Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
File: 889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa (raw, json)
Hash identifier: 7pnsd2wPjqfTpm9/Mrp+6TnwT0g5mRdgLEf6U659cmY=
Subject key identifier: 98:F4:E4:85:FB:B8:45:AD:48:84:A5:83:CA:75:84:43:B3:3C:E0:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68875C93BE3C6ABA7EE68E4962E8982574456D0A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
Signing time: Tue 05 Aug 2025 20:00:09 +0000
ROA not before: Tue 05 Aug 2025 20:00:09 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:87:5c:93:be:3c:6a:ba:7e:e6:8e:49:62:e8:98:25:74:45:6d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:00:09 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=c2b6f1fb6b6a4b00e00c80efd2aaabde07acf22f9adeb2827b8e364dc33f67b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9a:fe:17:85:34:27:58:a1:72:16:52:da:bf:
ab:fa:12:d6:78:b3:0a:b4:c8:1a:72:3f:33:69:4a:
fa:03:57:0e:0a:8b:01:e2:3d:52:d3:d1:0b:29:af:
25:77:a3:6f:57:4e:3a:38:e0:75:34:15:e9:fd:b2:
de:6f:7b:2a:98:71:23:dd:d7:1f:7e:71:06:bb:ef:
d0:16:cc:f8:68:d9:a2:ce:19:c8:5f:72:1d:a1:1d:
24:f5:58:fc:cf:50:3e:9c:05:7e:75:e8:19:70:29:
be:06:d4:07:9f:88:8a:b0:29:94:8e:cf:02:f5:ab:
11:5f:6b:65:0b:4a:3c:83:54:ad:27:0d:90:59:c8:
d8:99:27:79:94:9e:86:5e:99:aa:db:5c:db:22:88:
9d:f9:bf:7d:a1:d5:a2:c6:07:4a:7c:b4:e5:bd:53:
12:eb:5d:91:ae:0f:9e:63:7b:fd:c7:43:21:9f:41:
b9:4c:63:ea:d6:6d:c4:7b:29:f6:78:c5:2b:24:36:
5f:c4:ae:c1:ef:a4:4a:42:f0:7c:8b:11:50:79:9a:
10:f0:ed:7a:a8:9f:cd:fa:22:a7:93:75:41:a0:5c:
5c:55:7a:66:42:0a:1b:e2:b4:ae:d9:b4:34:f8:b4:
01:35:a5:ab:0a:0b:42:bb:02:f2:f1:61:cb:51:63:
7a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F4:E4:85:FB:B8:45:AD:48:84:A5:83:CA:75:84:43:B3:3C:E0:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:800::/38
Signature Algorithm: sha256WithRSAEncryption
6f:17:0e:c6:91:d1:e4:63:c2:95:41:02:e4:62:48:3b:42:15:
5b:ac:54:8c:9a:57:5c:58:3e:f5:b9:5d:19:59:b7:d3:84:34:
04:c0:7d:e0:54:3d:76:54:ab:ed:5b:bf:01:39:f7:d8:91:2b:
91:41:c9:47:61:97:83:7f:9a:99:eb:83:d4:90:e5:44:a0:8d:
2f:f3:07:6f:bf:c7:ca:d2:5f:35:5a:8e:de:fb:42:ea:c7:62:
1c:3b:82:cf:b3:24:cf:2d:a0:9c:94:96:c4:83:df:26:8c:d4:
f7:19:1c:7f:12:9b:77:89:86:b7:39:61:39:7e:fc:18:47:93:
a4:ad:73:d1:e4:ee:a1:9e:8d:5a:a2:7a:48:ac:10:c6:ac:a8:
6b:df:18:ff:5b:70:f7:50:11:e1:69:d8:bb:0d:f8:77:1b:81:
5b:64:90:5d:da:84:fe:02:45:e9:08:92:67:9b:2f:bd:b3:db:
ed:ad:81:49:ba:09:0f:2c:23:3e:07:da:bf:db:bd:95:a1:7e:
3a:8e:89:6b:c6:dd:f5:df:0a:9a:8c:40:98:0b:30:5a:77:d0:
9e:b2:ef:85:ba:8d:d1:09:d3:93:8b:5d:61:78:05:76:52:45:
69:13:10:7b:b1:96:42:d1:ad:7f:39:6b:34:cc:48:da:c7:10:
35:2e:8c:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaIdck748arp+5o5JYuiYJXRFbQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAwMDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyYjZmMWZiNmI2YTRiMDBlMDBjODBlZmQyYWFhYmRlMDdhY2YyMmY5YWRl
YjI4MjdiOGUzNjRkYzMzZjY3YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqa/heFNCdYoXIWUtq/q/oS1nizCrTIGnI/M2lK+gNXDgqLAeI9UtPRCymv
JXejb1dOOjjgdTQV6f2y3m97KphxI93XH35xBrvv0BbM+GjZos4ZyF9yHaEdJPVY
/M9QPpwFfnXoGXApvgbUB5+IirAplI7PAvWrEV9rZQtKPINUrScNkFnI2JkneZSe
hl6Zqttc2yKInfm/faHVosYHSny05b1TEutdka4PnmN7/cdDIZ9BuUxj6tZtxHsp
9njFKyQ2X8Suwe+kSkLwfIsRUHmaEPDteqifzfoip5N1QaBcXFV6ZkIKG+K0rtm0
NPi0ATWlqwoLQrsC8vFhy1FjeoMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSY9OSF
+7hFrUiEpYPKdYRDszzgzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg5YTE5YzctYWQ5Ny00M2FkLThlMWUtZGQ5ZDVjY2NkNjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwI
MA0GCSqGSIb3DQEBCwUAA4IBAQBvFw7GkdHkY8KVQQLkYkg7QhVbrFSMmldcWD71
uV0ZWbfThDQEwH3gVD12VKvtW78BOffYkSuRQclHYZeDf5qZ64PUkOVEoI0v8wdv
v8fK0l81Wo7e+0Lqx2IcO4LPsyTPLaCclJbEg98mjNT3GRx/Ept3iYa3OWE5fvwY
R5OkrXPR5O6hno1aonpIrBDGrKhr3xj/W3D3UBHhadi7Dfh3G4FbZJBd2oT+AkXp
CJJnmy+9s9vtrYFJugkPLCM+B9q/272VoX46jolrxt313wqajECYCzBad9Cesu+F
uo3RCdOTi11heAV2UkVpExB7sZZC0a1/OWs0zEjaxxA1LozJ
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:49:24 2025 by rpki-client