Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
File: 513c0075-edb1-461e-a07d-4eb5874bd9ce.roa (raw, json)
Hash identifier: 6M63+xoeTn9u17+kplTD0aqqYYL5PpmECF6fmSM/Hgs=
Subject key identifier: 6E:22:36:B6:D5:B7:F1:B5:A4:EF:A5:0E:37:E9:DE:EC:F0:94:A6:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B881F4D1A4EB0E7E974A62FFC1D70F8B83839EA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
Signing time: Mon 13 Oct 2025 17:55:30 +0000
ROA not before: Mon 13 Oct 2025 17:55:30 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.160.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:88:1f:4d:1a:4e:b0:e7:e9:74:a6:2f:fc:1d:70:f8:b8:38:39:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:55:30 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=ea263bd706a1b2ec1ba8c0411fc7ee0604b4434f6594314642bd92a63f902b5b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f0:fa:5b:31:f8:e1:87:e0:e8:83:52:65:50:
4f:87:b9:dc:2c:22:48:ab:2a:6a:df:3a:f2:8c:d6:
0a:11:00:82:63:19:36:39:4a:d5:97:13:c6:22:c8:
2c:57:cb:3c:aa:a8:7c:e9:56:7c:ab:7a:2d:e8:03:
ac:51:47:d8:5d:5a:43:a3:02:46:97:c1:a5:c7:76:
85:96:47:2d:dc:ca:6b:71:0c:8d:b0:f2:bd:53:26:
84:e9:e1:00:94:03:38:7c:6f:c2:7b:ca:34:97:e4:
cc:2b:bd:d6:fc:45:00:29:57:1a:33:74:cb:20:21:
2d:80:81:9b:71:8d:5d:01:1b:ce:82:59:af:c8:e9:
f1:cc:17:15:3e:f9:96:6b:2f:a8:0b:f0:2e:99:bb:
4c:f5:1c:ce:0f:a7:18:bc:f3:3e:94:c7:02:65:6d:
62:8a:e9:a2:67:4d:32:3d:70:c5:0e:11:ed:96:c4:
21:38:e8:53:79:d3:81:a0:17:77:ca:1b:4a:16:1c:
61:84:77:c2:e5:55:22:84:a0:df:1f:18:54:c4:b5:
8b:50:af:4b:ec:57:d5:fb:3a:52:4b:2d:91:42:ba:
6a:d2:28:2c:ce:b5:b8:10:bf:70:a6:e9:09:23:da:
29:63:e9:de:1e:1b:cf:17:de:c3:85:de:39:88:e7:
39:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:22:36:B6:D5:B7:F1:B5:A4:EF:A5:0E:37:E9:DE:EC:F0:94:A6:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.160.0/20
Signature Algorithm: sha256WithRSAEncryption
8e:58:5e:29:c0:a5:d2:f8:e0:b8:7f:44:9d:e6:08:ee:b6:bb:
3a:eb:54:86:03:4d:8f:12:09:ee:d2:39:15:e2:39:c0:ee:96:
2a:04:b0:eb:71:e0:8f:2e:d6:c8:4d:83:cd:f9:7d:a6:c1:d5:
59:13:30:32:6d:00:34:3c:54:1e:a2:ed:8a:71:7f:47:a8:8c:
bc:ea:83:82:39:51:48:b7:e2:fe:f8:44:ce:22:04:bb:eb:00:
2c:a0:07:67:7e:3c:03:73:14:7b:0e:c9:11:41:b2:38:3c:0f:
5d:87:28:02:06:19:d6:9a:61:0e:f0:65:7b:9a:ce:e8:bd:fe:
d8:ee:61:a7:03:d5:a3:89:b9:42:c6:5e:c9:42:74:af:2e:36:
a5:6c:9a:9a:fc:37:44:a3:1b:d8:05:c5:0a:dd:7e:14:84:46:
8e:11:6e:04:af:37:6d:f2:e3:38:ad:42:a9:54:dc:45:65:c2:
c7:55:d4:c1:e7:d5:29:83:8a:11:bb:56:5a:59:ef:3a:25:e7:
43:15:a2:f3:50:dd:91:81:10:fa:2b:66:e1:b7:d5:6f:99:f2:
9f:8c:1f:0a:6f:cc:e9:38:a2:73:67:85:e8:45:96:e1:96:a5:
cb:27:c0:72:6b:69:d9:7d:58:63:2a:0e:8d:88:36:43:21:57:
bf:11:44:8d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUG4gfTRpOsOfpdKYv/B1w+Lg4OeowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU1MzBaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhMjYzYmQ3MDZhMWIyZWMxYmE4YzA0MTFmYzdlZTA2MDRiNDQzNGY2NTk0
MzE0NjQyYmQ5MmE2M2Y5MDJiNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvw+lsx+OGH4OiDUmVQT4e53CwiSKsqat868ozWChEAgmMZNjlK1ZcTxiLI
LFfLPKqofOlWfKt6LegDrFFH2F1aQ6MCRpfBpcd2hZZHLdzKa3EMjbDyvVMmhOnh
AJQDOHxvwnvKNJfkzCu91vxFAClXGjN0yyAhLYCBm3GNXQEbzoJZr8jp8cwXFT75
lmsvqAvwLpm7TPUczg+nGLzzPpTHAmVtYorpomdNMj1wxQ4R7ZbEITjoU3nTgaAX
d8obShYcYYR3wuVVIoSg3x8YVMS1i1CvS+xX1fs6UkstkUK6atIoLM61uBC/cKbp
CSPaKWPp3h4bzxfew4XeOYjnOZkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRuIja2
1bfxtaTvpQ436d7s8JSmCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTEzYzAwNzUtZWRiMS00NjFlLWEwN2QtNGViNTg3NGJkOWNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAioDAN
BgkqhkiG9w0BAQsFAAOCAQEAjlheKcCl0vjguH9EneYI7ra7OutUhgNNjxIJ7tI5
FeI5wO6WKgSw63Hgjy7WyE2Dzfl9psHVWRMwMm0ANDxUHqLtinF/R6iMvOqDgjlR
SLfi/vhEziIEu+sALKAHZ348A3MUew7JEUGyODwPXYcoAgYZ1pphDvBle5rO6L3+
2O5hpwPVo4m5QsZeyUJ0ry42pWyamvw3RKMb2AXFCt1+FIRGjhFuBK83bfLjOK1C
qVTcRWXCx1XUwefVKYOKEbtWWlnvOiXnQxWi81DdkYEQ+itm4bfVb5nyn4wfCm/M
6Tiic2eF6EWW4ZalyyfAcmtp2X1YYyoOjYg2QyFXvxFEjQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:56 2025 by rpki-client