Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
File: 889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa (raw, json)
Hash identifier: rR2xMRGPd/IdG8LUrSmOWdzAp2LVqdEErV4eOnhsyw8=
Subject key identifier: 22:00:F9:59:97:92:18:6A:6F:69:56:C5:EC:DE:52:F7:E7:D6:F7:EB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57BDAB0C9CB96B8F8965F28F934A3C8531FFA3D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
Signing time: Fri 26 Sep 2025 19:50:23 +0000
ROA not before: Fri 26 Sep 2025 19:50:23 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:bd:ab:0c:9c:b9:6b:8f:89:65:f2:8f:93:4a:3c:85:31:ff:a3:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:50:23 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=894151680fe8a60b15f386ffde2952f56bfe28900609765f01ed1d0185d5e4c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:57:54:97:61:99:c4:b1:f9:da:76:85:05:bc:
9c:ec:bf:fb:f3:71:dc:fc:6f:4c:9c:56:dd:9c:a2:
f6:74:a7:2c:59:f5:85:c6:11:2d:4b:56:14:a8:3b:
6c:ca:a5:29:fa:bd:6e:1a:ba:f2:c8:5f:f1:5d:a5:
dd:da:97:5a:95:06:d5:d3:2e:af:b0:05:79:90:a5:
8c:c0:14:b4:70:20:d3:b7:44:80:d1:9e:8f:a9:14:
1f:7d:f5:7e:51:69:c5:1f:57:c3:78:6b:b5:bf:bd:
3e:fc:d8:07:a6:dd:2c:2f:3d:84:8e:99:3f:2f:a0:
0a:a5:c3:08:c5:cb:03:94:77:0a:6b:1b:40:d8:91:
80:6f:77:6a:c7:6a:e7:14:3b:cd:d8:29:3d:29:05:
a0:5d:2d:23:a4:53:9e:4d:c8:3c:6e:f6:ad:63:27:
ab:88:5a:fe:8b:5c:5f:df:80:66:f5:ab:81:0f:68:
e9:27:4c:6d:d2:74:38:1d:81:1b:e0:76:ef:d1:e4:
1a:54:f2:03:0e:5c:5f:fd:f0:87:f3:99:0b:25:ec:
75:7e:ed:de:87:8f:1b:d5:b4:e4:e8:67:73:f5:d4:
1c:dd:20:20:4e:94:3d:40:d6:fa:35:ac:35:fe:d1:
36:0f:d5:38:4c:e0:1a:3e:5d:eb:6f:41:46:cd:53:
e5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:00:F9:59:97:92:18:6A:6F:69:56:C5:EC:DE:52:F7:E7:D6:F7:EB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:800::/38
Signature Algorithm: sha256WithRSAEncryption
26:47:22:71:c1:d2:62:a7:d2:2c:98:7e:db:36:4e:91:91:e9:
ac:14:55:ec:db:64:a7:10:df:8a:9e:87:c4:db:05:26:07:08:
59:f0:eb:62:49:51:2f:c3:68:64:b0:93:e1:19:c7:c8:e2:6a:
45:dd:63:2b:cd:44:25:5b:a4:08:50:9a:72:36:5c:58:f3:67:
95:e6:8b:b0:f1:30:81:18:d7:4f:ea:71:83:35:a2:79:11:1a:
72:8a:1d:1d:3b:e1:a4:d4:cf:1f:ff:2e:aa:2c:8a:1f:98:dd:
8f:c3:22:43:e6:e1:9e:9e:e3:53:c3:b9:b5:26:e8:e1:87:af:
52:ec:7c:fd:74:56:c3:6c:9b:2d:12:7f:24:72:8b:d7:04:69:
d6:ff:67:6d:c4:a3:48:49:ba:9b:39:22:b4:21:b8:3c:ee:ac:
ea:37:4d:d3:b3:24:3b:16:fa:c0:92:8f:ef:91:c4:f2:ad:39:
55:1d:3e:cd:02:94:1b:c7:db:01:ab:53:0e:26:bd:e8:ae:ac:
83:2e:57:cb:84:fb:61:ee:ee:8a:b7:02:57:cc:36:dc:73:a1:
5f:15:72:64:b6:68:de:41:a2:51:f7:c3:5f:cc:59:6e:e1:4f:
71:46:52:b0:d0:8f:4c:31:8e:46:6a:4e:da:5e:e8:4c:65:f6:
27:ef:8d:d8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV72rDJy5a4+JZfKPk0o8hTH/o9MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTUwMjNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5NDE1MTY4MGZlOGE2MGIxNWYzODZmZmRlMjk1MmY1NmJmZTI4OTAwNjA5
NzY1ZjAxZWQxZDAxODVkNWU0YzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdXVJdhmcSx+dp2hQW8nOy/+/Nx3PxvTJxW3Zyi9nSnLFn1hcYRLUtWFKg7
bMqlKfq9bhq68shf8V2l3dqXWpUG1dMur7AFeZCljMAUtHAg07dEgNGej6kUH331
flFpxR9Xw3hrtb+9PvzYB6bdLC89hI6ZPy+gCqXDCMXLA5R3CmsbQNiRgG93asdq
5xQ7zdgpPSkFoF0tI6RTnk3IPG72rWMnq4ha/otcX9+AZvWrgQ9o6SdMbdJ0OB2B
G+B279HkGlTyAw5cX/3wh/OZCyXsdX7t3oePG9W05Ohnc/XUHN0gIE6UPUDW+jWs
Nf7RNg/VOEzgGj5d629BRs1T5ZkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQiAPlZ
l5IYam9pVsXs3lL359b36zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg5YTE5YzctYWQ5Ny00M2FkLThlMWUtZGQ5ZDVjY2NkNjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwI
MA0GCSqGSIb3DQEBCwUAA4IBAQAmRyJxwdJip9IsmH7bNk6RkemsFFXs22SnEN+K
nofE2wUmBwhZ8OtiSVEvw2hksJPhGcfI4mpF3WMrzUQlW6QIUJpyNlxY82eV5ouw
8TCBGNdP6nGDNaJ5ERpyih0dO+Gk1M8f/y6qLIofmN2PwyJD5uGenuNTw7m1Jujh
h69S7Hz9dFbDbJstEn8kcovXBGnW/2dtxKNISbqbOSK0Ibg87qzqN03TsyQ7FvrA
ko/vkcTyrTlVHT7NApQbx9sBq1MOJr3orqyDLlfLhPth7u6KtwJXzDbcc6FfFXJk
tmjeQaJR98NfzFlu4U9xRlKw0I9MMY5Gak7aXuhMZfYn743Y
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:02 2025 by rpki-client