Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
File: 89b0de0f-6d7a-449d-a144-e777ce29ce82.roa (raw, json)
Hash identifier: vk8DzbA9aBnRSgaCcRwqyGnZgdOyvgQ3Hsuy2ommH+Y=
Subject key identifier: A0:C5:12:E6:86:FB:62:4D:23:B7:59:B4:2D:88:CD:F4:09:87:17:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09D3E7B5D555F3691A57678BDCC89A2B778B4614
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
Signing time: Mon 16 Jun 2025 20:21:19 +0000
ROA not before: Mon 16 Jun 2025 20:21:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:d3:e7:b5:d5:55:f3:69:1a:57:67:8b:dc:c8:9a:2b:77:8b:46:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:21:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d29c6549c63f11526b5b06b13b62cc1fda857f78c82c15e16ac9bcab29a4ca06, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7d:ec:cd:df:20:8b:aa:8b:28:79:a2:b8:b6:
1c:92:4c:ce:27:5b:46:9f:b6:03:a3:dd:58:57:df:
d3:3a:6b:fa:8a:f9:09:bd:77:50:c7:de:0c:86:36:
4b:ce:ff:c9:99:29:f1:61:02:9a:df:b4:b6:c4:68:
b5:ef:24:cc:3b:ab:d2:cf:9a:72:2a:13:e1:99:e7:
6b:b1:f2:dc:11:dd:62:6e:30:30:42:30:85:1a:62:
ce:2d:e6:98:00:3c:b1:da:20:86:1b:2e:76:43:87:
94:d0:54:e9:c6:c2:22:17:21:d3:55:2a:12:1e:1c:
64:44:e8:80:86:5c:36:24:f3:18:96:42:29:9e:b8:
28:4e:ab:cd:b2:e1:30:65:14:b3:3d:b6:52:d9:9b:
9d:13:b2:d4:ed:a7:89:ea:44:10:e4:6b:87:d5:25:
44:09:23:5c:60:3a:dd:1e:88:51:83:ed:ea:9b:f6:
09:58:e2:24:27:4d:9b:bb:95:e6:f1:70:40:d8:09:
4a:a0:49:50:4e:6c:a7:76:c7:8b:1f:fa:30:6c:6e:
af:c3:f3:9a:b4:3e:76:12:88:8a:1d:c2:53:4e:87:
80:54:15:77:98:25:7f:fc:5c:74:69:09:ef:f2:84:
31:4e:9d:27:18:28:7a:31:c3:18:7c:29:09:10:82:
13:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C5:12:E6:86:FB:62:4D:23:B7:59:B4:2D:88:CD:F4:09:87:17:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c000::/40
Signature Algorithm: sha256WithRSAEncryption
24:f4:da:24:4f:c8:a8:e1:a0:6c:22:35:f5:15:66:a5:88:55:
eb:ad:87:a6:aa:bf:71:95:ca:14:e6:55:22:d7:2c:11:fc:88:
92:14:06:7d:15:07:09:3b:1e:db:ab:91:7d:6f:73:a3:0d:a0:
35:1a:a7:6a:f3:fd:7c:a9:78:b1:d9:c8:74:f9:18:ec:17:29:
b7:67:37:51:e2:e2:09:01:36:c1:19:b9:60:e4:ac:3f:4d:a8:
c5:d4:fa:2b:a6:5b:78:d0:22:6a:3c:7d:62:01:04:11:5f:34:
57:aa:c9:f0:e3:ee:b5:95:fa:de:ff:4e:c1:5d:b7:57:52:69:
56:72:36:c6:80:48:c5:e2:53:49:fe:70:a7:d1:90:16:e5:d4:
f0:79:07:2e:41:8c:49:d1:91:4e:d6:1f:0d:c4:54:2b:b2:f0:
98:9d:bb:a5:cc:93:f0:e0:59:ca:30:21:cf:c0:7d:bb:83:be:
45:34:3e:1b:a3:a9:b9:7d:54:8a:b8:cb:e0:cd:01:4a:61:93:
94:45:31:da:b5:d4:65:36:20:e7:95:08:6d:69:d4:70:35:de:
0c:85:12:e9:0e:34:4a:4a:8b:40:a2:6f:81:eb:f1:3c:a1:ee:
69:e7:1f:21:ee:5d:42:2e:d1:1b:ab:22:b9:bf:31:85:a1:b0:
dd:38:bc:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCdPntdVV82kaV2eL3MiaK3eLRhQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIxMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyOWM2NTQ5YzYzZjExNTI2YjViMDZiMTNiNjJjYzFmZGE4NTdmNzhjODJj
MTVlMTZhYzliY2FiMjlhNGNhMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKl97M3fIIuqiyh5ori2HJJMzidbRp+2A6PdWFff0zpr+or5Cb13UMfeDIY2
S87/yZkp8WECmt+0tsRote8kzDur0s+acioT4Znna7Hy3BHdYm4wMEIwhRpizi3m
mAA8sdoghhsudkOHlNBU6cbCIhch01UqEh4cZETogIZcNiTzGJZCKZ64KE6rzbLh
MGUUsz22UtmbnROy1O2niepEEORrh9UlRAkjXGA63R6IUYPt6pv2CVjiJCdNm7uV
5vFwQNgJSqBJUE5sp3bHix/6MGxur8PzmrQ+dhKIih3CU06HgFQVd5glf/xcdGkJ
7/KEMU6dJxgoejHDGHwpCRCCE2cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgxRLm
hvtiTSO3WbQtiM30CYcXVjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODliMGRlMGYtNmQ3YS00NDlkLWExNDQtZTc3N2NlMjljZTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA
MA0GCSqGSIb3DQEBCwUAA4IBAQAk9NokT8io4aBsIjX1FWaliFXrrYemqr9xlcoU
5lUi1ywR/IiSFAZ9FQcJOx7bq5F9b3OjDaA1Gqdq8/18qXix2ch0+RjsFym3ZzdR
4uIJATbBGblg5Kw/TajF1Porplt40CJqPH1iAQQRXzRXqsnw4+61lfre/07BXbdX
UmlWcjbGgEjF4lNJ/nCn0ZAW5dTweQcuQYxJ0ZFO1h8NxFQrsvCYnbulzJPw4FnK
MCHPwH27g75FND4bo6m5fVSKuMvgzQFKYZOURTHatdRlNiDnlQhtadRwNd4MhRLp
DjRKSotAom+B6/E8oe5p5x8h7l1CLtEbqyK5vzGFobDdOLx2
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:07 2025 by rpki-client