDfdmm7xvyKYb97rS6zhzaS94GRAaL
9HoJGJoI34FDyQ2g8vZxkTWWa6aXdtW9lhsZufhjkV0qUEd+
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:18:43 2025 by rpki-client