Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
File: 995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa (raw, json)
Hash identifier: 0CtJlAsgCJKK7p2zI7CjLux/bkj9vKVovUGoVXPxDIA=
Subject key identifier: D3:C1:8D:4B:6B:F5:07:54:CD:B5:7E:E8:8E:88:33:BE:7F:3C:54:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11AF3388257EC1729ABEA030251A45378A67C91E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
Signing time: Mon 13 Oct 2025 17:56:10 +0000
ROA not before: Mon 13 Oct 2025 17:56:10 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.16.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:af:33:88:25:7e:c1:72:9a:be:a0:30:25:1a:45:37:8a:67:c9:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:56:10 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=3efcf3ffcbf7107b1e2d3d4add1d872785905dd55aa6c42936b7ac0f83e04904, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:64:cf:1e:8a:28:a2:c7:79:f9:1c:30:b0:05:
77:43:1c:d3:08:df:54:ee:4d:e0:f8:dd:82:b3:6b:
1f:0c:f6:66:a9:40:64:cd:5a:6b:99:b6:f7:7c:0d:
85:ae:f1:9f:10:40:c5:ef:1a:b7:12:73:1a:c4:53:
b8:c7:ed:e3:8a:ff:07:0f:be:31:29:ff:b0:5d:8f:
bc:30:93:49:5c:e7:83:40:2a:f3:07:ce:7c:99:bb:
1b:53:bf:76:98:c7:43:0b:a3:62:27:af:e9:3d:82:
35:55:35:52:72:7a:cd:69:36:0e:fd:81:72:dc:57:
ff:e1:31:fa:d8:f7:b1:f1:1c:39:67:1d:7a:b8:6e:
3a:57:d2:62:ec:e9:88:32:39:60:f0:a1:81:52:e8:
d1:d1:ee:87:b5:36:ba:59:85:fe:ce:c4:84:5b:d2:
33:a4:37:ac:fd:4c:97:3e:46:81:05:82:4d:90:71:
8e:1f:08:d3:5a:a3:09:82:5d:85:36:c5:ff:dc:5a:
21:47:a3:41:db:2b:b3:b9:23:81:5c:ba:49:f2:19:
fc:bb:4d:c6:c8:e6:7b:46:e9:b7:3c:cc:a8:08:e5:
31:ff:c0:f0:11:13:1e:bf:b3:f2:b2:49:a3:14:16:
02:71:4b:61:bd:67:94:7c:5f:93:62:f0:3e:d5:37:
6c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C1:8D:4B:6B:F5:07:54:CD:B5:7E:E8:8E:88:33:BE:7F:3C:54:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.16.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:bc:a9:c6:4f:15:fd:98:e0:ef:b7:88:09:e0:42:c2:5e:70:
50:09:56:cb:62:c7:0a:ae:06:7d:35:bc:74:f1:20:d1:96:94:
06:fe:79:aa:a0:c4:cd:11:21:4a:ec:30:d1:7c:a3:35:4b:bf:
9f:30:ee:dc:e4:f8:27:1b:dd:3a:7f:1e:9b:35:c1:fd:9e:e2:
c3:1b:f3:4a:aa:b5:4c:89:51:ad:e0:9e:a4:8a:e6:03:4b:b7:
8b:40:90:a8:21:25:ed:cf:ee:0b:65:51:63:35:c3:bb:cc:1c:
3b:d7:b6:6d:a1:a0:45:c2:b4:63:6a:fd:f4:25:19:70:9f:25:
d7:76:8e:bf:76:45:6f:6e:c7:72:67:fb:6d:c5:3f:29:85:9e:
14:da:0e:a0:9d:3f:45:38:e0:30:38:fe:f6:f4:b3:13:d4:86:
be:aa:21:5e:09:7a:af:74:5f:2d:5d:7e:a9:bc:40:b0:81:64:
12:ad:26:49:41:fe:0a:9d:89:f1:cc:0a:3e:73:3c:40:6e:31:
11:57:22:f6:03:4a:47:9a:e1:9b:80:83:df:e0:c4:6c:90:88:
b0:3c:fa:42:51:a7:c0:f6:b7:15:af:0a:c9:a2:67:40:44:a6:
3e:69:b5:b2:51:4e:b3:59:db:c5:17:30:c1:7f:fb:31:c8:27:
07:d3:17:6e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEa8ziCV+wXKavqAwJRpFN4pnyR4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU2MTBaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlZmNmM2ZmY2JmNzEwN2IxZTJkM2Q0YWRkMWQ4NzI3ODU5MDVkZDU1YWE2
YzQyOTM2YjdhYzBmODNlMDQ5MDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOtkzx6KKKLHefkcMLAFd0Mc0wjfVO5N4PjdgrNrHwz2ZqlAZM1aa5m293wN
ha7xnxBAxe8atxJzGsRTuMft44r/Bw++MSn/sF2PvDCTSVzng0Aq8wfOfJm7G1O/
dpjHQwujYiev6T2CNVU1UnJ6zWk2Dv2BctxX/+Ex+tj3sfEcOWcderhuOlfSYuzp
iDI5YPChgVLo0dHuh7U2ulmF/s7EhFvSM6Q3rP1Mlz5GgQWCTZBxjh8I01qjCYJd
hTbF/9xaIUejQdsrs7kjgVy6SfIZ/LtNxsjme0bptzzMqAjlMf/A8BETHr+z8rJJ
oxQWAnFLYb1nlHxfk2LwPtU3bAcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTTwY1L
a/UHVM21fuiOiDO+fzxUfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk1ZDRmOGQtMGJjZC00YjMwLTlkYmUtNDJiY2RiZWIwNDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiEDAN
BgkqhkiG9w0BAQsFAAOCAQEAerypxk8V/Zjg77eICeBCwl5wUAlWy2LHCq4GfTW8
dPEg0ZaUBv55qqDEzREhSuww0XyjNUu/nzDu3OT4JxvdOn8emzXB/Z7iwxvzSqq1
TIlRreCepIrmA0u3i0CQqCEl7c/uC2VRYzXDu8wcO9e2baGgRcK0Y2r99CUZcJ8l
13aOv3ZFb27Hcmf7bcU/KYWeFNoOoJ0/RTjgMDj+9vSzE9SGvqohXgl6r3RfLV1+
qbxAsIFkEq0mSUH+Cp2J8cwKPnM8QG4xEVci9gNKR5rhm4CD3+DEbJCIsDz6QlGn
wPa3Fa8KyaJnQESmPmm1slFOs1nbxRcwwX/7McgnB9MXbg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:53 2025 by rpki-client