Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
File: ec7e5637-f312-4c51-b644-29324b74734e.roa (raw, json)
Hash identifier: dmynCz3d90ES7DboJpwm4c2s6PFPUhFxdQoKV2FMHvg=
Subject key identifier: EA:D6:4D:1A:3E:48:8E:66:64:BA:6A:B0:A0:87:4E:D6:14:9E:C7:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: F1637F6A3498AAB31629B47E8F3D6E9FFED1B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
Signing time: Mon 13 Oct 2025 17:55:36 +0000
ROA not before: Mon 13 Oct 2025 17:55:36 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f1:63:7f:6a:34:98:aa:b3:16:29:b4:7e:8f:3d:6e:9f:fe:d1:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:55:36 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=23126a441424d193b2c61dd24e2c896417d43ed261ec7827e7ea9792cb48a753, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:19:b7:75:8d:66:e8:10:1e:b3:5c:b0:7e:8d:
f2:e8:ee:9a:59:1a:fa:2e:8d:48:46:53:01:6d:3e:
af:c4:18:f4:13:c9:37:0f:83:c1:c2:b9:90:83:ee:
ee:76:3d:68:5e:77:70:47:a9:21:5d:f2:29:4a:42:
b9:e2:07:0f:7f:0a:5f:95:6a:27:ba:98:77:39:2f:
b4:52:fb:93:2f:7c:fb:d2:47:ee:3e:7a:57:24:a7:
96:10:70:77:b8:b1:96:38:f6:ea:4f:1d:fa:00:b2:
11:f0:38:0a:8b:b3:fe:0b:30:77:6d:a2:67:fa:8a:
b5:fb:27:54:c2:91:8d:29:6e:d4:ae:6d:68:1f:d4:
f5:59:24:d6:65:04:53:65:2e:10:a6:f9:43:14:6d:
ec:09:1a:af:23:11:9b:3d:fc:eb:9b:98:bd:35:f0:
76:97:12:5c:78:35:57:c0:2a:57:1d:ec:35:72:d1:
16:0d:83:28:e6:f4:9e:da:15:ea:e9:a0:87:1c:27:
9c:c3:6e:24:18:b9:b2:4c:c5:77:da:c0:99:8e:fe:
45:e5:f5:f5:c1:d3:9c:ce:ea:dd:bc:e2:58:c0:32:
c1:2a:9b:a7:ab:79:37:3e:df:00:7d:66:dd:59:c3:
dd:65:74:53:35:8e:4b:19:8b:c6:13:b3:fe:6b:35:
33:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D6:4D:1A:3E:48:8E:66:64:BA:6A:B0:A0:87:4E:D6:14:9E:C7:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.224.0/19
Signature Algorithm: sha256WithRSAEncryption
31:9a:f9:c5:a7:00:27:d0:8f:4f:d1:4a:91:5c:66:c1:74:7b:
16:dd:52:24:e0:a0:fe:aa:86:f9:f5:74:45:21:79:68:10:7f:
3e:7e:86:14:e2:b9:ca:68:61:50:af:66:e6:d6:49:65:fb:71:
b8:12:28:17:66:8d:f9:1a:81:4d:9c:b9:1a:e1:df:39:00:7a:
a4:9f:e2:f6:a5:40:9d:e3:e5:4f:e1:a0:80:69:06:28:a0:a1:
5b:17:70:71:18:cd:b8:50:09:be:2d:55:ce:10:63:18:f4:f6:
9a:56:02:a8:44:47:b0:29:d2:e2:f8:e3:39:59:ed:aa:25:4b:
f5:8c:71:fa:46:8b:12:23:3f:74:0d:80:d1:1b:ae:ab:04:00:
09:83:cf:fb:ed:37:16:d5:84:dc:f2:b3:45:3c:23:3a:da:60:
4b:0f:e7:f1:e2:c1:ea:0b:17:95:55:82:0c:54:a3:12:ec:57:
9e:b9:bd:08:4f:60:a2:17:ac:f7:3e:0b:96:9a:6d:37:91:14:
e7:44:56:d8:fd:59:73:de:d4:ae:a4:b9:2d:21:a7:9b:2f:f8:
87:bf:eb:62:bc:41:4b:af:12:54:db:ff:cb:aa:9c:37:d4:22:
93:7e:da:a1:07:98:bc:af:5d:8f:26:88:14:79:ee:bf:b0:cf:
69:77:1a:b1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAPFjf2o0mKqzFim0fo89bp/+0bUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU1MzZaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzMTI2YTQ0MTQyNGQxOTNiMmM2MWRkMjRlMmM4OTY0MTdkNDNlZDI2MWVj
NzgyN2U3ZWE5NzkyY2I0OGE3NTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIYZt3WNZugQHrNcsH6N8ujumlka+i6NSEZTAW0+r8QY9BPJNw+DwcK5kIPu
7nY9aF53cEepIV3yKUpCueIHD38KX5VqJ7qYdzkvtFL7ky98+9JH7j56VySnlhBw
d7ixljj26k8d+gCyEfA4Couz/gswd22iZ/qKtfsnVMKRjSlu1K5taB/U9Vkk1mUE
U2UuEKb5QxRt7AkaryMRmz3865uYvTXwdpcSXHg1V8AqVx3sNXLRFg2DKOb0ntoV
6umghxwnnMNuJBi5skzFd9rAmY7+ReX19cHTnM7q3bziWMAywSqbp6t5Nz7fAH1m
3VnD3WV0UzWOSxmLxhOz/ms1M9sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTq1k0a
PkiOZmS6arCgh07WFJ7HKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM3ZTU2MzctZjMxMi00YzUxLWI2NDQtMjkzMjRiNzQ3MzRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAi4DAN
BgkqhkiG9w0BAQsFAAOCAQEAMZr5xacAJ9CPT9FKkVxmwXR7Ft1SJOCg/qqG+fV0
RSF5aBB/Pn6GFOK5ymhhUK9m5tZJZftxuBIoF2aN+RqBTZy5GuHfOQB6pJ/i9qVA
nePlT+GggGkGKKChWxdwcRjNuFAJvi1VzhBjGPT2mlYCqERHsCnS4vjjOVntqiVL
9Yxx+kaLEiM/dA2A0RuuqwQACYPP++03FtWE3PKzRTwjOtpgSw/n8eLB6gsXlVWC
DFSjEuxXnrm9CE9gohes9z4LlpptN5EU50RW2P1Zc97UrqS5LSGnmy/4h7/rYrxB
S68SVNv/y6qcN9Qik37aoQeYvK9djyaIFHnuv7DPaXcasQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:39 2025 by rpki-client