Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
File: 89b0de0f-6d7a-449d-a144-e777ce29ce82.roa (raw, json)
Hash identifier: Qlsf0jLwF7EdC05Z5hzzRqrTsK5SiT8/B3zb63TDgn8=
Subject key identifier: D0:8B:D2:2A:2E:93:41:D4:EC:88:1C:80:AA:D1:24:D0:4B:17:CF:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 246163285D0AF66180B5716E6CA7075211990E9B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
Signing time: Mon 01 Sep 2025 20:30:10 +0000
ROA not before: Mon 01 Sep 2025 20:30:10 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:61:63:28:5d:0a:f6:61:80:b5:71:6e:6c:a7:07:52:11:99:0e:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:10 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=1cd67a9be2252f7052591ad92240757dab5277f9b2885969abb1b262aa093f8e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:24:21:fe:85:e8:ce:d3:55:e4:b1:7b:74:f3:
5b:03:71:d2:c3:9a:5d:78:6a:ab:a2:a4:db:07:93:
0a:f2:f2:70:d9:20:c0:fa:f8:b7:81:b2:10:a8:c1:
78:63:97:2a:2c:7f:93:bb:f1:af:70:dd:ae:a2:4e:
29:6c:e4:7c:67:9a:4b:0b:a8:e0:fb:66:9c:72:1f:
b6:ba:9d:fd:27:48:90:94:86:63:d1:ba:13:0c:37:
44:b2:bb:71:94:41:08:4a:72:5c:26:17:d2:77:3d:
bd:63:60:ee:1a:bc:31:1c:97:88:66:5e:e7:72:b2:
3a:e6:75:10:3e:dd:c4:92:67:e2:d0:d0:6e:11:92:
85:c7:1e:b1:79:ae:34:d7:60:9f:7a:b8:8d:7a:82:
5e:de:82:8d:52:25:ab:b3:17:7e:c1:dd:36:de:79:
24:56:13:d5:ac:1d:af:3f:99:17:09:39:2e:bf:82:
54:4b:66:8c:b0:54:08:e8:9a:37:cf:73:1b:e1:0c:
58:51:8d:2a:10:5c:b3:19:ca:92:1e:e5:5c:24:ec:
7c:f0:b2:3f:b5:f9:3e:96:8a:3d:19:27:92:50:b0:
c4:12:95:9f:ba:fe:45:c0:8e:ee:29:c9:90:15:a3:
e7:5f:d6:3f:e6:87:ed:29:34:a5:f8:76:84:d5:39:
ce:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:8B:D2:2A:2E:93:41:D4:EC:88:1C:80:AA:D1:24:D0:4B:17:CF:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c000::/40
Signature Algorithm: sha256WithRSAEncryption
5e:a7:e4:77:d3:85:db:be:c8:6d:3e:f4:66:2f:52:36:e8:83:
12:2a:a4:56:f8:13:d9:2c:e1:db:80:a7:14:5c:3a:b3:a6:d0:
f7:5f:1f:38:82:38:a9:42:69:91:5d:55:49:97:a7:15:6c:c2:
a2:cc:c4:58:fb:ba:0b:57:8d:31:b5:49:0d:32:ce:5d:f7:20:
28:85:fe:22:da:23:cc:6f:46:bd:e6:d4:5b:7f:31:ba:f5:97:
36:77:b8:ed:b6:a0:4a:cf:7e:e0:7a:ed:6e:91:5b:7f:cc:84:
c0:ee:99:64:0a:21:22:73:37:a4:2d:33:d9:b3:cc:a5:6e:ac:
7a:9e:31:70:af:5e:fb:ff:02:a2:87:d0:16:b0:f2:a7:9a:57:
e1:90:af:d6:76:fd:6d:19:4d:5f:d9:ae:b1:45:f0:b0:da:b4:
0e:27:fa:9d:8b:07:e0:88:83:8b:dc:47:f6:d4:53:25:20:88:
f0:80:99:53:36:25:bd:0f:07:0b:79:67:19:b4:a5:d7:78:89:
c3:a9:ed:f0:2a:14:d0:56:84:3b:d1:33:39:d8:ee:83:09:5d:
b0:1f:5e:8d:69:0e:9e:2a:7e:aa:a4:28:34:ff:60:7e:3c:14:
9b:5b:61:c1:72:3f:b5:cc:5c:94:07:dc:9a:0a:76:6e:32:4c:
29:9a:f6:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJGFjKF0K9mGAtXFubKcHUhGZDpswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwMTBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjZDY3YTliZTIyNTJmNzA1MjU5MWFkOTIyNDA3NTdkYWI1Mjc3ZjliMjg4
NTk2OWFiYjFiMjYyYWEwOTNmOGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQkIf6F6M7TVeSxe3TzWwNx0sOaXXhqq6Kk2weTCvLycNkgwPr4t4GyEKjB
eGOXKix/k7vxr3DdrqJOKWzkfGeaSwuo4PtmnHIftrqd/SdIkJSGY9G6Eww3RLK7
cZRBCEpyXCYX0nc9vWNg7hq8MRyXiGZe53KyOuZ1ED7dxJJn4tDQbhGShccesXmu
NNdgn3q4jXqCXt6CjVIlq7MXfsHdNt55JFYT1awdrz+ZFwk5Lr+CVEtmjLBUCOia
N89zG+EMWFGNKhBcsxnKkh7lXCTsfPCyP7X5PpaKPRknklCwxBKVn7r+RcCO7inJ
kBWj51/WP+aH7Sk0pfh2hNU5zscCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQi9Iq
LpNB1OyIHICq0STQSxfPJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODliMGRlMGYtNmQ3YS00NDlkLWExNDQtZTc3N2NlMjljZTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA
MA0GCSqGSIb3DQEBCwUAA4IBAQBep+R304XbvshtPvRmL1I26IMSKqRW+BPZLOHb
gKcUXDqzptD3Xx84gjipQmmRXVVJl6cVbMKizMRY+7oLV40xtUkNMs5d9yAohf4i
2iPMb0a95tRbfzG69Zc2d7jttqBKz37geu1ukVt/zITA7plkCiEiczekLTPZs8yl
bqx6njFwr177/wKih9AWsPKnmlfhkK/Wdv1tGU1f2a6xRfCw2rQOJ/qdiwfgiIOL
3Ef21FMlIIjwgJlTNiW9DwcLeWcZtKXXeInDqe3wKhTQVoQ70TM52O6DCV2wH16N
aQ6eKn6qpCg0/2B+PBSbW2HBcj+1zFyUB9yaCnZuMkwpmvbQ
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:31 2025 by rpki-client