Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
File: 89b0de0f-6d7a-449d-a144-e777ce29ce82.roa (raw, json)
Hash identifier: 7QQ3zsPdDdAI5wzk6g03ydncL2P5YDfyl43b4wFUpOs=
Subject key identifier: 4B:49:07:07:A6:4C:00:AA:7E:32:FE:7D:AE:29:EF:E0:C6:6B:BD:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33EBFEA6C6169579F746B754C55706B8CAFF8308
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
Signing time: Tue 05 Aug 2025 19:30:20 +0000
ROA not before: Tue 05 Aug 2025 19:30:20 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:eb:fe:a6:c6:16:95:79:f7:46:b7:54:c5:57:06:b8:ca:ff:83:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:20 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=0bd9c72ea4ae715efc6e9e56754c88fdf2b1f6fe6299e0c6b12837a1a9004512, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:51:c3:fa:4c:83:b5:8d:79:20:b4:c6:fb:79:
32:e8:36:35:20:84:12:b8:d0:ff:09:04:9f:8c:04:
54:a3:1b:47:90:3c:08:35:e3:d8:a6:4c:32:19:30:
12:33:a9:67:44:02:68:9d:99:4b:9c:0f:34:b6:b1:
23:40:ad:43:92:95:02:14:7a:28:f0:e2:a3:7b:be:
22:c9:81:70:42:49:78:64:cb:cc:2f:93:35:3c:b8:
7e:7b:96:03:af:75:77:8a:6e:94:6b:40:a2:87:1a:
c3:cf:87:fb:b0:41:9d:00:dc:ab:c6:42:11:79:f7:
1f:6d:89:15:9f:60:67:66:30:61:73:02:2c:e6:63:
d4:84:0c:48:1e:36:1f:ae:57:52:c1:95:61:2b:ad:
c7:f7:b2:8e:3a:ac:fd:eb:0f:20:ba:bb:10:6d:00:
e4:c5:5b:1c:23:e2:96:61:d5:93:fb:ee:2d:e3:93:
30:61:ea:04:df:d0:22:5f:8a:57:a3:d3:76:ad:75:
09:64:45:de:6a:d5:5e:0c:df:3b:71:a6:69:87:ba:
19:ac:69:ab:82:0b:59:64:6d:92:be:6c:b0:55:5a:
1a:7b:1d:fd:49:e6:15:bd:21:8e:af:13:68:b6:5b:
b1:1b:e4:66:9a:26:f1:35:9f:0d:92:01:77:ee:01:
32:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:49:07:07:A6:4C:00:AA:7E:32:FE:7D:AE:29:EF:E0:C6:6B:BD:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c000::/40
Signature Algorithm: sha256WithRSAEncryption
8b:9c:8d:a9:ca:c7:d0:ea:6b:b5:01:f7:a4:da:43:b5:9b:db:
11:db:5f:74:ff:bf:e0:0f:94:4d:1b:b9:34:59:10:03:d4:73:
2b:aa:2e:84:00:d3:0a:84:b6:c1:a6:85:bd:c8:7f:1c:90:59:
3d:2d:fb:ba:26:40:46:94:f1:0e:b1:7d:92:68:e8:0f:3f:0f:
9e:e0:d0:e6:a6:17:63:41:49:31:8c:38:12:ee:f8:a6:ec:40:
28:df:c6:e0:11:69:e5:92:87:f9:d7:fb:fe:34:e9:5b:d4:c3:
34:dc:fb:9a:3a:76:ea:f4:86:13:93:16:81:68:1e:69:77:17:
7c:d6:ac:92:4a:e7:90:76:90:63:68:d6:3b:9b:d3:db:17:9e:
eb:38:11:b1:e9:0a:59:72:63:f6:82:d7:38:35:9a:4a:14:87:
1c:ce:22:7f:9c:d9:d3:de:9a:60:e0:97:d0:ef:30:fb:d9:6d:
7f:c7:34:21:f1:3e:a2:fe:d4:3c:6d:d5:4b:7e:73:27:00:df:
50:87:8d:47:b2:88:42:a2:fe:41:b7:5e:9d:db:19:11:78:b9:
eb:eb:09:77:90:83:4f:9c:72:06:e2:4b:df:00:fc:0d:cd:4e:
53:e7:cb:9f:94:d7:1e:d4:8b:40:e2:55:8c:9f:68:36:3c:b8:
f5:e3:3f:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM+v+psYWlXn3RrdUxVcGuMr/gwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwMjBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiZDljNzJlYTRhZTcxNWVmYzZlOWU1Njc1NGM4OGZkZjJiMWY2ZmU2Mjk5
ZTBjNmIxMjgzN2ExYTkwMDQ1MTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtRw/pMg7WNeSC0xvt5Mug2NSCEErjQ/wkEn4wEVKMbR5A8CDXj2KZMMhkw
EjOpZ0QCaJ2ZS5wPNLaxI0CtQ5KVAhR6KPDio3u+IsmBcEJJeGTLzC+TNTy4fnuW
A691d4pulGtAoocaw8+H+7BBnQDcq8ZCEXn3H22JFZ9gZ2YwYXMCLOZj1IQMSB42
H65XUsGVYSutx/eyjjqs/esPILq7EG0A5MVbHCPilmHVk/vuLeOTMGHqBN/QIl+K
V6PTdq11CWRF3mrVXgzfO3GmaYe6Gaxpq4ILWWRtkr5ssFVaGnsd/UnmFb0hjq8T
aLZbsRvkZpom8TWfDZIBd+4BMrsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRLSQcH
pkwAqn4y/n2uKe/gxmu9kDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODliMGRlMGYtNmQ3YS00NDlkLWExNDQtZTc3N2NlMjljZTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA
MA0GCSqGSIb3DQEBCwUAA4IBAQCLnI2pysfQ6mu1Afek2kO1m9sR2190/7/gD5RN
G7k0WRAD1HMrqi6EANMKhLbBpoW9yH8ckFk9Lfu6JkBGlPEOsX2SaOgPPw+e4NDm
phdjQUkxjDgS7vim7EAo38bgEWnlkof51/v+NOlb1MM03PuaOnbq9IYTkxaBaB5p
dxd81qySSueQdpBjaNY7m9PbF57rOBGx6QpZcmP2gtc4NZpKFIccziJ/nNnT3ppg
4JfQ7zD72W1/xzQh8T6i/tQ8bdVLfnMnAN9Qh41HsohCov5Bt16d2xkReLnr6wl3
kINPnHIG4kvfAPwNzU5T58uflNce1ItA4lWMn2g2PLj14z/n
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:07 2025 by rpki-client