Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
File: b176a187-5863-4413-a001-74ccc0321be5.roa (raw, json)
Hash identifier: HNekjDZGBPQf5FXyMbQaRgLE6YZ6gzL3239WDrwHsWg=
Subject key identifier: CB:20:10:1D:BC:76:1A:69:9D:D7:38:B0:EE:59:00:08:A3:EC:91:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 683AE2B6DBD9D8B8B256FE6350EB90E8647D2B7B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
Signing time: Fri 26 Sep 2025 20:11:24 +0000
ROA not before: Fri 26 Sep 2025 20:11:24 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02c::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:3a:e2:b6:db:d9:d8:b8:b2:56:fe:63:50:eb:90:e8:64:7d:2b:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:11:24 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=5998d2a80be07ea1fc10ce5440d57ff25d52fdd5a751fd43171aab1be38cfb26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:27:7a:cc:b5:d8:20:fc:2a:60:ca:da:77:29:
42:0d:95:30:e4:a8:ea:17:21:f3:84:a2:32:1f:a0:
b3:34:57:02:7d:d5:eb:20:51:54:91:2d:e9:be:9e:
26:7b:99:93:d9:1c:f6:c5:9a:be:f4:21:f5:9e:4c:
a7:46:f8:d6:e3:25:76:84:80:3c:41:ca:ec:1f:1e:
31:94:d7:f3:c6:d3:e4:25:94:6a:2f:b7:cd:a1:8a:
c4:67:22:f6:ec:c8:4d:5a:7d:3e:97:9d:da:74:80:
aa:10:20:97:a4:d5:76:5c:42:58:79:ce:2c:4c:6a:
c7:21:91:e6:b7:ed:45:57:93:69:b6:d7:7f:14:ce:
61:bb:ee:ab:5a:7b:77:04:ee:79:95:31:7a:ed:23:
7d:76:70:84:43:f2:4f:e3:aa:7f:b5:15:76:42:48:
77:64:5f:2f:85:d7:94:1b:20:98:05:1b:57:54:7e:
64:4a:18:77:61:94:0f:04:09:58:7b:ac:7d:9e:99:
4b:da:23:0e:c1:a6:eb:60:ed:e7:51:de:85:f2:f6:
6b:a6:d1:d9:65:dd:af:c7:d5:4e:f8:a2:0d:1c:59:
ac:7b:00:e3:f1:90:dc:02:4e:21:fd:44:fa:f5:25:
48:ed:c0:9d:42:3b:86:95:7e:3b:2e:ba:82:72:b1:
d3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:20:10:1D:BC:76:1A:69:9D:D7:38:B0:EE:59:00:08:A3:EC:91:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02c::/36
Signature Algorithm: sha256WithRSAEncryption
5b:7e:e6:e4:0a:e1:3d:54:50:23:04:97:b3:e8:ab:7c:0d:88:
35:9c:72:1b:35:e0:64:f5:0b:08:c3:3b:04:48:00:7c:5e:4f:
d8:09:c5:8d:b0:4f:9c:fc:ad:e4:1f:d8:c2:b4:84:31:31:a4:
d5:55:ad:7e:4a:ce:7c:19:c8:db:6d:f4:8b:af:86:8a:82:ea:
90:c9:c8:4b:7c:c7:de:60:e1:b6:fd:2c:74:32:cd:7d:54:b2:
bc:27:50:78:f3:bb:9b:9d:b2:21:33:fc:91:64:34:2f:4c:b0:
52:6a:bb:c5:ce:d3:56:e7:95:c6:13:1c:f4:ef:e5:7b:31:c9:
3d:65:cd:c5:6d:ae:59:4b:f2:ed:02:b8:c6:98:2a:83:44:0f:
ee:d9:c8:d4:24:92:fe:46:f9:72:d7:89:97:cf:ab:9b:38:f0:
fa:54:28:e8:1b:9e:0d:e4:f7:55:66:c0:ab:ec:b5:f5:93:78:
8f:96:71:11:07:c2:2f:66:0b:3b:cb:61:e2:40:6c:b7:ce:de:
7c:42:a4:31:2a:2d:09:f7:da:92:5b:9b:d0:af:b0:a4:7d:65:
c7:7a:51:bf:a8:05:33:9e:80:20:48:04:a3:11:3e:e4:e5:ba:
4d:76:99:68:23:67:83:ce:77:18:2e:a2:ca:9a:3e:05:08:e8:
f6:bf:1a:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaDrittvZ2LiyVv5jUOuQ6GR9K3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDExMjRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5OThkMmE4MGJlMDdlYTFmYzEwY2U1NDQwZDU3ZmYyNWQ1MmZkZDVhNzUx
ZmQ0MzE3MWFhYjFiZTM4Y2ZiMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8nesy12CD8KmDK2ncpQg2VMOSo6hch84SiMh+gszRXAn3V6yBRVJEt6b6e
JnuZk9kc9sWavvQh9Z5Mp0b41uMldoSAPEHK7B8eMZTX88bT5CWUai+3zaGKxGci
9uzITVp9Pped2nSAqhAgl6TVdlxCWHnOLExqxyGR5rftRVeTabbXfxTOYbvuq1p7
dwTueZUxeu0jfXZwhEPyT+Oqf7UVdkJId2RfL4XXlBsgmAUbV1R+ZEoYd2GUDwQJ
WHusfZ6ZS9ojDsGm62Dt51HehfL2a6bR2WXdr8fVTviiDRxZrHsA4/GQ3AJOIf1E
+vUlSO3AnUI7hpV+Oy66gnKx0ysCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTLIBAd
vHYaaZ3XOLDuWQAIo+yR2TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE3NmExODctNTg2My00NDEzLWEwMDEtNzRjY2MwMzIxYmU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CwA
MA0GCSqGSIb3DQEBCwUAA4IBAQBbfubkCuE9VFAjBJez6Kt8DYg1nHIbNeBk9QsI
wzsESAB8Xk/YCcWNsE+c/K3kH9jCtIQxMaTVVa1+Ss58GcjbbfSLr4aKguqQychL
fMfeYOG2/Sx0Ms19VLK8J1B487ubnbIhM/yRZDQvTLBSarvFztNW55XGExz07+V7
Mck9Zc3Fba5ZS/LtArjGmCqDRA/u2cjUJJL+Rvly14mXz6ubOPD6VCjoG54N5PdV
ZsCr7LX1k3iPlnERB8IvZgs7y2HiQGy3zt58QqQxKi0J99qSW5vQr7CkfWXHelG/
qAUznoAgSASjET7k5bpNdploI2eDzncYLqLKmj4FCOj2vxq2
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:51:52 2025 by rpki-client