Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
File: db2d9177-e3d4-459e-980d-b68f027facc9.roa (raw, json)
Hash identifier: pd5EXu3aaQxRM6JfWGYpspTsYo1ups9ljqR9bEW8fu8=
Subject key identifier: 82:57:4D:14:55:25:E7:E4:49:43:92:37:6D:41:42:0E:F2:6D:F8:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6CDEE3D6F0E5CFEFB3A4161AB01D945CB3ECA67F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
Signing time: Fri 26 Sep 2025 18:20:53 +0000
ROA not before: Fri 26 Sep 2025 18:20:53 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:de:e3:d6:f0:e5:cf:ef:b3:a4:16:1a:b0:1d:94:5c:b3:ec:a6:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:20:53 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=df3f6a1f9eb0b6ef4a7902102a2d87c0ebb7e7cbfbb48b7d83342b62b1d408a2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6e:93:72:12:39:aa:06:1c:e7:3d:ae:1f:2c:
50:d6:2b:04:8f:92:0a:30:7c:a6:8b:ce:8b:d7:e3:
dd:9c:db:80:29:e4:48:4e:71:bd:ff:5c:9e:17:54:
31:16:4b:cf:22:39:73:e2:f3:fb:ef:c8:86:dd:f8:
de:bf:03:79:67:43:38:c0:60:0e:a0:7c:9b:b0:c5:
51:6e:8c:34:74:83:42:0f:7f:5a:61:33:df:fc:75:
69:2f:ba:2c:0e:fa:9c:77:a2:9a:2c:73:a0:5e:d7:
50:90:45:71:1d:85:e5:0b:5b:95:3e:56:82:1f:b1:
08:b7:85:60:ed:34:dd:01:9a:1e:7e:da:4b:e2:89:
7f:d7:88:b4:45:55:93:dc:e2:15:bd:1d:31:cb:4b:
11:b6:c5:16:0c:95:cd:d2:99:6a:a4:ef:82:65:7d:
7c:3c:12:d4:59:08:50:cc:12:2a:c9:63:e2:b3:8b:
3e:23:a4:60:ff:88:05:0f:bc:1b:08:e4:58:ff:92:
59:f8:d6:01:76:ef:5b:f7:32:e8:13:ad:5e:8f:2a:
e4:b9:2a:8d:23:98:28:b3:b3:61:4d:c4:ea:e3:3e:
fc:ca:1c:0f:50:1e:44:c5:65:6a:95:1c:c4:e8:39:
fc:d3:8b:cf:f6:13:1a:c2:4c:58:74:1d:94:36:e6:
ba:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:57:4D:14:55:25:E7:E4:49:43:92:37:6D:41:42:0E:F2:6D:F8:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
11:20:74:3b:d8:ef:af:d9:0f:cb:dd:d8:94:91:84:ae:f0:5a:
7f:b5:f6:69:4f:e0:6b:18:1c:79:65:09:e4:1f:81:16:4c:b2:
58:a0:bb:d4:50:68:3a:34:3a:59:c1:e4:76:a3:90:b0:67:ac:
aa:e5:c9:b3:be:e6:fe:a0:97:1a:18:91:3f:14:29:00:4f:71:
37:fc:34:cb:35:bb:bf:8c:54:73:fc:96:d8:98:04:59:42:b5:
50:d6:f7:c9:23:d7:9b:3d:9b:43:3b:1b:86:5e:bc:39:f1:f4:
0c:4e:f6:fa:cd:76:27:90:c2:b1:7d:3c:ea:96:bf:ed:f9:d0:
95:26:40:09:a2:8e:5e:39:f1:de:27:97:78:8c:50:5e:44:a7:
d6:60:5f:05:08:76:47:0f:20:ef:df:61:75:00:3d:8a:c3:26:
e7:34:7f:65:0c:c0:a3:47:64:2f:24:d6:bf:e6:d7:a3:03:6f:
60:fd:62:16:77:01:bf:18:47:3c:ef:16:36:f1:f3:c4:7d:6d:
42:da:11:43:48:ac:fc:9b:ea:9f:f1:e1:e8:df:d1:2a:1c:63:
f8:42:a1:03:b2:26:90:cf:d0:1f:2b:fd:ba:86:5a:5f:91:fd:
87:7b:bc:00:2c:64:df:ac:32:53:ff:40:c8:f2:a2:5b:5a:38:
fd:15:9e:19
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbN7j1vDlz++zpBYasB2UXLPspn8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODIwNTNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmM2Y2YTFmOWViMGI2ZWY0YTc5MDIxMDJhMmQ4N2MwZWJiN2U3Y2JmYmI0
OGI3ZDgzMzQyYjYyYjFkNDA4YTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5uk3ISOaoGHOc9rh8sUNYrBI+SCjB8povOi9fj3ZzbgCnkSE5xvf9cnhdU
MRZLzyI5c+Lz++/Iht343r8DeWdDOMBgDqB8m7DFUW6MNHSDQg9/WmEz3/x1aS+6
LA76nHeimixzoF7XUJBFcR2F5QtblT5Wgh+xCLeFYO003QGaHn7aS+KJf9eItEVV
k9ziFb0dMctLEbbFFgyVzdKZaqTvgmV9fDwS1FkIUMwSKslj4rOLPiOkYP+IBQ+8
GwjkWP+SWfjWAXbvW/cy6BOtXo8q5LkqjSOYKLOzYU3E6uM+/MocD1AeRMVlapUc
xOg5/NOLz/YTGsJMWHQdlDbmursCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSCV00U
VSXn5ElDkjdtQUIO8m34YTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGIyZDkxNzctZTNkNC00NTllLTk4MGQtYjY4ZjAyN2ZhY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAESB0O9jvr9kPy93YlJGErvBaf7X2aU/gaxgceWUJ
5B+BFkyyWKC71FBoOjQ6WcHkdqOQsGesquXJs77m/qCXGhiRPxQpAE9xN/w0yzW7
v4xUc/yW2JgEWUK1UNb3ySPXmz2bQzsbhl68OfH0DE72+s12J5DCsX086pa/7fnQ
lSZACaKOXjnx3ieXeIxQXkSn1mBfBQh2Rw8g799hdQA9isMm5zR/ZQzAo0dkLyTW
v+bXowNvYP1iFncBvxhHPO8WNvHzxH1tQtoRQ0is/Jvqn/Hh6N/RKhxj+EKhA7Im
kM/QHyv9uoZaX5H9h3u8ACxk36wyU/9AyPKiW1o4/RWeGQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:44 2025 by rpki-client