Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
File: b2928b95-2f30-4b39-bb79-f70b43a46278.roa (raw, json)
Hash identifier: jrnmpZAxMf6GgYKEdjwsNRy11dBU+RnGbd6McMTjEQ8=
Subject key identifier: FE:DD:34:AA:04:8D:13:AF:3C:86:19:16:6A:7E:36:96:F8:56:36:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42A0AD7F304910CA6535D43FC75BBA2571EFD015
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
Signing time: Mon 13 Oct 2025 17:56:07 +0000
ROA not before: Mon 13 Oct 2025 17:56:07 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:a0:ad:7f:30:49:10:ca:65:35:d4:3f:c7:5b:ba:25:71:ef:d0:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:56:07 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=898f9b737c46c48b3b3ee9f33da5c4c90425ccaa521209ab0be7f78afcc7b79b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8c:96:cd:23:b2:a2:c4:2f:92:de:51:55:03:
54:d9:e9:dc:f7:71:1e:27:86:74:a0:97:aa:bb:e2:
6d:11:c2:63:f7:20:55:ae:c1:06:e8:9e:bb:2b:69:
48:c8:7a:86:af:70:00:73:23:56:17:bb:74:11:a5:
0e:71:99:12:87:32:f9:74:46:16:06:37:9a:1f:d3:
9c:dd:e5:8a:fc:f0:12:19:b3:d2:46:ae:79:bd:78:
9e:dd:f6:64:df:75:03:88:05:88:9a:e6:3b:5e:6f:
7d:6f:cf:8a:aa:95:c3:43:00:68:b5:2a:73:3b:ca:
91:69:f1:dc:7a:68:65:32:ae:fa:e4:11:cc:05:97:
23:18:76:e6:5f:0b:2f:8d:28:f4:10:64:bb:6c:91:
d1:6f:2f:de:81:d5:d7:cf:de:f9:8a:3b:c4:d1:be:
e6:5a:d5:78:9c:aa:1a:18:3d:cc:e4:f3:92:90:f4:
a1:ae:d5:8b:2e:cb:af:8f:39:23:43:77:72:e1:6c:
20:42:e0:7c:cd:f7:39:9e:bb:a0:9a:1e:bc:10:e0:
2e:2a:d2:c5:e8:a5:10:e7:1b:0f:d9:d3:b0:a9:63:
7c:7c:ae:6b:43:8a:3c:b4:8a:22:b9:29:2c:0a:05:
52:af:ab:8a:ca:b6:6c:ee:9d:ee:eb:ed:27:7a:85:
69:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:DD:34:AA:04:8D:13:AF:3C:86:19:16:6A:7E:36:96:F8:56:36:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.84.0/22
Signature Algorithm: sha256WithRSAEncryption
23:d8:e2:20:7a:44:b2:9c:db:fe:25:4a:82:10:7d:a6:02:fb:
af:4e:ab:3d:fa:b6:97:a1:72:51:66:65:73:89:10:73:60:0b:
c8:95:d4:07:a4:78:d9:16:51:71:b5:73:e6:c9:38:2e:f3:db:
f5:8d:18:d8:19:f0:fb:05:ab:5d:27:68:3d:f0:45:08:5b:de:
c1:5b:d0:d0:20:bc:88:a0:5a:13:de:81:5c:70:c1:36:dc:04:
08:25:c4:9a:8e:54:43:31:05:1b:0b:38:57:47:2e:c2:c1:f6:
85:7e:5a:82:6e:39:e2:0e:94:71:49:86:fe:f1:2c:fc:6c:9f:
e2:f2:9d:c5:74:6a:89:d9:08:bf:e5:01:51:cb:40:48:c4:ac:
06:34:46:cc:10:53:fb:97:9a:61:29:fd:7c:47:f6:f5:3e:31:
58:87:66:cf:ed:84:e2:5d:7d:58:e0:67:4f:77:fe:10:78:f3:
4d:3c:01:7f:3c:c2:4c:8b:6c:30:5f:a6:ec:14:85:b1:4e:c4:
f2:bd:c7:20:06:f1:45:94:51:7a:04:e3:e0:8b:7c:0c:42:a8:
a2:16:ea:ad:b1:b5:83:be:db:05:5e:80:67:53:7f:dc:6c:24:
4a:5a:63:81:8e:61:73:e6:9c:6d:6f:3b:74:b3:e5:b3:aa:f2:
38:d9:8d:12
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQqCtfzBJEMplNdQ/x1u6JXHv0BUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU2MDdaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5OGY5YjczN2M0NmM0OGIzYjNlZTlmMzNkYTVjNGM5MDQyNWNjYWE1MjEy
MDlhYjBiZTdmNzhhZmNjN2I3OWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKuMls0jsqLEL5LeUVUDVNnp3PdxHieGdKCXqrvibRHCY/cgVa7BBuieuytp
SMh6hq9wAHMjVhe7dBGlDnGZEocy+XRGFgY3mh/TnN3livzwEhmz0kaueb14nt32
ZN91A4gFiJrmO15vfW/PiqqVw0MAaLUqczvKkWnx3HpoZTKu+uQRzAWXIxh25l8L
L40o9BBku2yR0W8v3oHV18/e+Yo7xNG+5lrVeJyqGhg9zOTzkpD0oa7Viy7Lr485
I0N3cuFsIELgfM33OZ67oJoevBDgLirSxeilEOcbD9nTsKljfHyua0OKPLSKIrkp
LAoFUq+risq2bO6d7uvtJ3qFaZUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT+3TSq
BI0TrzyGGRZqfjaW+FY2BzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjI5MjhiOTUtMmYzMC00YjM5LWJiNzktZjcwYjQzYTQ2Mjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgVDAN
BgkqhkiG9w0BAQsFAAOCAQEAI9jiIHpEspzb/iVKghB9pgL7r06rPfq2l6FyUWZl
c4kQc2ALyJXUB6R42RZRcbVz5sk4LvPb9Y0Y2Bnw+wWrXSdoPfBFCFvewVvQ0CC8
iKBaE96BXHDBNtwECCXEmo5UQzEFGws4V0cuwsH2hX5agm454g6UcUmG/vEs/Gyf
4vKdxXRqidkIv+UBUctASMSsBjRGzBBT+5eaYSn9fEf29T4xWIdmz+2E4l19WOBn
T3f+EHjzTTwBfzzCTItsMF+m7BSFsU7E8r3HIAbxRZRRegTj4It8DEKoohbqrbG1
g77bBV6AZ1N/3GwkSlpjgY5hc+acbW87dLPls6ryONmNEg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:55 2025 by rpki-client