Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
File: a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa (raw, json)
Hash identifier: yTAcma3DokBljI3WQwornUg+aEggW9E9I8xivpQIoEQ=
Subject key identifier: 4D:57:D8:F5:15:7A:DB:BB:3B:83:B1:56:2B:1D:38:12:74:83:DE:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47A3C00A9398BC49EAD357ABFDA973CDF35A74BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
Signing time: Mon 13 Oct 2025 17:56:13 +0000
ROA not before: Mon 13 Oct 2025 17:56:13 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:a3:c0:0a:93:98:bc:49:ea:d3:57:ab:fd:a9:73:cd:f3:5a:74:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:56:13 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=22453a6a8ad91dd56c1a9d30c507edeebec7972d1bd4efb53f11748bd49252ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:66:a3:dc:6d:bc:4b:3a:a6:e7:a4:9a:96:8f:
0a:68:8b:aa:55:78:3b:10:55:49:d2:ce:83:05:5a:
44:61:2f:1d:60:b3:41:a4:88:6c:23:ad:64:e3:e3:
06:a6:12:97:eb:7d:4e:45:da:7f:bc:04:8a:3b:36:
f8:5e:7d:17:a2:f8:82:cc:1c:4a:15:34:57:51:b2:
32:80:c1:b7:f9:c8:29:b4:83:77:e1:21:8a:18:ae:
88:02:87:40:0a:1d:2c:f4:99:ec:db:fa:7b:41:7a:
b6:92:14:55:f1:58:51:d2:48:57:c4:70:ba:81:38:
4e:db:f6:f7:0c:97:95:3c:1c:32:0e:fa:2e:36:25:
8c:7a:a2:c5:98:b4:e4:29:b3:9f:3a:d2:3b:b6:2b:
22:03:51:9b:8a:0f:01:62:a5:b0:ea:ae:3a:de:34:
70:f4:f8:16:bf:da:3b:29:d9:60:a9:40:86:6a:e4:
b9:2d:b0:92:06:7c:c9:92:95:3f:ed:c7:2c:e7:9b:
55:66:e4:d3:b8:5a:8c:b5:64:fa:33:cf:4d:22:f1:
8b:bd:e7:a3:56:e6:35:6c:95:70:91:19:91:38:68:
fa:3d:c7:e8:66:ec:30:8f:1f:d2:19:35:58:76:84:
e9:22:48:3d:16:02:65:35:da:c8:65:72:08:71:76:
81:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:57:D8:F5:15:7A:DB:BB:3B:83:B1:56:2B:1D:38:12:74:83:DE:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/20
Signature Algorithm: sha256WithRSAEncryption
b7:b9:d9:da:99:cd:6a:83:ab:8d:ab:6f:f2:13:6e:12:c4:0f:
eb:e2:8d:ba:6d:d0:c2:c0:01:71:ec:fe:fb:49:f0:f5:d3:cd:
af:86:b6:9a:c0:07:65:d2:d6:68:3f:79:e9:f0:3c:fc:6b:a6:
9e:8e:ca:54:b5:5c:18:25:41:ed:b9:ed:8b:46:df:e6:43:41:
dd:32:89:1a:7a:fb:b9:2f:32:b3:1d:fa:ca:c2:1f:05:d8:d1:
44:68:f2:59:d4:0f:fa:ed:43:aa:51:28:02:5e:61:1b:fe:d3:
7f:6b:98:e0:27:04:47:3b:5a:69:cc:75:bf:9c:aa:a8:26:71:
d3:0f:96:46:be:68:5d:47:e1:8a:57:e7:99:3b:eb:7b:85:30:
37:db:a5:d8:a9:ec:3b:cb:f0:69:a2:de:07:d4:ef:c8:6a:de:
47:b3:d0:0f:2a:94:eb:9b:7a:2b:f0:5a:aa:62:bc:95:f1:20:
bb:7b:86:ff:a4:de:28:48:d7:80:8b:a7:d9:63:e0:d0:d1:f0:
73:82:83:76:83:e7:47:28:ef:2e:22:7b:53:7e:f1:0c:d0:da:
13:0c:d3:4b:b5:fd:7c:f1:a0:57:f6:a3:89:de:de:ef:6a:cc:
66:9c:37:a3:60:4d:cf:1f:d2:19:64:d1:3b:66:5f:a8:f4:50:
f2:cc:4b:e2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUR6PACpOYvEnq01er/alzzfNadL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU2MTNaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyNDUzYTZhOGFkOTFkZDU2YzFhOWQzMGM1MDdlZGVlYmVjNzk3MmQxYmQ0
ZWZiNTNmMTE3NDhiZDQ5MjUyYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlmo9xtvEs6puekmpaPCmiLqlV4OxBVSdLOgwVaRGEvHWCzQaSIbCOtZOPj
BqYSl+t9TkXaf7wEijs2+F59F6L4gswcShU0V1GyMoDBt/nIKbSDd+EhihiuiAKH
QAodLPSZ7Nv6e0F6tpIUVfFYUdJIV8RwuoE4Ttv29wyXlTwcMg76LjYljHqixZi0
5CmznzrSO7YrIgNRm4oPAWKlsOquOt40cPT4Fr/aOynZYKlAhmrkuS2wkgZ8yZKV
P+3HLOebVWbk07hajLVk+jPPTSLxi73no1bmNWyVcJEZkTho+j3H6GbsMI8f0hk1
WHaE6SJIPRYCZTXayGVyCHF2gUMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRNV9j1
FXrbuzuDsVYrHTgSdIPeljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTI2MGZlM2MtYTkwMS00ZjVhLWI1MGEtNzliOWExZTFmOGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAt7nZ2pnNaoOrjatv8hNuEsQP6+KNum3QwsABcez+
+0nw9dPNr4a2msAHZdLWaD956fA8/Gumno7KVLVcGCVB7bnti0bf5kNB3TKJGnr7
uS8ysx36ysIfBdjRRGjyWdQP+u1DqlEoAl5hG/7Tf2uY4CcERztaacx1v5yqqCZx
0w+WRr5oXUfhilfnmTvre4UwN9ul2KnsO8vwaaLeB9TvyGreR7PQDyqU65t6K/Ba
qmK8lfEgu3uG/6TeKEjXgIun2WPg0NHwc4KDdoPnRyjvLiJ7U37xDNDaEwzTS7X9
fPGgV/ajid7e72rMZpw3o2BNzx/SGWTRO2ZfqPRQ8sxL4g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:29 2025 by rpki-client