Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
File: 1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa (raw, json)
Hash identifier: Bf3RsbB+GLII78qQW3vbQpjn1w4O40OnayEqNo1u5jg=
Subject key identifier: 2D:EB:43:E4:CB:A0:4E:F7:53:28:C7:C8:7D:59:91:B8:0D:A9:7F:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37BDE7821EDEE677DE3EB21D615889BC06FDD005
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
Signing time: Mon 13 Oct 2025 17:56:05 +0000
ROA not before: Mon 13 Oct 2025 17:56:05 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:bd:e7:82:1e:de:e6:77:de:3e:b2:1d:61:58:89:bc:06:fd:d0:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:56:05 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=1559d028f6bcdbe89776d44ca590a6e374c0d74c2877dcaae0883f9759b996ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:81:0b:64:57:f5:c8:10:4a:b8:aa:c5:1e:ce:
79:15:2e:b1:dd:eb:96:e9:a8:92:e2:fb:63:e7:78:
f3:16:98:41:9b:31:95:3d:f2:13:b3:7e:5a:75:c5:
7b:6f:88:87:aa:34:e4:6b:54:78:52:35:04:85:61:
2f:d2:25:0f:a3:8f:de:92:d4:8d:e4:a5:31:d4:7c:
1d:06:0a:81:9c:ad:be:e5:2e:3e:e3:42:68:b2:6f:
28:a8:bb:d3:0d:b2:73:b8:65:7e:7d:55:33:aa:64:
72:b0:80:28:7c:1e:4e:4c:ff:18:5d:09:e5:4b:8e:
be:7e:5a:bd:55:a5:75:6d:4a:f6:2b:bf:05:61:ca:
3a:c3:9b:84:ac:f0:27:45:0c:1e:9b:59:f7:2d:7e:
69:7d:a0:95:8e:26:e2:3b:db:99:02:17:10:4c:de:
3d:b2:66:7d:d3:80:b6:6d:ba:bb:7b:b9:65:e7:cc:
53:e3:6e:61:36:06:0d:ae:28:e8:d1:4f:5e:00:90:
59:51:3b:6f:79:57:e6:c5:a2:4b:5e:67:6a:ca:40:
2d:94:99:59:a1:62:13:a3:e4:15:19:c4:4f:d8:11:
3c:8a:d6:46:3e:6d:fd:48:3a:cb:1f:d3:ef:d7:d7:
9c:53:72:26:98:55:93:61:87:b0:99:d2:27:4d:a3:
dc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:EB:43:E4:CB:A0:4E:F7:53:28:C7:C8:7D:59:91:B8:0D:A9:7F:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.124.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:43:c0:ad:ab:f1:c4:d1:7f:f1:f2:f2:dc:61:e1:8b:b7:40:
8e:20:76:56:49:f3:be:48:fc:03:cb:77:18:ed:30:3b:ec:79:
11:da:4e:ac:63:b9:fb:0b:b7:cd:59:8d:7f:08:61:a3:80:e5:
72:04:6e:4e:e1:fc:4e:af:40:b3:81:c3:5d:8f:40:57:a4:38:
e7:1a:af:3f:fd:72:12:95:46:1f:f5:8e:ec:db:b6:23:66:23:
3b:20:1b:cb:2e:ed:89:7a:60:8d:ff:9a:c4:4f:ce:88:9a:e1:
51:cc:18:ec:e0:79:62:7e:9f:93:87:fd:2f:a1:ac:f1:14:e6:
34:ad:b2:d1:a5:c3:95:78:12:2a:4c:e2:b5:3e:66:c0:46:2d:
23:e4:64:a4:bc:b4:95:46:06:70:b7:de:33:62:47:e6:61:c8:
43:77:2d:96:7b:35:81:94:2a:b8:0a:b0:47:de:eb:36:9a:f8:
c2:27:4f:fa:20:fc:79:85:17:2d:4e:da:53:7d:e2:4f:9c:60:
74:71:82:af:62:81:7a:84:be:11:6f:e3:d1:cb:af:27:1c:6f:
73:2f:da:0b:e5:b3:c7:7a:4c:89:74:b8:3c:21:9e:de:68:ef:
7f:74:19:0c:f2:74:2c:f3:b5:f9:20:c6:e3:f3:85:9c:55:25:
be:bf:7e:1a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUN73ngh7e5nfePrIdYViJvAb90AUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU2MDVaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1NTlkMDI4ZjZiY2RiZTg5Nzc2ZDQ0Y2E1OTBhNmUzNzRjMGQ3NGMyODc3
ZGNhYWUwODgzZjk3NTliOTk2ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKKBC2RX9cgQSriqxR7OeRUusd3rlumokuL7Y+d48xaYQZsxlT3yE7N+WnXF
e2+Ih6o05GtUeFI1BIVhL9IlD6OP3pLUjeSlMdR8HQYKgZytvuUuPuNCaLJvKKi7
0w2yc7hlfn1VM6pkcrCAKHweTkz/GF0J5UuOvn5avVWldW1K9iu/BWHKOsObhKzw
J0UMHptZ9y1+aX2glY4m4jvbmQIXEEzePbJmfdOAtm26u3u5ZefMU+NuYTYGDa4o
6NFPXgCQWVE7b3lX5sWiS15naspALZSZWaFiE6PkFRnET9gRPIrWRj5t/Ug6yx/T
79fXnFNyJphVk2GHsJnSJ02j3EMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQt60Pk
y6BO91Mox8h9WZG4Dal/izAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4YTcwNzYtMGM3OC00YWE2LTljMWUtZGZlYjk0NzE4OWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbAgfDAN
BgkqhkiG9w0BAQsFAAOCAQEAK0PAravxxNF/8fLy3GHhi7dAjiB2Vknzvkj8A8t3
GO0wO+x5EdpOrGO5+wu3zVmNfwhho4DlcgRuTuH8Tq9As4HDXY9AV6Q45xqvP/1y
EpVGH/WO7Nu2I2YjOyAbyy7tiXpgjf+axE/OiJrhUcwY7OB5Yn6fk4f9L6Gs8RTm
NK2y0aXDlXgSKkzitT5mwEYtI+RkpLy0lUYGcLfeM2JH5mHIQ3ctlns1gZQquAqw
R97rNpr4widP+iD8eYUXLU7aU33iT5xgdHGCr2KBeoS+EW/j0cuvJxxvcy/aC+Wz
x3pMiXS4PCGe3mjvf3QZDPJ0LPO1+SDG4/OFnFUlvr9+Gg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:38 2025 by rpki-client