Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
File: 1172536b-2edc-4ffb-9fca-b111f3d038a9.roa (raw, json)
Hash identifier: eVQaadepH0UlC0vnbVfBtQlpviaIBuOYyFzkhwYquWI=
Subject key identifier: 5B:6B:D8:45:F9:7C:7D:C7:38:DD:D3:C5:23:59:2B:9E:76:2B:E9:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D6C42F7AFD5470A048C6958B6AD14744380BC5F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
Signing time: Fri 26 Sep 2025 18:20:50 +0000
ROA not before: Fri 26 Sep 2025 18:20:50 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:6c:42:f7:af:d5:47:0a:04:8c:69:58:b6:ad:14:74:43:80:bc:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:20:50 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=5448a081daff03123c04a5365787dd4600240c1591ec71f633e62bbbb55dc1bd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:30:bf:70:4b:52:96:36:3d:c8:96:54:b9:d4:
2b:66:ab:f2:84:6f:42:bc:cc:f9:c6:04:c6:fb:37:
ee:d5:18:2e:2d:2f:36:03:1d:5f:fe:65:96:60:a3:
a0:9b:f8:36:a5:1a:38:ef:71:f8:11:4a:f7:73:b8:
09:2d:91:e6:18:18:61:a4:bb:75:82:32:30:8d:ce:
f6:1c:39:23:ba:3d:75:53:09:c7:40:0b:57:f1:c0:
76:29:24:a5:04:9f:f0:af:47:05:b0:35:ee:19:6a:
1e:3d:4b:ce:2f:b3:24:56:b9:76:1a:25:7c:8e:49:
26:8a:30:46:a2:b9:61:ed:71:68:34:2a:09:63:0f:
ae:0c:d7:1c:66:92:75:14:b4:cb:6d:75:0d:1d:9c:
d0:7d:68:0d:c3:7d:0b:48:9a:df:c2:55:4e:42:e2:
e9:b4:a8:0b:0d:0f:2f:f4:55:b5:eb:1f:90:9e:9a:
cb:8e:40:6e:af:5e:b0:94:30:b7:d7:a7:02:3a:b8:
07:ff:65:ae:b9:88:52:39:25:f1:61:eb:68:e6:84:
d5:5c:62:cf:33:0c:1a:ab:e6:91:70:f8:9e:67:fe:
20:3c:95:39:90:c4:06:d9:9e:fe:d4:02:a8:d0:d4:
e0:e0:d1:74:40:b8:f9:0d:76:d8:bf:22:d3:38:c5:
67:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:6B:D8:45:F9:7C:7D:C7:38:DD:D3:C5:23:59:2B:9E:76:2B:E9:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.112.0/21
Signature Algorithm: sha256WithRSAEncryption
02:7e:1c:d7:38:42:e0:88:fe:b5:95:d2:5a:5a:55:90:a3:0d:
b2:87:b3:35:6e:6e:e7:07:07:31:26:a0:72:b7:1d:bc:46:2a:
b0:f7:d4:7e:fe:57:e1:2c:95:c7:a1:19:e7:cd:19:90:b6:1b:
f4:e6:c9:6e:fb:2b:95:2a:56:34:33:d1:32:20:cf:6b:fb:61:
2b:77:d3:46:77:69:1f:b6:49:29:c4:70:19:81:4d:ad:1e:1e:
d5:af:82:2e:84:d1:1a:67:e5:95:cf:03:00:63:0b:f7:aa:a7:
f5:f6:ed:22:e1:07:9f:8c:c4:3f:d8:da:c0:28:4e:55:46:b1:
ae:4b:40:31:14:16:e0:73:11:5d:09:72:30:e2:bf:0e:0f:67:
8d:b9:60:4c:87:66:15:c5:5d:44:e4:04:b9:28:7e:69:07:74:
88:9a:4a:7d:7d:4a:62:f8:f9:b1:2c:3d:45:97:d7:fd:8b:3d:
79:0c:15:f0:7c:c9:77:a1:37:f9:07:42:ae:b2:38:9d:ed:ff:
14:04:9e:8c:be:37:c9:30:d0:c6:99:10:20:9d:8c:e8:01:7a:
22:a8:94:ce:1e:39:ae:3b:1b:b2:a2:0e:31:d5:ba:30:c7:32:
d2:61:81:93:79:e9:22:68:33:4b:f7:21:d3:2e:02:60:90:2e:
c2:49:7c:99
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfWxC96/VRwoEjGlYtq0UdEOAvF8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODIwNTBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0NDhhMDgxZGFmZjAzMTIzYzA0YTUzNjU3ODdkZDQ2MDAyNDBjMTU5MWVj
NzFmNjMzZTYyYmJiYjU1ZGMxYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQwv3BLUpY2PciWVLnUK2ar8oRvQrzM+cYExvs37tUYLi0vNgMdX/5llmCj
oJv4NqUaOO9x+BFK93O4CS2R5hgYYaS7dYIyMI3O9hw5I7o9dVMJx0ALV/HAdikk
pQSf8K9HBbA17hlqHj1Lzi+zJFa5dholfI5JJoowRqK5Ye1xaDQqCWMPrgzXHGaS
dRS0y211DR2c0H1oDcN9C0ia38JVTkLi6bSoCw0PL/RVtesfkJ6ay45Abq9esJQw
t9enAjq4B/9lrrmIUjkl8WHraOaE1VxizzMMGqvmkXD4nmf+IDyVOZDEBtme/tQC
qNDU4ODRdEC4+Q122L8i0zjFZ2kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRba9hF
+Xx9xzjd08UjWSuedivpujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE3MjUzNmItMmVkYy00ZmZiLTlmY2EtYjExMWYzZDAzOGE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgcDAN
BgkqhkiG9w0BAQsFAAOCAQEAAn4c1zhC4Ij+tZXSWlpVkKMNsoezNW5u5wcHMSag
crcdvEYqsPfUfv5X4SyVx6EZ580ZkLYb9ObJbvsrlSpWNDPRMiDPa/thK3fTRndp
H7ZJKcRwGYFNrR4e1a+CLoTRGmfllc8DAGML96qn9fbtIuEHn4zEP9jawChOVUax
rktAMRQW4HMRXQlyMOK/Dg9njblgTIdmFcVdROQEuSh+aQd0iJpKfX1KYvj5sSw9
RZfX/Ys9eQwV8HzJd6E3+QdCrrI4ne3/FASejL43yTDQxpkQIJ2M6AF6IqiUzh45
rjsbsqIOMdW6MMcy0mGBk3npImgzS/ch0y4CYJAuwkl8mQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:26 2025 by rpki-client