Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
File: e00516db-a674-4a02-8de9-e0ad569ecc6f.roa (raw, json)
Hash identifier: I54mmNOFhTf3LB9pK4Tc9kWU5rcK+ueEBcV6vb/sO24=
Subject key identifier: 4D:27:E9:7C:8F:DB:FF:9A:53:13:A1:37:A3:26:B2:DC:AD:2F:C0:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FA5B920AB9B4BDC5FFE8470897C0C342F117161
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
Signing time: Mon 13 Oct 2025 17:55:31 +0000
ROA not before: Mon 13 Oct 2025 17:55:31 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:a5:b9:20:ab:9b:4b:dc:5f:fe:84:70:89:7c:0c:34:2f:11:71:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:55:31 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=0f8a405673881183041fee8de39a6fee66daa7fea73c74e7436aae20f7aea499, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f0:3c:36:18:c5:98:f1:ab:de:8a:87:e2:7d:
06:4c:7e:52:e1:81:24:49:76:ec:11:be:0c:8f:10:
2c:a8:52:83:02:90:16:1d:00:32:c5:a7:c8:d8:cc:
e4:5b:cc:27:94:55:24:f7:c6:18:f9:cc:91:54:0f:
85:ac:02:8d:2b:1f:56:57:5f:e1:13:28:55:69:57:
1a:da:1c:f0:3a:ff:6f:bc:84:d6:90:b5:28:84:37:
42:0f:21:c2:40:8c:9e:97:73:00:5b:46:eb:8c:23:
6d:50:eb:45:04:95:03:a1:f3:60:7e:d2:93:96:37:
ea:bb:3f:25:3c:3a:20:0a:16:a6:f6:f3:0d:48:4d:
ad:5c:1f:dd:7b:df:5c:08:82:b2:56:4c:0d:1a:90:
47:2b:75:09:b2:66:58:4c:0b:aa:32:5f:94:28:c2:
a8:6e:8a:e9:21:7e:bf:1d:28:bb:82:3f:98:19:ea:
4b:ba:b9:44:6e:33:54:92:6c:23:b8:fd:de:70:1e:
2f:d4:d7:96:1a:d9:07:ea:fe:84:92:22:a5:14:db:
8b:6d:b4:31:1d:cd:91:54:b7:3d:41:e5:f2:8f:ba:
b3:37:7c:89:61:8a:3b:b6:96:95:c4:c1:b6:49:f1:
3d:0a:d4:38:b8:33:84:66:35:c7:b7:6a:9b:74:6f:
de:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:27:E9:7C:8F:DB:FF:9A:53:13:A1:37:A3:26:B2:DC:AD:2F:C0:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.176.0/20
Signature Algorithm: sha256WithRSAEncryption
20:be:7c:69:54:82:1e:bd:6d:0c:ed:6d:3e:6d:c9:aa:93:6c:
b7:10:6b:5d:dc:b7:91:2f:b1:a6:60:aa:c7:c6:ce:e9:7f:8a:
4a:a7:af:81:d4:53:05:20:73:5b:e6:ee:17:9d:5d:54:cc:2f:
77:ef:53:89:ea:98:12:26:fe:45:80:79:10:af:44:53:a6:f1:
9b:82:4b:0f:4e:d1:d3:62:12:53:cf:25:7b:d5:c0:b4:70:1c:
22:0c:f3:d2:2f:32:ec:e0:35:aa:a6:3a:57:0e:8a:e8:20:91:
5a:b9:f3:28:dd:61:d8:13:26:44:dc:c6:a7:3c:33:95:e2:a2:
db:65:95:9d:91:a9:15:66:c3:9f:53:f3:cc:41:9d:7f:82:6d:
44:38:de:71:06:27:9c:db:42:c3:ad:7c:66:18:f8:3e:0c:19:
9c:84:7d:21:2a:b9:06:8a:16:53:43:21:be:8c:a3:32:3b:1a:
c4:4c:7d:26:05:17:dd:fd:9c:24:37:b6:40:e7:fc:f1:6f:6c:
a9:41:8d:c9:97:f4:1f:12:ea:61:c9:be:c9:0d:42:86:8d:2a:
8b:35:d7:5b:b8:9b:e2:49:ac:4a:62:1a:5e:e4:02:dd:5f:9d:
5b:fe:c8:27:ec:0d:71:4b:75:b3:23:86:68:78:a4:59:71:21:
39:38:c6:66
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUH6W5IKubS9xf/oRwiXwMNC8RcWEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU1MzFaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmOGE0MDU2NzM4ODExODMwNDFmZWU4ZGUzOWE2ZmVlNjZkYWE3ZmVhNzNj
NzRlNzQzNmFhZTIwZjdhZWE0OTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLwPDYYxZjxq96Kh+J9Bkx+UuGBJEl27BG+DI8QLKhSgwKQFh0AMsWnyNjM
5FvMJ5RVJPfGGPnMkVQPhawCjSsfVldf4RMoVWlXGtoc8Dr/b7yE1pC1KIQ3Qg8h
wkCMnpdzAFtG64wjbVDrRQSVA6HzYH7Sk5Y36rs/JTw6IAoWpvbzDUhNrVwf3Xvf
XAiCslZMDRqQRyt1CbJmWEwLqjJflCjCqG6K6SF+vx0ou4I/mBnqS7q5RG4zVJJs
I7j93nAeL9TXlhrZB+r+hJIipRTbi220MR3NkVS3PUHl8o+6szd8iWGKO7aWlcTB
tknxPQrUOLgzhGY1x7dqm3Rv3gcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRNJ+l8
j9v/mlMToTejJrLcrS/A+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTAwNTE2ZGItYTY3NC00YTAyLThkZTktZTBhZDU2OWVjYzZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAisDAN
BgkqhkiG9w0BAQsFAAOCAQEAIL58aVSCHr1tDO1tPm3JqpNstxBrXdy3kS+xpmCq
x8bO6X+KSqevgdRTBSBzW+buF51dVMwvd+9TieqYEib+RYB5EK9EU6bxm4JLD07R
02ISU88le9XAtHAcIgzz0i8y7OA1qqY6Vw6K6CCRWrnzKN1h2BMmRNzGpzwzleKi
22WVnZGpFWbDn1PzzEGdf4JtRDjecQYnnNtCw618Zhj4PgwZnIR9ISq5BooWU0Mh
voyjMjsaxEx9JgUX3f2cJDe2QOf88W9sqUGNyZf0HxLqYcm+yQ1Cho0qizXXW7ib
4kmsSmIaXuQC3V+dW/7IJ+wNcUt1syOGaHikWXEhOTjGZg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:18 2025 by rpki-client