Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
File: aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa (raw, json)
Hash identifier: gaQVAaG03xiY1fzFiLOowBB/sZSHkAT2RWWuKDcHzlc=
Subject key identifier: 54:22:9F:43:69:1C:16:60:26:AF:A1:83:A6:43:6C:93:1E:B9:EE:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 327F6B715271FD2C012F0BF690C238521767BCE9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
Signing time: Mon 16 Jun 2025 19:50:12 +0000
ROA not before: Mon 16 Jun 2025 19:50:12 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:7f:6b:71:52:71:fd:2c:01:2f:0b:f6:90:c2:38:52:17:67:bc:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:50:12 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f2d9c8c6cf006e03859bbe9df1ac498651f919a79e4b5b3338d7905d444be607, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:52:9e:77:2f:8b:ae:a3:80:35:25:e1:2c:59:
34:d5:e9:7b:28:db:c6:0c:7f:40:b6:b5:05:7b:36:
70:61:0b:c2:9c:ce:ad:ba:ce:b6:da:48:d4:35:a0:
30:23:1f:1f:b3:52:95:98:88:74:a1:97:0f:d1:ff:
c9:76:cb:93:f9:bd:c5:a5:60:5a:c0:79:94:45:f7:
ea:b9:e8:78:af:d3:63:fa:c3:82:10:f2:3e:7e:01:
1d:4a:67:e9:13:7b:a5:15:cd:d9:dc:cb:d2:f7:8c:
9f:60:1b:e0:b1:c2:6f:96:c6:0b:f7:e5:10:f8:d0:
ff:6f:3e:14:24:2a:32:1d:8b:99:32:d7:26:a2:fe:
91:d3:83:7c:fe:3c:b7:c7:cd:14:1b:99:f0:bb:04:
45:37:13:15:f5:3c:63:a1:cc:90:9e:7e:61:a9:ea:
56:70:ff:bc:72:3f:0d:e0:e8:76:76:3b:b7:d9:02:
10:c3:f9:6f:2a:25:e2:cb:06:b7:e5:5d:1f:83:ba:
86:97:0a:0d:7b:1d:1a:98:f9:73:cf:56:77:f8:32:
f6:5c:9a:53:ee:81:64:1d:2e:93:03:6c:30:27:fd:
2c:9d:ac:63:42:7c:d1:34:8d:e6:01:a9:9a:fc:33:
27:26:4d:eb:43:b9:77:25:95:d4:1e:fb:91:0d:72:
55:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:22:9F:43:69:1C:16:60:26:AF:A1:83:A6:43:6C:93:1E:B9:EE:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a080::/48
Signature Algorithm: sha256WithRSAEncryption
76:91:00:68:ce:3b:c2:b7:ff:c4:59:c4:d1:42:e0:0b:d2:3e:
ef:90:16:94:fb:ce:97:02:c1:d6:09:ba:c9:6c:fd:34:31:08:
d5:db:43:a3:93:14:2d:bf:62:32:a5:54:84:15:c5:42:ab:16:
2a:9d:c4:61:e4:18:61:79:05:29:fd:76:43:3f:6d:bf:16:ab:
63:d8:ff:13:8e:3c:7d:c8:23:7f:77:00:f9:bf:3c:56:ae:1a:
0b:df:bb:71:59:98:5f:03:1b:ef:f7:56:99:b4:b3:d7:cd:d3:
44:98:cf:2b:e9:80:29:e0:f8:b0:14:e0:b9:c5:df:77:d5:31:
a2:45:aa:48:7e:a7:bd:27:6f:52:b6:30:14:0f:cd:aa:f1:65:
e0:77:46:e1:8f:31:98:03:4a:0d:62:d3:f8:4f:1e:5c:31:cc:
fc:2c:d9:10:b5:7c:84:3e:bf:02:d8:d9:94:e0:b6:42:34:d8:
05:41:1b:40:a4:c8:4b:75:fb:a1:85:e5:cd:eb:16:bf:60:ae:
e6:49:47:3b:59:00:07:5e:4f:2a:06:5a:99:61:70:33:de:59:
6c:9d:70:69:81:cb:ae:77:8b:c8:e6:df:66:55:79:a1:f4:f5:
b7:af:7b:4a:ad:26:45:6d:4e:74:f1:36:68:e3:db:fe:b0:81:
ba:07:b8:fc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMn9rcVJx/SwBLwv2kMI4UhdnvOkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUwMTJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyZDljOGM2Y2YwMDZlMDM4NTliYmU5ZGYxYWM0OTg2NTFmOTE5YTc5ZTRi
NWIzMzM4ZDc5MDVkNDQ0YmU2MDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANhSnncvi66jgDUl4SxZNNXpeyjbxgx/QLa1BXs2cGELwpzOrbrOttpI1DWg
MCMfH7NSlZiIdKGXD9H/yXbLk/m9xaVgWsB5lEX36rnoeK/TY/rDghDyPn4BHUpn
6RN7pRXN2dzL0veMn2Ab4LHCb5bGC/flEPjQ/28+FCQqMh2LmTLXJqL+kdODfP48
t8fNFBuZ8LsERTcTFfU8Y6HMkJ5+YanqVnD/vHI/DeDodnY7t9kCEMP5byol4ssG
t+VdH4O6hpcKDXsdGpj5c89Wd/gy9lyaU+6BZB0ukwNsMCf9LJ2sY0J80TSN5gGp
mvwzJyZN60O5dyWV1B77kQ1yVecCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRUIp9D
aRwWYCavoYOmQ2yTHrnuaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWFkZGYyZGUtZmEwNS00YzVkLThiNzctNThhM2QzMTJlMmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
gDANBgkqhkiG9w0BAQsFAAOCAQEAdpEAaM47wrf/xFnE0ULgC9I+75AWlPvOlwLB
1gm6yWz9NDEI1dtDo5MULb9iMqVUhBXFQqsWKp3EYeQYYXkFKf12Qz9tvxarY9j/
E448fcgjf3cA+b88Vq4aC9+7cVmYXwMb7/dWmbSz183TRJjPK+mAKeD4sBTgucXf
d9UxokWqSH6nvSdvUrYwFA/NqvFl4HdG4Y8xmANKDWLT+E8eXDHM/CzZELV8hD6/
AtjZlOC2QjTYBUEbQKTIS3X7oYXlzesWv2Cu5klHO1kAB15PKgZamWFwM95ZbJ1w
aYHLrneLyObfZlV5ofT1t697Sq0mRW1OdPE2aOPb/rCBuge4/A==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:30:20 2025 by rpki-client