Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
File: 89b0de0f-6d7a-449d-a144-e777ce29ce82.roa (raw, json)
Hash identifier: qTLS9ekUEd4nn6RIELO1LopbHFldL4PvQ+o1DSZqq+I=
Subject key identifier: 1C:50:92:43:79:01:F1:19:56:31:63:E8:37:70:3D:C7:4B:FF:41:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08C2872B4818FF8C523D4C56878C9675CE1E01C1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
Signing time: Tue 21 Oct 2025 14:10:23 +0000
ROA not before: Tue 21 Oct 2025 14:10:23 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:c2:87:2b:48:18:ff:8c:52:3d:4c:56:87:8c:96:75:ce:1e:01:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:10:23 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=ec871fc1f330cad79cfe42fd65f61886d90544f2d2a4969b568db32bf8b2c82d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:e5:e5:42:0d:55:48:4a:43:fc:6d:d6:ea:f6:
32:5c:48:b5:4a:d3:8a:5e:bd:19:d6:f6:2d:3a:84:
04:58:0b:ae:24:70:35:02:dd:15:06:f0:8b:88:b9:
02:78:01:56:16:df:35:04:ab:c6:6d:59:c9:1e:1b:
9b:a0:07:e8:ad:2a:80:78:44:1f:41:98:6f:d8:cc:
87:17:66:18:48:f6:2f:75:e9:12:e2:84:b6:bb:11:
42:13:01:e5:2d:29:52:7e:e1:62:87:bb:78:98:e9:
0c:fb:a9:2e:1e:c0:9b:37:9e:38:f1:ee:d4:f4:27:
27:6d:eb:f9:30:92:82:6e:79:58:3c:bb:c0:67:f0:
a7:00:5c:86:ef:91:14:e7:c2:bb:bd:34:5b:56:70:
ef:6a:11:f7:bf:f1:95:ac:01:ea:00:55:80:cb:9f:
f7:51:3b:0c:29:b0:39:50:2a:06:e4:14:7c:c2:35:
53:8d:94:65:e4:08:4e:17:3a:ae:af:80:75:48:53:
e2:3d:8f:00:f4:6c:e6:d4:ee:ec:53:96:6c:53:b3:
49:c1:36:d9:3a:9c:b7:96:22:2f:bb:48:c3:7b:28:
20:48:31:30:79:f1:cf:0d:81:1f:7b:4e:32:66:6f:
38:b6:d4:7b:57:23:09:db:b6:2a:e3:f2:54:76:90:
63:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:50:92:43:79:01:F1:19:56:31:63:E8:37:70:3D:C7:4B:FF:41:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c000::/40
Signature Algorithm: sha256WithRSAEncryption
53:7b:dd:b4:fb:18:20:05:a8:42:a9:ac:45:11:22:88:2c:b0:
f6:9f:48:e2:8d:ec:aa:37:a6:5b:05:3f:46:e2:4b:b8:2f:e3:
c7:33:4a:30:ae:3e:63:dd:5e:5a:ca:34:2d:0d:99:30:4c:f4:
c4:50:24:d8:63:18:67:ca:16:3b:b7:56:ca:51:1c:39:9c:90:
e0:05:64:f2:a6:71:b3:9e:26:de:68:3e:a1:ad:ef:90:02:b2:
90:e9:e5:5d:80:86:11:95:fb:92:05:36:7d:38:5c:53:d1:3f:
3e:f7:1a:38:5e:02:7b:78:ae:fb:4a:6f:a8:7d:9e:bf:11:5c:
35:dd:6e:74:84:92:6c:bf:37:32:2f:a9:e1:c7:d5:39:f8:a0:
95:83:ed:4d:80:19:ab:fc:34:0f:c4:68:0c:7f:6f:da:34:fc:
48:52:64:79:e1:7f:99:3a:8f:1b:aa:bc:2b:51:ee:25:5b:28:
21:54:4e:45:24:ed:8c:27:db:ba:c3:5d:16:64:f0:cb:63:75:
19:23:f7:bd:30:3c:6b:df:7e:2d:37:1e:79:fa:a6:5b:31:bc:
48:f5:f0:c0:09:5e:85:a2:07:b6:24:36:7b:ba:23:e6:33:66:
ae:32:ee:f0:ff:fb:02:b5:cc:85:e5:f4:85:c5:8c:00:7a:dd:
bc:40:5c:1c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCMKHK0gY/4xSPUxWh4yWdc4eAcEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDEwMjNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjODcxZmMxZjMzMGNhZDc5Y2ZlNDJmZDY1ZjYxODg2ZDkwNTQ0ZjJkMmE0
OTY5YjU2OGRiMzJiZjhiMmM4MmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOXl5UINVUhKQ/xt1ur2MlxItUrTil69Gdb2LTqEBFgLriRwNQLdFQbwi4i5
AngBVhbfNQSrxm1ZyR4bm6AH6K0qgHhEH0GYb9jMhxdmGEj2L3XpEuKEtrsRQhMB
5S0pUn7hYoe7eJjpDPupLh7AmzeeOPHu1PQnJ23r+TCSgm55WDy7wGfwpwBchu+R
FOfCu700W1Zw72oR97/xlawB6gBVgMuf91E7DCmwOVAqBuQUfMI1U42UZeQIThc6
rq+AdUhT4j2PAPRs5tTu7FOWbFOzScE22Tqct5YiL7tIw3soIEgxMHnxzw2BH3tO
MmZvOLbUe1cjCdu2KuPyVHaQY5UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQcUJJD
eQHxGVYxY+g3cD3HS/9BMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODliMGRlMGYtNmQ3YS00NDlkLWExNDQtZTc3N2NlMjljZTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA
MA0GCSqGSIb3DQEBCwUAA4IBAQBTe920+xggBahCqaxFESKILLD2n0jijeyqN6Zb
BT9G4ku4L+PHM0owrj5j3V5ayjQtDZkwTPTEUCTYYxhnyhY7t1bKURw5nJDgBWTy
pnGznibeaD6hre+QArKQ6eVdgIYRlfuSBTZ9OFxT0T8+9xo4XgJ7eK77Sm+ofZ6/
EVw13W50hJJsvzcyL6nhx9U5+KCVg+1NgBmr/DQPxGgMf2/aNPxIUmR54X+ZOo8b
qrwrUe4lWyghVE5FJO2MJ9u6w10WZPDLY3UZI/e9MDxr334tNx55+qZbMbxI9fDA
CV6Foge2JDZ7uiPmM2auMu7w//sCtcyF5fSFxYwAet28QFwc
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:18 2025 by rpki-client