Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
File: aa679cd8-5924-43d7-8928-c65bc2ec3659.roa (raw, json)
Hash identifier: Q1wnxag82vF/MkHkvyd1DP/tC/Q70dk2Mbd1RqviL0I=
Subject key identifier: 5A:A3:B8:E4:AB:33:E6:75:C9:C6:0D:62:48:01:6B:93:67:39:DB:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A4CACD3819B9219AB52E28197E1648E7AFE5C49
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
Signing time: Mon 01 Sep 2025 20:50:56 +0000
ROA not before: Mon 01 Sep 2025 20:50:56 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:4c:ac:d3:81:9b:92:19:ab:52:e2:81:97:e1:64:8e:7a:fe:5c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:56 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=cce8796363a226a83fb9d3b86e2f424ed802aee11bb1e1e938a672a48ca77003, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ca:87:fa:6e:57:10:73:4a:ea:e3:ed:3a:af:
61:06:0c:ef:b5:e1:00:5b:18:b8:c9:7d:c7:07:f3:
9c:1b:db:1e:e1:d3:49:4e:36:5e:e0:52:89:18:e0:
77:cf:61:e2:c1:0f:0d:fa:95:72:dd:64:34:7a:dd:
93:5c:7c:6b:ac:b7:b9:be:a8:3d:7a:55:d3:3b:44:
7a:b7:68:f9:5e:f9:ff:81:9f:76:80:66:f3:b8:8b:
b5:de:f2:3d:e2:b3:20:95:b7:f9:67:43:3d:1d:c0:
da:87:38:73:17:f4:76:44:09:eb:85:6b:6d:98:02:
71:29:aa:ef:44:0d:c3:d4:6c:c7:33:ff:cd:0a:17:
ad:cf:0a:52:1a:de:3d:51:2b:02:ec:35:0b:32:bb:
c0:83:b8:5c:c4:c3:3f:43:ca:40:ad:6e:54:f1:5c:
06:2b:13:25:be:93:41:9e:fb:53:14:8e:5b:88:72:
11:fd:f8:d6:94:1c:ea:63:ce:34:04:1f:9c:bd:e4:
20:80:4c:6b:ba:c1:be:fb:c4:6a:2d:a0:77:5c:a0:
e8:85:eb:34:ba:23:35:4b:ec:49:a8:9d:dc:d7:c8:
96:3f:e2:62:91:54:b3:55:84:ec:32:43:b3:16:b0:
6c:fc:d5:98:09:93:bd:a2:2b:ad:12:24:ef:c3:50:
f9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:A3:B8:E4:AB:33:E6:75:C9:C6:0D:62:48:01:6B:93:67:39:DB:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:c000::/40
Signature Algorithm: sha256WithRSAEncryption
53:20:70:e5:b7:f8:fd:39:62:a3:5c:01:92:c6:bb:cd:95:0e:
5b:2c:16:68:c9:f6:3d:da:86:01:b6:1e:a0:49:c7:f0:a9:92:
a7:f8:df:1f:16:25:4f:de:01:05:27:42:0a:8e:30:2a:0a:d9:
50:75:de:d8:dc:8e:16:0f:41:e7:82:e9:6b:46:6a:a5:ec:3c:
3d:18:3b:71:d9:fe:d2:2f:70:bb:59:a2:53:57:d0:a4:28:db:
f2:e5:f6:2a:25:af:96:a5:45:b2:f5:6b:76:88:a2:37:89:f5:
67:75:4c:b0:56:b8:80:d0:82:5e:dc:a3:f5:f0:eb:89:22:ae:
e5:95:49:ac:6f:fc:7c:a8:04:77:d5:dd:c5:d1:26:28:4f:70:
09:48:ab:12:53:05:39:b1:e8:3d:dc:48:55:45:50:be:a4:16:
48:f3:8c:e8:ae:1f:5d:d1:8f:c9:ca:ef:7f:ed:af:13:b7:41:
b1:e9:34:c3:23:6b:2c:ca:83:9a:b9:32:d8:27:90:00:60:1d:
10:40:f3:53:81:4c:eb:38:db:9d:74:7b:26:33:f4:ba:ca:67:
9c:c8:d6:56:20:1c:15:b9:ca:64:69:2f:26:44:13:71:9f:a6:
54:37:a9:36:dc:54:db:e9:33:3f:43:d9:61:14:2c:7d:40:08:
59:6c:30:a3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCkys04GbkhmrUuKBl+Fkjnr+XEkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwNTZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjZTg3OTYzNjNhMjI2YTgzZmI5ZDNiODZlMmY0MjRlZDgwMmFlZTExYmIx
ZTFlOTM4YTY3MmE0OGNhNzcwMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7Kh/puVxBzSurj7TqvYQYM77XhAFsYuMl9xwfznBvbHuHTSU42XuBSiRjg
d89h4sEPDfqVct1kNHrdk1x8a6y3ub6oPXpV0ztEerdo+V75/4GfdoBm87iLtd7y
PeKzIJW3+WdDPR3A2oc4cxf0dkQJ64VrbZgCcSmq70QNw9RsxzP/zQoXrc8KUhre
PVErAuw1CzK7wIO4XMTDP0PKQK1uVPFcBisTJb6TQZ77UxSOW4hyEf341pQc6mPO
NAQfnL3kIIBMa7rBvvvEai2gd1yg6IXrNLojNUvsSaid3NfIlj/iYpFUs1WE7DJD
sxawbPzVmAmTvaIrrRIk78NQ+fkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRao7jk
qzPmdcnGDWJIAWuTZznbBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWE2NzljZDgtNTkyNC00M2Q3LTg5MjgtYzY1YmMyZWMzNjU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HjA
MA0GCSqGSIb3DQEBCwUAA4IBAQBTIHDlt/j9OWKjXAGSxrvNlQ5bLBZoyfY92oYB
th6gScfwqZKn+N8fFiVP3gEFJ0IKjjAqCtlQdd7Y3I4WD0HngulrRmql7Dw9GDtx
2f7SL3C7WaJTV9CkKNvy5fYqJa+WpUWy9Wt2iKI3ifVndUywVriA0IJe3KP18OuJ
Iq7llUmsb/x8qAR31d3F0SYoT3AJSKsSUwU5seg93EhVRVC+pBZI84zorh9d0Y/J
yu9/7a8Tt0Gx6TTDI2ssyoOauTLYJ5AAYB0QQPNTgUzrONuddHsmM/S6ymecyNZW
IBwVucpkaS8mRBNxn6ZUN6k23FTb6TM/Q9lhFCx9QAhZbDCj
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:02 2025 by rpki-client