Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
File: 65fd1736-b3cd-4b5b-abca-9d430a70e064.roa (raw, json)
Hash identifier: KeL6DYqKTyUrEJlNxuWmSqxvHi/nzf622SEmPgD6kzM=
Subject key identifier: E4:2C:65:35:D8:C6:09:18:DD:22:C3:FF:76:46:66:15:80:EF:F6:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 543615FF0EAD3F884BFA5FBCDA25B7A80671E1B7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
Signing time: Mon 13 Oct 2025 17:55:37 +0000
ROA not before: Mon 13 Oct 2025 17:55:37 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:36:15:ff:0e:ad:3f:88:4b:fa:5f:bc:da:25:b7:a8:06:71:e1:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:55:37 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=a46b8ed9c81c0b16a3105d1a1d072c5766b9a228f558b254ce5d81253bd38101, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:47:3a:3f:05:06:e4:77:5a:26:fb:f5:16:d8:
78:15:70:65:cf:af:0b:23:1c:ee:65:ad:a4:67:69:
d6:96:27:b2:12:a2:4a:be:44:e7:af:ba:7f:9a:fb:
2e:2b:b7:69:46:33:17:a8:2f:6b:4e:8a:2d:34:f1:
b0:31:3f:d2:7b:64:cd:fd:77:44:35:10:8c:31:7d:
c6:55:ab:3b:c2:b3:8c:7f:42:9b:b3:d3:58:3e:0a:
ae:56:86:ce:11:81:95:66:b2:f9:19:42:2f:c4:68:
d6:59:53:db:b4:46:48:78:84:7d:4d:33:39:78:b4:
fb:f8:b3:74:89:d6:04:76:79:74:17:3a:85:3a:0b:
8b:f6:93:47:eb:9a:c0:9f:bb:4a:84:78:2a:16:74:
00:2b:ea:ff:12:a2:56:ab:69:b7:87:51:a0:6d:8a:
99:cb:1c:af:ee:16:ce:57:83:c1:1e:08:67:77:d5:
fc:2e:07:df:4c:d3:d0:6d:b7:54:a8:97:27:1b:41:
8c:fc:0e:f3:23:68:f6:d0:c3:81:43:a3:49:6f:30:
d6:ff:53:53:43:8e:f5:bc:1e:af:4a:76:a1:13:9d:
32:ad:09:cf:bb:42:44:e2:06:4d:d3:96:4c:e3:34:
45:3c:dd:c5:50:4c:0e:47:9f:e5:14:31:c7:4f:61:
51:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:2C:65:35:D8:C6:09:18:DD:22:C3:FF:76:46:66:15:80:EF:F6:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.192.0/18
Signature Algorithm: sha256WithRSAEncryption
41:9f:b6:b5:c5:1a:b8:a5:03:b2:ee:48:5a:08:a0:20:5c:7b:
c4:b7:49:88:9c:b3:ff:69:fe:3c:50:fd:d6:f5:eb:75:75:27:
3a:d9:de:12:e2:5a:b4:e1:f0:23:c0:fb:fc:e1:5a:68:e7:c0:
0b:9a:1e:0c:18:c7:2c:f8:c8:b1:07:46:c4:00:8c:16:90:f5:
2f:f5:8c:af:b4:60:1c:9d:89:63:d3:ae:f6:df:f8:f7:71:a0:
5c:21:b5:f4:f0:a5:9c:fc:46:5d:f8:45:ea:8e:c7:fb:4a:1f:
01:69:4c:8d:b5:5a:94:03:e5:79:2f:12:8b:7e:0d:62:81:96:
96:68:84:9d:2b:84:fe:5d:a8:d7:55:ae:28:0e:2c:42:b2:9e:
7b:bd:af:85:a2:f9:da:47:73:22:17:45:1c:03:c5:89:c7:cb:
61:0a:3d:65:44:b0:e4:cc:c7:35:28:9a:10:29:6c:5b:ee:4a:
52:2a:e1:5b:db:ab:09:b4:e5:9c:27:78:ae:78:ac:5c:bc:c5:
5b:9b:b6:cd:2d:5d:ce:4c:25:85:e3:37:32:1c:c6:a3:a3:e2:
bd:11:54:05:8c:cb:3b:59:15:d5:47:e0:68:08:e5:a0:7d:23:
cf:f8:6c:7c:62:57:91:02:79:fc:05:b6:1c:2c:89:99:54:e2:
35:52:a3:27
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVDYV/w6tP4hL+l+82iW3qAZx4bcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU1MzdaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0NmI4ZWQ5YzgxYzBiMTZhMzEwNWQxYTFkMDcyYzU3NjZiOWEyMjhmNTU4
YjI1NGNlNWQ4MTI1M2JkMzgxMDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFHOj8FBuR3Wib79RbYeBVwZc+vCyMc7mWtpGdp1pYnshKiSr5E56+6f5r7
Liu3aUYzF6gva06KLTTxsDE/0ntkzf13RDUQjDF9xlWrO8KzjH9Cm7PTWD4KrlaG
zhGBlWay+RlCL8Ro1llT27RGSHiEfU0zOXi0+/izdInWBHZ5dBc6hToLi/aTR+ua
wJ+7SoR4KhZ0ACvq/xKiVqtpt4dRoG2Kmcscr+4WzleDwR4IZ3fV/C4H30zT0G23
VKiXJxtBjPwO8yNo9tDDgUOjSW8w1v9TU0OO9bwer0p2oROdMq0Jz7tCROIGTdOW
TOM0RTzdxVBMDkef5RQxx09hUXcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTkLGU1
2MYJGN0iw/92RmYVgO/2mDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjVmZDE3MzYtYjNjZC00YjViLWFiY2EtOWQ0MzBhNzBlMDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAQZ+2tcUauKUDsu5IWgigIFx7xLdJiJyz/2n+PFD9
1vXrdXUnOtneEuJatOHwI8D7/OFaaOfAC5oeDBjHLPjIsQdGxACMFpD1L/WMr7Rg
HJ2JY9Ou9t/493GgXCG19PClnPxGXfhF6o7H+0ofAWlMjbValAPleS8Si34NYoGW
lmiEnSuE/l2o11WuKA4sQrKee72vhaL52kdzIhdFHAPFicfLYQo9ZUSw5MzHNSia
EClsW+5KUirhW9urCbTlnCd4rnisXLzFW5u2zS1dzkwlheM3MhzGo6PivRFUBYzL
O1kV1UfgaAjloH0jz/hsfGJXkQJ5/AW2HCyJmVTiNVKjJw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:29 2025 by rpki-client