Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
File: 89b0de0f-6d7a-449d-a144-e777ce29ce82.roa (raw, json)
Hash identifier: WqMTmAQ6304KyBvkXpkPr/Z18I4gyKUCfEOWRnt5tAE=
Subject key identifier: 47:B4:73:92:81:29:C7:48:8F:58:B1:A6:21:21:49:78:C7:89:6D:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20548827AFD35FC6B5E3A86FC047CCBA14E737CE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
Signing time: Fri 26 Sep 2025 19:10:20 +0000
ROA not before: Fri 26 Sep 2025 19:10:20 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:54:88:27:af:d3:5f:c6:b5:e3:a8:6f:c0:47:cc:ba:14:e7:37:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:10:20 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=197fe9737ee80b5bab36b383dede0c5e7c29bb4a236b8ca2d6b5eb194f7e365e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a3:25:14:4d:d5:85:17:a0:cf:ed:e7:69:3c:
1b:50:50:a2:bb:d3:d5:d8:32:5e:bc:10:cf:38:6d:
5b:af:3c:8b:53:60:24:4d:2c:9f:2c:f1:ea:d0:2f:
00:9c:2b:2d:4e:31:7d:bd:fd:f4:77:cb:26:28:4c:
d8:e8:74:1a:97:dd:3a:7b:de:1e:b3:b3:dd:a4:c8:
cf:e8:e6:58:ac:cc:f0:b0:3d:40:b9:53:f8:06:a6:
57:27:0d:16:3a:c3:7f:f3:c7:62:60:1b:39:6f:95:
66:11:bb:ef:08:0f:22:57:e0:44:08:26:34:b8:4c:
f2:71:5f:52:7a:7b:06:4c:49:45:cf:43:07:83:90:
31:2f:ae:d9:9f:31:48:98:2f:13:d1:27:af:13:8c:
68:6b:cc:22:2b:4d:f0:7b:a1:66:40:38:9e:6a:36:
69:f2:35:2c:2f:7c:be:6f:36:8b:c6:f7:7f:69:e6:
77:bd:d2:a7:e5:fb:91:ca:11:c6:4c:f7:11:02:c5:
6d:80:c1:23:21:0f:0c:26:bb:3d:52:2d:92:60:56:
9d:9d:03:6a:df:4b:0f:ed:5b:56:de:49:f7:fc:3c:
c6:d8:ff:da:a9:3f:7e:fb:ff:52:7d:89:0e:9b:f1:
42:4e:25:f9:e2:0b:24:90:99:33:0d:70:93:75:13:
dc:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B4:73:92:81:29:C7:48:8F:58:B1:A6:21:21:49:78:C7:89:6D:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c000::/40
Signature Algorithm: sha256WithRSAEncryption
57:10:89:f2:5f:37:6a:22:20:ac:73:d8:e3:16:49:33:4f:ed:
b1:e2:dd:55:34:48:b9:98:c4:10:fb:e5:a1:1f:0d:1d:10:86:
22:e9:d5:a7:c6:03:5c:75:b6:f7:3b:53:e0:dc:a0:3c:46:25:
51:8e:6b:17:4a:0b:5a:3b:dc:65:33:23:7d:70:af:e0:aa:36:
ad:16:e4:ee:cd:41:7e:0e:b3:67:c0:28:8e:10:e0:00:37:7d:
16:bc:67:11:14:c0:3b:2f:f6:66:78:85:83:51:01:ad:f9:89:
45:5b:61:95:13:c7:5f:9f:32:d4:43:52:0d:7b:4c:25:9b:ba:
b3:4d:ec:5f:74:cd:c0:6a:9c:51:b6:ca:77:ba:85:fb:d3:df:
ff:08:12:b8:67:7a:0a:ef:8e:a8:21:13:62:60:45:a6:1d:16:
33:77:1e:6a:9f:03:31:fa:6a:dd:83:3d:31:36:1b:17:ea:c7:
c9:05:32:fa:08:08:c1:5c:b4:25:6c:80:52:2e:0a:ae:c8:9f:
dd:02:a9:14:d6:f4:b3:3d:83:a9:19:45:64:a4:85:fc:90:a1:
66:05:5b:90:73:dd:42:5e:d0:e8:9c:9b:60:ed:03:d4:8c:c2:
20:60:4e:47:a1:04:74:c2:b4:75:5d:d5:00:41:25:f3:da:a6:
50:3e:9f:a4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIFSIJ6/TX8a146hvwEfMuhTnN84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTEwMjBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5N2ZlOTczN2VlODBiNWJhYjM2YjM4M2RlZGUwYzVlN2MyOWJiNGEyMzZi
OGNhMmQ2YjVlYjE5NGY3ZTM2NWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWjJRRN1YUXoM/t52k8G1BQorvT1dgyXrwQzzhtW688i1NgJE0snyzx6tAv
AJwrLU4xfb399HfLJihM2Oh0GpfdOnveHrOz3aTIz+jmWKzM8LA9QLlT+AamVycN
FjrDf/PHYmAbOW+VZhG77wgPIlfgRAgmNLhM8nFfUnp7BkxJRc9DB4OQMS+u2Z8x
SJgvE9EnrxOMaGvMIitN8HuhZkA4nmo2afI1LC98vm82i8b3f2nmd73Sp+X7kcoR
xkz3EQLFbYDBIyEPDCa7PVItkmBWnZ0Dat9LD+1bVt5J9/w8xtj/2qk/fvv/Un2J
DpvxQk4l+eILJJCZMw1wk3UT3LkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHtHOS
gSnHSI9YsaYhIUl4x4lt5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODliMGRlMGYtNmQ3YS00NDlkLWExNDQtZTc3N2NlMjljZTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXEInyXzdqIiCsc9jjFkkzT+2x4t1VNEi5mMQQ
++WhHw0dEIYi6dWnxgNcdbb3O1Pg3KA8RiVRjmsXSgtaO9xlMyN9cK/gqjatFuTu
zUF+DrNnwCiOEOAAN30WvGcRFMA7L/ZmeIWDUQGt+YlFW2GVE8dfnzLUQ1INe0wl
m7qzTexfdM3AapxRtsp3uoX709//CBK4Z3oK746oIRNiYEWmHRYzdx5qnwMx+mrd
gz0xNhsX6sfJBTL6CAjBXLQlbIBSLgquyJ/dAqkU1vSzPYOpGUVkpIX8kKFmBVuQ
c91CXtDonJtg7QPUjMIgYE5HoQR0wrR1XdUAQSXz2qZQPp+k
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:35 2025 by rpki-client