Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
File: aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa (raw, json)
Hash identifier: r6FVyIIol/wVAXj2XS7khuhHDSUO+PUnee2q5tl+rVo=
Subject key identifier: EA:E2:01:B0:0C:BE:59:A6:DE:44:A9:BF:7B:41:C3:E8:3B:0E:DA:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 600F991A874C7FBEB50D13CE0D01834A2245D02D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
Signing time: Tue 21 Oct 2025 13:40:46 +0000
ROA not before: Tue 21 Oct 2025 13:40:46 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:0f:99:1a:87:4c:7f:be:b5:0d:13:ce:0d:01:83:4a:22:45:d0:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:40:46 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=5dd72aeb18152c1c8a9f6b88b72942b89abf3c898f400c5c7b486f0b4cf6827a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e4:25:f7:8a:35:78:4a:94:64:e6:8b:47:dc:
e8:6b:f4:89:55:d5:87:cd:bb:b8:de:e2:ae:41:2a:
b9:be:e4:90:16:b1:89:8b:c1:c0:13:15:c5:70:34:
b7:5d:21:97:7e:45:b3:f5:2c:6a:6e:ca:2d:67:0a:
5d:fb:73:29:4e:4d:ab:83:30:b4:5f:3b:6c:6a:f3:
49:ac:e0:33:49:36:10:ac:5a:24:d1:b9:e6:3a:e3:
4d:33:ec:69:a3:f8:37:7a:41:74:bd:61:97:61:a0:
b4:6e:f3:74:d2:b6:5a:14:b5:38:59:76:5f:5c:8b:
5a:7d:37:64:9a:d5:f2:28:f0:64:e7:b0:ff:fa:64:
63:36:19:dd:ad:c8:45:4b:f3:83:08:c4:dd:d0:5b:
24:ce:77:78:a5:41:85:5e:17:8a:d3:f9:0d:fa:9c:
da:cb:71:b6:65:82:bd:35:01:61:3e:70:a3:14:73:
1e:d9:d8:c9:a8:38:07:fd:f6:fe:7c:09:52:f5:ec:
ae:6a:65:e1:57:27:72:77:7d:27:a6:4c:51:f6:07:
62:a7:96:d8:be:d7:bd:4b:37:9b:a5:3a:1f:47:85:
50:79:75:94:aa:27:9d:00:3b:45:cd:d8:aa:af:64:
aa:ac:c6:2f:70:82:47:15:c5:7d:c4:ff:20:73:b2:
af:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:E2:01:B0:0C:BE:59:A6:DE:44:A9:BF:7B:41:C3:E8:3B:0E:DA:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a080::/48
Signature Algorithm: sha256WithRSAEncryption
0c:ac:90:e0:5d:23:4b:14:c2:20:8c:69:8d:9a:f6:81:af:5d:
57:b7:0b:66:61:ae:b9:77:c7:55:c1:7f:c8:db:3d:b9:92:2c:
74:9e:98:49:ef:1e:32:4b:c1:1b:a3:a3:e6:f7:56:8d:e6:e4:
77:41:23:b3:09:52:5e:73:8d:95:7e:2d:e5:63:50:cf:64:4f:
4a:e7:25:4f:fe:13:c6:2a:58:cf:2a:ff:44:bf:4f:c4:f0:85:
d6:15:be:95:a1:ca:9b:bc:85:2f:f9:45:2d:02:2f:04:ed:2c:
a0:98:74:5b:73:32:38:16:5c:15:20:a2:28:5e:b8:a1:a3:18:
0e:77:d9:59:f3:8e:c0:7f:24:84:c6:23:c4:95:44:c1:0f:26:
60:09:eb:01:d2:c7:0b:58:54:fa:b5:e6:e6:23:8e:77:2b:b9:
f0:07:a5:1a:18:a8:98:2b:c7:46:30:eb:7e:9e:a3:75:e3:01:
ec:64:28:c2:81:32:bf:39:7f:0e:6c:41:f8:76:38:58:23:22:
d9:6e:f1:d1:8c:7d:c3:9c:58:bf:cd:0e:f7:89:09:d1:a8:9d:
73:5d:3c:75:41:4a:95:c2:f9:87:c1:05:08:65:da:91:b0:ac:
07:f4:76:b8:d9:5a:7d:59:62:25:00:71:65:07:49:b4:58:f1:
83:2a:fa:39
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYA+ZGodMf761DRPODQGDSiJF0C0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzQwNDZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkZDcyYWViMTgxNTJjMWM4YTlmNmI4OGI3Mjk0MmI4OWFiZjNjODk4ZjQw
MGM1YzdiNDg2ZjBiNGNmNjgyN2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3kJfeKNXhKlGTmi0fc6Gv0iVXVh827uN7irkEqub7kkBaxiYvBwBMVxXA0
t10hl35Fs/Usam7KLWcKXftzKU5Nq4MwtF87bGrzSazgM0k2EKxaJNG55jrjTTPs
aaP4N3pBdL1hl2GgtG7zdNK2WhS1OFl2X1yLWn03ZJrV8ijwZOew//pkYzYZ3a3I
RUvzgwjE3dBbJM53eKVBhV4XitP5Dfqc2stxtmWCvTUBYT5woxRzHtnYyag4B/32
/nwJUvXsrmpl4Vcncnd9J6ZMUfYHYqeW2L7XvUs3m6U6H0eFUHl1lKonnQA7Rc3Y
qq9kqqzGL3CCRxXFfcT/IHOyr+ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTq4gGw
DL5Zpt5Eqb97QcPoOw7aiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWFkZGYyZGUtZmEwNS00YzVkLThiNzctNThhM2QzMTJlMmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
gDANBgkqhkiG9w0BAQsFAAOCAQEADKyQ4F0jSxTCIIxpjZr2ga9dV7cLZmGuuXfH
VcF/yNs9uZIsdJ6YSe8eMkvBG6Oj5vdWjebkd0EjswlSXnONlX4t5WNQz2RPSucl
T/4TxipYzyr/RL9PxPCF1hW+laHKm7yFL/lFLQIvBO0soJh0W3MyOBZcFSCiKF64
oaMYDnfZWfOOwH8khMYjxJVEwQ8mYAnrAdLHC1hU+rXm5iOOdyu58AelGhiomCvH
RjDrfp6jdeMB7GQowoEyvzl/DmxB+HY4WCMi2W7x0Yx9w5xYv80O94kJ0aidc108
dUFKlcL5h8EFCGXakbCsB/R2uNlafVliJQBxZQdJtFjxgyr6OQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:32 2025 by rpki-client