Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
File: 889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa (raw, json)
Hash identifier: dGbf70G/bRGYWSMEe5kXrHNb7/0wvLpEDb2XYg+lO/w=
Subject key identifier: 29:FD:92:9F:04:9B:D3:F1:98:FD:08:0B:88:5A:CF:61:1C:FE:8F:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 646E067513626CD040EDA4D268ACB97AA9516CE9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
Signing time: Tue 21 Oct 2025 13:40:30 +0000
ROA not before: Tue 21 Oct 2025 13:40:30 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:6e:06:75:13:62:6c:d0:40:ed:a4:d2:68:ac:b9:7a:a9:51:6c:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:40:30 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=8e47513d486e27df50fe652d87df4bd13fccab5802eda7f454898af9cd3dd2ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:be:bc:ad:82:a6:9e:c6:c2:4e:10:5e:de:c2:
bb:b8:b6:0d:e2:e5:a5:51:fa:fa:b7:ee:ff:c5:a8:
31:80:1f:a4:4d:79:6f:5d:9a:3f:55:00:1d:f6:ef:
1c:30:ad:ed:3f:7a:51:46:e6:60:cb:12:84:8b:d2:
23:43:06:9f:e3:0c:c8:32:17:d6:c0:b8:f4:5c:4d:
f2:4a:5f:b8:a7:a3:b6:58:54:2e:21:38:67:e4:28:
20:c9:47:11:53:4f:32:ec:82:14:03:c8:cd:12:b1:
b2:d1:cd:02:fc:d4:f0:93:8f:12:94:7c:82:90:bd:
85:87:76:a2:a6:e2:5e:77:9c:66:e2:99:66:a3:45:
81:c8:4e:1f:eb:16:7d:df:c1:49:46:4f:ae:8a:0b:
b1:3f:43:ac:62:6b:9a:5c:a4:07:15:75:fb:f0:79:
65:e7:30:8d:e9:02:8a:b2:c9:dc:d2:fa:56:a9:9b:
b6:f0:40:22:a6:09:88:0e:e1:1a:89:a8:13:7c:ad:
94:a7:2a:95:2c:98:8b:82:b6:7f:9d:51:45:63:41:
08:a4:c2:4f:22:14:5e:84:51:8d:f9:dc:ea:2b:e6:
52:3b:16:57:3a:4e:a9:0b:ed:ad:09:90:40:bb:34:
82:07:69:f3:5f:9a:2a:22:bb:7c:e8:d6:6e:09:02:
d3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:FD:92:9F:04:9B:D3:F1:98:FD:08:0B:88:5A:CF:61:1C:FE:8F:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:800::/38
Signature Algorithm: sha256WithRSAEncryption
c6:b3:a4:4f:ea:da:05:15:1c:ea:80:65:79:ef:54:fa:4c:c9:
4f:1b:f4:b9:c3:eb:31:4f:40:05:38:5f:5c:e9:7a:53:65:26:
17:0a:af:42:24:fb:72:95:cd:57:3c:da:3f:d9:3d:36:a8:4b:
22:c8:cd:b2:1d:99:7a:f2:be:8e:d3:a3:70:95:53:28:52:2c:
cb:60:6b:c9:8a:ac:29:df:41:54:80:53:67:52:c7:c6:5a:5c:
ca:4c:21:45:88:86:5b:bb:06:8f:97:d1:97:ea:ad:c7:73:fd:
5c:ef:a3:76:83:01:07:c7:ea:2a:a2:b2:6f:55:34:ed:67:7b:
2f:ec:de:39:de:5a:10:b9:7b:29:23:4b:c0:b4:d2:26:07:e1:
2e:4b:f8:d6:48:6a:c3:a7:9b:4b:61:c0:10:8c:ae:a2:37:00:
27:d4:51:df:ed:2c:a4:d6:bc:17:cb:95:14:e6:b7:9b:30:48:
e9:d8:62:3b:a7:79:c6:1b:c7:b3:97:3c:33:66:3c:af:30:b3:
a1:59:85:da:a9:16:55:25:3f:00:68:fd:78:52:44:28:51:c3:
72:05:14:56:dd:40:27:4f:bf:3f:9e:89:4d:5d:c7:56:57:63:
dd:0b:ff:3d:bc:7d:53:bc:21:64:50:57:29:55:4a:4c:08:01:
27:d7:a5:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZG4GdRNibNBA7aTSaKy5eqlRbOkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzQwMzBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlNDc1MTNkNDg2ZTI3ZGY1MGZlNjUyZDg3ZGY0YmQxM2ZjY2FiNTgwMmVk
YTdmNDU0ODk4YWY5Y2QzZGQyZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALG+vK2Cpp7Gwk4QXt7Cu7i2DeLlpVH6+rfu/8WoMYAfpE15b12aP1UAHfbv
HDCt7T96UUbmYMsShIvSI0MGn+MMyDIX1sC49FxN8kpfuKejtlhULiE4Z+QoIMlH
EVNPMuyCFAPIzRKxstHNAvzU8JOPEpR8gpC9hYd2oqbiXnecZuKZZqNFgchOH+sW
fd/BSUZProoLsT9DrGJrmlykBxV1+/B5ZecwjekCirLJ3NL6VqmbtvBAIqYJiA7h
GomoE3ytlKcqlSyYi4K2f51RRWNBCKTCTyIUXoRRjfnc6ivmUjsWVzpOqQvtrQmQ
QLs0ggdp81+aKiK7fOjWbgkC06kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQp/ZKf
BJvT8Zj9CAuIWs9hHP6P8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg5YTE5YzctYWQ5Ny00M2FkLThlMWUtZGQ5ZDVjY2NkNjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwI
MA0GCSqGSIb3DQEBCwUAA4IBAQDGs6RP6toFFRzqgGV571T6TMlPG/S5w+sxT0AF
OF9c6XpTZSYXCq9CJPtylc1XPNo/2T02qEsiyM2yHZl68r6O06NwlVMoUizLYGvJ
iqwp30FUgFNnUsfGWlzKTCFFiIZbuwaPl9GX6q3Hc/1c76N2gwEHx+oqorJvVTTt
Z3sv7N453loQuXspI0vAtNImB+EuS/jWSGrDp5tLYcAQjK6iNwAn1FHf7Syk1rwX
y5UU5rebMEjp2GI7p3nGG8ezlzwzZjyvMLOhWYXaqRZVJT8AaP14UkQoUcNyBRRW
3UAnT78/nolNXcdWV2PdC/89vH1TvCFkUFcpVUpMCAEn16Wc
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:14 2025 by rpki-client