Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
File: e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa (raw, json)
Hash identifier: +YVrsnxNVeV6HeIMdWcs47NL4HjAyq76Z9+fsvJfoRg=
Subject key identifier: 86:22:10:53:5D:2D:DC:0B:AA:52:E6:C5:4E:A1:38:A3:7E:B9:E7:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79103C211F87384938DB32FA7B12A3573EA7D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
Signing time: Mon 13 Oct 2025 17:56:10 +0000
ROA not before: Mon 13 Oct 2025 17:56:10 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:10:3c:21:1f:87:38:49:38:db:32:fa:7b:12:a3:57:3e:a7:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:56:10 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=84ccffa2f8093ad6269cb6fb0659377ae1e96335ff6b21867a8733c556dd41a2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:20:26:22:70:ad:9c:2b:15:4b:73:64:14:d6:
41:9c:79:82:83:7d:21:18:c7:4b:42:a8:68:9c:09:
35:a8:76:77:d3:31:11:bb:e8:58:4b:bc:c1:25:7c:
9b:c4:3d:f8:3d:2f:60:83:96:20:ab:c5:13:97:d2:
31:73:20:76:46:f5:53:be:e9:07:60:02:18:ae:4c:
8a:2a:90:73:8b:1f:c8:64:b2:26:b4:63:7d:70:ed:
f5:a3:5d:01:ae:b7:2a:37:26:f0:b0:c1:bd:c5:43:
f0:bb:42:22:8c:ee:af:7f:6d:29:02:8f:e2:dd:8f:
3c:26:42:8e:e5:b6:17:9f:b9:cb:06:ee:65:74:a1:
03:77:ba:d5:4c:94:3d:92:a2:c7:97:0b:bc:d3:87:
25:8e:7e:8f:37:09:b3:b6:63:59:2e:74:69:cc:18:
0f:5b:c8:69:ec:38:0d:ff:da:25:e3:cf:da:b4:c5:
32:a8:75:6b:0f:fa:ad:98:7e:6b:cd:61:79:d7:9f:
76:29:1d:db:71:29:bf:eb:9e:74:0b:76:41:f1:bb:
11:5d:17:b5:31:97:53:56:3f:52:43:e3:cf:67:26:
a4:19:af:37:06:4f:e9:45:24:f8:9c:73:f6:8a:b2:
d1:07:96:95:7f:75:41:9a:cf:4c:69:14:b7:6f:22:
73:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:22:10:53:5D:2D:DC:0B:AA:52:E6:C5:4E:A1:38:A3:7E:B9:E7:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.40.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:05:30:e0:51:4a:d3:93:ee:b8:72:51:d1:cb:f0:7b:1c:3d:
64:04:b1:8b:d2:93:b5:5a:07:28:6f:18:27:54:de:5c:25:93:
64:66:43:e4:9e:e0:bd:f9:97:4e:97:53:b3:c5:d8:a9:11:c7:
4b:cf:da:b7:b9:d7:76:84:53:77:c7:0d:f0:be:8e:36:39:b9:
fb:cb:d4:7e:b2:4c:9e:12:ff:34:d8:4f:c7:35:9d:ed:71:00:
d2:5e:62:2a:3f:84:42:f1:f8:b6:dc:32:36:c8:4f:96:db:4f:
c5:1b:c5:e1:1d:ec:f4:98:09:09:9a:f3:0a:6a:27:89:e0:29:
f1:c7:1b:93:0c:77:5c:5b:e9:cf:ad:5d:f4:d2:b6:21:46:d4:
4a:3e:53:f4:6c:4e:15:a7:2e:ee:12:73:b3:49:dd:3a:c0:2c:
c0:c5:72:71:49:af:3a:2c:97:11:0e:7f:bc:22:83:68:4a:e5:
21:61:f6:ca:70:9e:15:a7:e4:9a:18:82:92:f8:bb:41:8b:a1:
b6:62:d4:6f:cd:91:49:7b:41:29:68:0b:1f:6e:28:81:32:fd:
48:0b:84:f5:cd:c1:0f:95:95:fc:76:b9:5a:cf:00:04:aa:1f:
30:c2:0a:59:7f:a0:af:0b:c1:ed:65:93:d7:5d:2f:d5:40:c3:
bb:87:d9:12
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgITeRA8IR+HOEk42zL6exKjVz6n1DANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MTAxMzE3NTYxMFoXDTI1MTExNzIzNTk1OVowejFJMEcGA1UE
BRNAODRjY2ZmYTJmODA5M2FkNjI2OWNiNmZiMDY1OTM3N2FlMWU5NjMzNWZmNmIy
MTg2N2E4NzMzYzU1NmRkNDFhMjEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsyAmInCtnCsVS3NkFNZBnHmCg30hGMdLQqhonAk1qHZ30zERu+hYS7zBJXyb
xD34PS9gg5Ygq8UTl9IxcyB2RvVTvukHYAIYrkyKKpBzix/IZLImtGN9cO31o10B
rrcqNybwsMG9xUPwu0IijO6vf20pAo/i3Y88JkKO5bYXn7nLBu5ldKEDd7rVTJQ9
kqLHlwu804cljn6PNwmztmNZLnRpzBgPW8hp7DgN/9ol48/atMUyqHVrD/qtmH5r
zWF51592KR3bcSm/6550C3ZB8bsRXRe1MZdTVj9SQ+PPZyakGa83Bk/pRST4nHP2
irLRB5aVf3VBms9MaRS3byJzDwIDAQABo4ICITCCAh0wHQYDVR0OBBYEFIYiEFNd
LdwLqlLmxU6hOKN+ueezMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC9l
NTJlOWRhZC1jYmYzLTRhYzAtYTUyZS1kYTJiZjAzZTkwYjMucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsCIoMA0G
CSqGSIb3DQEBCwUAA4IBAQDGBTDgUUrTk+64clHRy/B7HD1kBLGL0pO1Wgcobxgn
VN5cJZNkZkPknuC9+ZdOl1OzxdipEcdLz9q3udd2hFN3xw3wvo42Obn7y9R+skye
Ev802E/HNZ3tcQDSXmIqP4RC8fi23DI2yE+W20/FG8XhHez0mAkJmvMKaieJ4Cnx
xxuTDHdcW+nPrV300rYhRtRKPlP0bE4Vpy7uEnOzSd06wCzAxXJxSa86LJcRDn+8
IoNoSuUhYfbKcJ4Vp+SaGIKS+LtBi6G2YtRvzZFJe0EpaAsfbiiBMv1IC4T1zcEP
lZX8drlazwAEqh8wwgpZf6CvC8HtZZPXXS/VQMO7h9kS
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:15:59 2025 by rpki-client