Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
File: 889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa (raw, json)
Hash identifier: bo9QnzRJx5Bd2AQgr42AGkxtLGPO7nZySrsB7+/Q7IM=
Subject key identifier: DC:61:6C:84:23:8E:A7:96:20:53:3B:43:9D:DE:27:B0:8D:C3:C8:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 677E1E9C492A49A219BB7248E74CD3B4C849CE9E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
Signing time: Mon 01 Sep 2025 21:10:10 +0000
ROA not before: Mon 01 Sep 2025 21:10:10 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:7e:1e:9c:49:2a:49:a2:19:bb:72:48:e7:4c:d3:b4:c8:49:ce:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:10:10 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=70bfdba8f72a135aca97933ba72db63202ebec37fd3ad7ab9da14bc96e6afd84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:09:26:45:42:c8:2a:6c:ae:72:67:1f:44:15:
4f:a4:47:09:bc:c0:f8:8b:b7:e6:31:82:fc:0d:83:
b0:07:cc:83:22:48:22:ec:11:32:6e:5b:60:49:12:
f6:d2:f1:f4:c4:54:f4:b1:3d:19:94:9c:bf:20:20:
ce:a1:7c:2e:66:ff:b6:b5:fa:21:23:b7:3c:98:32:
0f:04:2c:93:17:66:28:6d:84:6a:2c:84:e0:c3:24:
72:b8:26:e9:be:4c:72:a1:5c:b9:0f:cf:3c:22:f7:
aa:7c:ca:88:9a:d1:a6:5d:18:f2:77:0f:32:84:6c:
66:a4:0a:04:41:6f:b3:7e:36:79:1e:30:a8:da:44:
b7:97:25:59:d1:42:3c:a7:d3:96:11:80:41:53:3e:
92:26:b1:37:2f:ce:97:a8:c5:0b:b1:86:ba:76:ae:
77:0e:55:c3:c4:a3:4b:fc:e5:13:f4:59:0d:f2:25:
ac:a7:64:24:f9:73:37:b1:36:11:9a:33:f7:3f:ae:
6e:95:98:25:8f:8c:a5:fc:db:75:7a:c3:75:41:04:
b2:2d:c6:f3:23:76:f4:1b:52:b9:07:7a:2e:0d:66:
aa:af:af:92:ac:8d:97:13:ec:61:5c:4e:bd:68:60:
4e:86:2e:90:8b:e4:44:3d:7c:50:1f:93:32:6e:6b:
7d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:61:6C:84:23:8E:A7:96:20:53:3B:43:9D:DE:27:B0:8D:C3:C8:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:800::/38
Signature Algorithm: sha256WithRSAEncryption
9f:50:77:c2:87:98:82:43:6b:8f:65:d7:0e:8e:e2:ba:15:25:
9f:cb:21:15:bf:63:54:30:97:10:68:8d:69:b0:20:97:15:fd:
cf:0b:37:9f:68:a1:91:d0:e2:e8:22:98:f9:da:86:1a:10:90:
33:ee:79:c5:f3:20:77:c1:11:02:7a:f9:82:28:c2:74:74:5f:
cb:ed:47:3f:3e:00:96:46:c9:66:dc:11:52:62:82:6e:01:6c:
69:38:31:7e:86:bd:72:ec:90:f2:97:00:b4:dc:a8:93:19:52:
04:e7:5a:6d:e3:cd:10:12:61:b2:f9:ef:70:69:b9:47:d8:f4:
53:bc:c1:81:45:32:53:a2:4e:db:71:76:26:25:ca:28:7a:57:
5f:01:7a:de:42:eb:a5:ac:6f:8b:40:8d:46:76:09:bc:79:7a:
d7:ce:12:25:fa:d2:8e:15:7f:95:03:e2:8c:c3:11:7c:06:ec:
a3:57:95:95:b8:c6:73:56:26:14:49:b5:d7:4e:23:5b:b5:a8:
55:f8:de:ce:10:3c:5c:ad:13:1d:1d:c7:70:d8:35:db:d9:3b:
c2:dc:5a:b2:b1:7a:73:a3:57:15:5b:88:9b:0d:fc:86:ca:9d:
05:0e:dd:da:c5:12:08:4c:ae:8f:9d:fa:c5:42:44:32:29:bc:
bf:7d:37:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ34enEkqSaIZu3JI50zTtMhJzp4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTEwMTBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwYmZkYmE4ZjcyYTEzNWFjYTk3OTMzYmE3MmRiNjMyMDJlYmVjMzdmZDNh
ZDdhYjlkYTE0YmM5NmU2YWZkODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsJJkVCyCpsrnJnH0QVT6RHCbzA+Iu35jGC/A2DsAfMgyJIIuwRMm5bYEkS
9tLx9MRU9LE9GZScvyAgzqF8Lmb/trX6ISO3PJgyDwQskxdmKG2EaiyE4MMkcrgm
6b5McqFcuQ/PPCL3qnzKiJrRpl0Y8ncPMoRsZqQKBEFvs342eR4wqNpEt5clWdFC
PKfTlhGAQVM+kiaxNy/Ol6jFC7GGunaudw5Vw8SjS/zlE/RZDfIlrKdkJPlzN7E2
EZoz9z+ubpWYJY+MpfzbdXrDdUEEsi3G8yN29BtSuQd6Lg1mqq+vkqyNlxPsYVxO
vWhgToYukIvkRD18UB+TMm5rfZcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTcYWyE
I46nliBTO0Od3iewjcPItDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg5YTE5YzctYWQ5Ny00M2FkLThlMWUtZGQ5ZDVjY2NkNjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwI
MA0GCSqGSIb3DQEBCwUAA4IBAQCfUHfCh5iCQ2uPZdcOjuK6FSWfyyEVv2NUMJcQ
aI1psCCXFf3PCzefaKGR0OLoIpj52oYaEJAz7nnF8yB3wRECevmCKMJ0dF/L7Uc/
PgCWRslm3BFSYoJuAWxpODF+hr1y7JDylwC03KiTGVIE51pt480QEmGy+e9wablH
2PRTvMGBRTJTok7bcXYmJcooeldfAXreQuulrG+LQI1Gdgm8eXrXzhIl+tKOFX+V
A+KMwxF8BuyjV5WVuMZzViYUSbXXTiNbtahV+N7OEDxcrRMdHcdw2DXb2TvC3Fqy
sXpzo1cVW4ibDfyGyp0FDt3axRIITK6PnfrFQkQyKby/fTe7
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:42 2025 by rpki-client