Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
File: aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa (raw, json)
Hash identifier: GS2ZqFDM/53OnPJtIUV/IIUJjjm4PWDgEhVQ5M4FHt8=
Subject key identifier: 5C:2D:22:15:DC:AE:C3:06:38:9D:8F:46:9A:93:F8:87:5D:94:4B:E9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35A404FCA392403657DE7141E9FD808AB5C486C1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
Signing time: Tue 05 Aug 2025 19:00:55 +0000
ROA not before: Tue 05 Aug 2025 19:00:55 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:a4:04:fc:a3:92:40:36:57:de:71:41:e9:fd:80:8a:b5:c4:86:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:00:55 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4f8211def16b8540a6012ddce8cb3ab2a0219f1d204520c240295691d057f09d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6d:50:60:53:86:df:6b:63:0d:a5:eb:40:6b:
5e:f2:0a:19:14:0a:7e:4f:e4:45:bd:8b:9d:86:20:
5c:27:47:cf:f3:39:52:2c:ce:5d:ce:14:bb:03:90:
cf:99:6f:35:92:ba:16:b2:0c:9d:d0:1a:ef:a2:4c:
82:2a:c0:72:f5:f3:f3:b8:6e:dc:ad:03:c4:df:12:
32:b0:96:42:59:40:fc:41:04:e1:f2:f0:dd:ed:bd:
6a:2f:ab:b7:05:d7:d2:d3:05:31:ba:db:9f:fa:da:
81:e7:4e:06:02:8d:9e:d3:d1:a1:e8:16:1d:37:e2:
19:62:05:63:00:74:cc:f7:3c:5b:e6:e6:2c:e2:69:
f0:f9:59:4c:cd:72:e6:c9:47:2a:72:11:76:e3:35:
4b:2d:c1:bd:12:e2:e1:97:ef:7f:50:c2:29:78:a4:
70:e0:4e:99:2e:df:3e:60:5d:0c:01:39:5f:ca:a7:
86:46:02:e3:74:cc:a7:6c:78:3a:f0:88:7d:78:4e:
7b:60:7c:3b:ff:00:63:63:e3:61:8a:fd:07:c0:82:
7a:0f:29:41:02:6e:41:3e:ac:e8:66:51:18:17:41:
94:89:ba:88:49:28:4b:13:5c:c0:5a:f0:94:64:d2:
9c:81:50:dd:d4:06:95:58:8a:22:2f:56:dd:bd:12:
d4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:2D:22:15:DC:AE:C3:06:38:9D:8F:46:9A:93:F8:87:5D:94:4B:E9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a080::/48
Signature Algorithm: sha256WithRSAEncryption
2d:dc:08:6e:d8:b3:1c:91:fb:31:7b:fc:ff:2c:26:c5:15:48:
fe:44:87:49:0b:95:26:62:22:50:a4:fd:72:e0:8f:af:57:c8:
36:62:11:9f:17:96:57:a4:62:a1:f9:11:88:60:19:0b:43:65:
09:61:25:da:73:60:77:0b:e7:37:30:2b:14:65:df:47:47:c4:
be:cb:2e:2d:43:47:78:4c:f0:cf:3e:e2:9e:64:ea:ba:4c:aa:
d9:cc:21:dd:89:7c:84:13:5a:cf:c1:87:37:cf:e8:47:f5:2e:
26:ca:ad:79:de:f9:0e:25:66:29:55:dc:6f:16:b4:7b:42:d3:
f2:93:0f:d7:18:8f:86:29:f5:7a:e8:43:55:00:85:67:08:b6:
1d:dd:09:86:46:af:a0:7f:a6:ed:f1:13:ba:a0:40:ec:f1:20:
c5:db:14:ec:40:e0:25:d0:6c:64:75:9f:06:c3:c1:09:2f:9e:
d8:61:e3:a7:16:aa:28:90:f6:5a:aa:e5:eb:81:31:fa:a1:82:
37:b0:51:c6:93:4f:c5:78:01:4b:09:97:89:d4:e0:a6:8d:fe:
46:d7:92:e4:e5:ab:67:a2:df:cf:4e:8d:d1:1e:59:3f:eb:7c:
3b:24:be:c4:79:f5:85:eb:da:16:c0:c9:80:cf:f6:35:4f:c9:
cf:3a:42:47
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNaQE/KOSQDZX3nFB6f2AirXEhsEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAwNTVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmODIxMWRlZjE2Yjg1NDBhNjAxMmRkY2U4Y2IzYWIyYTAyMTlmMWQyMDQ1
MjBjMjQwMjk1NjkxZDA1N2YwOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxtUGBTht9rYw2l60BrXvIKGRQKfk/kRb2LnYYgXCdHz/M5UizOXc4UuwOQ
z5lvNZK6FrIMndAa76JMgirAcvXz87hu3K0DxN8SMrCWQllA/EEE4fLw3e29ai+r
twXX0tMFMbrbn/ragedOBgKNntPRoegWHTfiGWIFYwB0zPc8W+bmLOJp8PlZTM1y
5slHKnIRduM1Sy3BvRLi4Zfvf1DCKXikcOBOmS7fPmBdDAE5X8qnhkYC43TMp2x4
OvCIfXhOe2B8O/8AY2PjYYr9B8CCeg8pQQJuQT6s6GZRGBdBlIm6iEkoSxNcwFrw
lGTSnIFQ3dQGlViKIi9W3b0S1C8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRcLSIV
3K7DBjidj0aak/iHXZRL6TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWFkZGYyZGUtZmEwNS00YzVkLThiNzctNThhM2QzMTJlMmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
gDANBgkqhkiG9w0BAQsFAAOCAQEALdwIbtizHJH7MXv8/ywmxRVI/kSHSQuVJmIi
UKT9cuCPr1fINmIRnxeWV6RiofkRiGAZC0NlCWEl2nNgdwvnNzArFGXfR0fEvssu
LUNHeEzwzz7inmTqukyq2cwh3Yl8hBNaz8GHN8/oR/UuJsqted75DiVmKVXcbxa0
e0LT8pMP1xiPhin1euhDVQCFZwi2Hd0JhkavoH+m7fETuqBA7PEgxdsU7EDgJdBs
ZHWfBsPBCS+e2GHjpxaqKJD2Wqrl64Ex+qGCN7BRxpNPxXgBSwmXidTgpo3+RteS
5OWrZ6Lfz06N0R5ZP+t8OyS+xHn1hevaFsDJgM/2NU/JzzpCRw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:25 2025 by rpki-client