Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b89b3c5d-e121-4769-9f3e-0d4c4f0780db.roa
File: b89b3c5d-e121-4769-9f3e-0d4c4f0780db.roa (raw, json)
Hash identifier: hBICOY7HM4jCQrltcOpuZ7L4h4nsB1NUN72VHJ/Y9KM=
Subject key identifier: EB:0B:22:AE:73:BB:85:D7:06:B8:9A:F3:3C:F1:BC:3A:68:2D:A9:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2BB7C9E03E0840974F522523F97FAB68BCB8DFAA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b89b3c5d-e121-4769-9f3e-0d4c4f0780db.roa
Signing time: Tue 19 Aug 2025 16:50:05 +0000
ROA not before: Tue 19 Aug 2025 16:50:05 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:b7:c9:e0:3e:08:40:97:4f:52:25:23:f9:7f:ab:68:bc:b8:df:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:05 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=4b66869d10c8c6f536cd849948b3555472fc9d6f06fd39634d1376634033e6d9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:56:7a:40:5f:35:aa:18:49:bb:ec:c7:70:f2:
e0:5e:4d:e1:e6:a1:3d:3c:6e:71:1d:cb:4b:be:29:
54:44:a7:bc:c6:1e:a2:af:7a:29:53:e6:28:b1:7d:
a6:88:e4:a1:30:c8:67:61:6e:34:31:56:73:7b:45:
d8:c2:9f:dc:8f:8c:47:88:01:09:b3:7b:a0:7c:36:
e7:7d:b1:b0:ec:12:30:4a:42:b5:ab:8f:85:00:b2:
15:4e:70:1c:be:5c:79:d6:34:bc:68:b1:56:eb:b0:
b7:40:de:f0:9e:8e:84:ba:b7:45:d2:7c:d4:6d:18:
45:bd:23:77:83:a0:b3:6b:9f:32:48:c9:0d:9d:7d:
b4:ba:30:10:58:f3:f0:4b:d6:b7:f8:db:c1:68:83:
1d:da:7b:83:c3:57:19:5f:ca:ce:a7:5e:b7:6a:3b:
4c:0c:8c:5b:a8:9d:00:86:08:c4:47:69:c0:a4:2e:
dc:21:f4:4b:52:ee:4f:57:b0:1c:9e:5f:1c:00:75:
6b:5d:fc:1d:ed:9c:6b:ca:27:71:07:5b:c8:20:20:
1d:71:2f:44:5d:47:54:3f:02:c7:38:72:97:ed:5e:
08:22:20:a6:81:c3:4e:7c:e2:43:a7:fa:07:44:f9:
34:a4:b7:ad:3f:e7:00:8c:71:a7:61:4f:ff:ec:67:
90:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:0B:22:AE:73:BB:85:D7:06:B8:9A:F3:3C:F1:BC:3A:68:2D:A9:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b89b3c5d-e121-4769-9f3e-0d4c4f0780db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:6000::/40
Signature Algorithm: sha256WithRSAEncryption
ca:08:36:76:58:b8:e3:26:06:d8:76:7c:c7:2d:4d:f3:cc:90:
0b:77:43:b3:a1:53:a2:f1:71:4d:a2:28:ee:70:ba:fb:5d:da:
e0:f7:87:32:03:04:18:bd:50:54:9b:22:b5:02:7c:ec:49:c7:
36:11:26:cc:38:09:e0:a3:4b:18:a8:c0:9a:16:c6:ea:ee:3a:
36:e6:ea:75:1e:da:e2:bb:d7:38:df:34:b2:86:95:c3:63:08:
2c:2a:61:52:14:b2:a3:81:a3:a3:03:da:3f:e1:af:66:9f:62:
aa:9a:07:9f:4e:9d:8b:6d:55:35:cc:7a:9c:80:db:aa:e1:51:
37:90:6b:09:95:c4:2d:c2:f9:12:34:10:3f:03:d5:20:6b:40:
0e:27:6d:96:8b:8c:0d:b4:25:fa:9c:79:56:5a:b2:83:ec:98:
75:5f:06:7c:2e:fc:54:0f:0f:7b:7c:d8:d6:05:62:e9:20:9f:
cb:bc:29:3b:00:14:cd:f8:f3:5d:3e:5b:48:f7:3a:39:bc:33:
0e:47:b3:82:58:e5:74:ae:92:05:b1:67:af:fb:9e:21:24:fb:
02:b9:44:54:f6:78:99:4d:57:21:9a:45:13:44:17:71:58:c6:
a3:ef:75:4e:7e:27:59:ca:e4:ff:31:39:c9:28:d6:55:5c:bf:
bb:e3:ff:c6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK7fJ4D4IQJdPUiUj+X+raLy436owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwMDVaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiNjY4NjlkMTBjOGM2ZjUzNmNkODQ5OTQ4YjM1NTU0NzJmYzlkNmYwNmZk
Mzk2MzRkMTM3NjYzNDAzM2U2ZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJdWekBfNaoYSbvsx3Dy4F5N4eahPTxucR3LS74pVESnvMYeoq96KVPmKLF9
pojkoTDIZ2FuNDFWc3tF2MKf3I+MR4gBCbN7oHw2532xsOwSMEpCtauPhQCyFU5w
HL5cedY0vGixVuuwt0De8J6OhLq3RdJ81G0YRb0jd4Ogs2ufMkjJDZ19tLowEFjz
8EvWt/jbwWiDHdp7g8NXGV/Kzqdet2o7TAyMW6idAIYIxEdpwKQu3CH0S1LuT1ew
HJ5fHAB1a138He2ca8oncQdbyCAgHXEvRF1HVD8Cxzhyl+1eCCIgpoHDTnziQ6f6
B0T5NKS3rT/nAIxxp2FP/+xnkB8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTrCyKu
c7uF1wa4mvM88bw6aC2pDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yjg5YjNjNWQtZTEyMS00NzY5LTlmM2UtMGQ0YzRmMDc4MGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Flg
MA0GCSqGSIb3DQEBCwUAA4IBAQDKCDZ2WLjjJgbYdnzHLU3zzJALd0OzoVOi8XFN
oijucLr7Xdrg94cyAwQYvVBUmyK1AnzsScc2ESbMOAngo0sYqMCaFsbq7jo25up1
Htriu9c43zSyhpXDYwgsKmFSFLKjgaOjA9o/4a9mn2KqmgefTp2LbVU1zHqcgNuq
4VE3kGsJlcQtwvkSNBA/A9Uga0AOJ22Wi4wNtCX6nHlWWrKD7Jh1XwZ8LvxUDw97
fNjWBWLpIJ/LvCk7ABTN+PNdPltI9zo5vDMOR7OCWOV0rpIFsWev+54hJPsCuURU
9niZTVchmkUTRBdxWMaj73VOfidZyuT/MTnJKNZVXL+74//G
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:24 2025 by rpki-client