Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
File: eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa (raw, json)
Hash identifier: M6qs6vp/hXbCFEigHMjY4f0shKLLXtF1o7yq8INNL04=
Subject key identifier: 0F:9C:02:09:E6:4C:9B:B8:C8:AF:F8:38:86:30:CB:AF:FF:8A:9C:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 324528B66DABB53296115E6779E573F763B5712B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
Signing time: Mon 13 Oct 2025 17:56:10 +0000
ROA not before: Mon 13 Oct 2025 17:56:10 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:45:28:b6:6d:ab:b5:32:96:11:5e:67:79:e5:73:f7:63:b5:71:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:56:10 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=792d87a73d735e49b617a991f6bc2618617b7dd1c079beaecc7d62fed6312880, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bf:b3:7e:54:9e:74:63:13:ad:a6:fd:f4:90:
d6:a3:6d:8d:ed:bc:06:fc:45:a6:2b:73:34:ce:e1:
66:19:1f:fe:2a:46:9b:a3:e5:61:75:fc:c4:6a:08:
16:e7:0c:10:4b:19:a7:df:5b:ea:34:ae:4a:f9:aa:
32:51:d2:cf:13:7a:9b:14:c5:e1:73:30:ef:7f:26:
24:2e:c5:66:01:4f:05:2f:f0:60:78:7c:a1:45:95:
bc:67:94:e9:45:ad:7f:25:e3:2f:e8:aa:d4:89:f0:
f0:52:7e:66:9e:8b:b2:55:a3:e2:47:1d:dd:8c:f5:
b9:e3:d7:ea:c8:73:60:b4:14:ec:6e:5b:75:c1:39:
78:06:b7:2c:ec:8d:c7:e4:0d:da:9e:96:b5:f9:44:
9a:07:89:fc:87:81:ed:a0:94:ee:44:3f:dd:06:78:
e2:56:29:bf:c9:4d:67:1b:a6:93:4b:4e:94:3d:ef:
51:f7:dd:3b:9d:54:0e:80:09:7f:bc:e0:5a:8d:81:
a1:3d:0d:40:8d:e6:0b:6d:16:58:c0:05:36:6d:24:
a2:3c:7e:1e:fd:f8:13:68:15:be:65:8a:9b:8f:cf:
fd:73:a7:96:4b:15:f5:80:a7:f0:21:b7:db:f9:84:
44:46:b0:41:77:74:87:6d:76:a6:c7:0e:09:93:b3:
09:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9C:02:09:E6:4C:9B:B8:C8:AF:F8:38:86:30:CB:AF:FF:8A:9C:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/19
Signature Algorithm: sha256WithRSAEncryption
42:09:f8:e1:ee:7c:8b:17:98:24:4e:3b:55:0c:8b:25:65:e2:
0a:a5:57:2c:d0:65:56:d5:2a:c7:62:a1:5d:79:ca:72:59:e3:
fb:37:c2:7c:b2:7f:08:c4:8e:56:6b:04:00:5b:74:32:74:e7:
66:82:f6:48:5f:88:07:3d:12:75:05:b2:b7:56:b0:e4:e8:e5:
2a:05:80:bf:22:f8:c3:c7:31:20:58:bf:97:c9:0c:70:89:ae:
15:d5:4d:e8:84:b7:0c:30:64:ee:51:2f:c4:82:f9:8e:c3:12:
7c:6a:e1:f7:b0:e4:07:3f:1c:fc:d4:68:a8:73:cf:c7:44:3e:
b2:04:da:35:66:99:3e:52:43:6d:37:bd:ce:f2:99:13:1d:1c:
5f:e2:51:87:d1:1b:07:e2:99:03:3b:48:c6:09:34:41:c4:96:
85:b9:e9:8b:7a:bb:f4:af:0d:8a:89:a5:07:06:60:47:8e:07:
ce:2f:48:8a:2d:ae:90:b4:5c:83:05:e5:4c:e0:11:8d:d9:5e:
36:bf:26:86:09:aa:d4:6e:65:04:16:9c:87:26:59:0d:51:d4:
41:67:ff:fe:a0:d3:f5:8f:a6:2b:56:c9:7b:92:d8:a0:64:a8:
75:28:ab:ff:78:cc:aa:7a:db:88:e4:aa:4b:2d:ef:d7:59:9c:
51:39:bd:55
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMkUotm2rtTKWEV5neeVz92O1cSswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU2MTBaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5MmQ4N2E3M2Q3MzVlNDliNjE3YTk5MWY2YmMyNjE4NjE3YjdkZDFjMDc5
YmVhZWNjN2Q2MmZlZDYzMTI4ODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6/s35UnnRjE62m/fSQ1qNtje28BvxFpitzNM7hZhkf/ipGm6PlYXX8xGoI
FucMEEsZp99b6jSuSvmqMlHSzxN6mxTF4XMw738mJC7FZgFPBS/wYHh8oUWVvGeU
6UWtfyXjL+iq1Inw8FJ+Zp6LslWj4kcd3Yz1uePX6shzYLQU7G5bdcE5eAa3LOyN
x+QN2p6WtflEmgeJ/IeB7aCU7kQ/3QZ44lYpv8lNZxumk0tOlD3vUffdO51UDoAJ
f7zgWo2BoT0NQI3mC20WWMAFNm0kojx+Hv34E2gVvmWKm4/P/XOnlksV9YCn8CG3
2/mEREawQXd0h212pscOCZOzCdkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQPnAIJ
5kybuMiv+DiGMMuv/4qcnjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWFiOGJhNjItNTkzNC00YzliLTliZDktMTBmZGQyNDk0NjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAQgn44e58ixeYJE47VQyLJWXiCqVXLNBlVtUqx2Kh
XXnKclnj+zfCfLJ/CMSOVmsEAFt0MnTnZoL2SF+IBz0SdQWyt1aw5OjlKgWAvyL4
w8cxIFi/l8kMcImuFdVN6IS3DDBk7lEvxIL5jsMSfGrh97DkBz8c/NRoqHPPx0Q+
sgTaNWaZPlJDbTe9zvKZEx0cX+JRh9EbB+KZAztIxgk0QcSWhbnpi3q79K8Nioml
BwZgR44Hzi9Iii2ukLRcgwXlTOARjdleNr8mhgmq1G5lBBachyZZDVHUQWf//qDT
9Y+mK1bJe5LYoGSodSir/3jMqnrbiOSqSy3v11mcUTm9VQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:15 2025 by rpki-client