Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
File: 1172536b-2edc-4ffb-9fca-b111f3d038a9.roa (raw, json)
Hash identifier: 7d1KQsXHe1fsQIBb/TgjsCgc4zr93PGqC+GuxlC/waQ=
Subject key identifier: 70:88:94:82:EA:86:4E:A6:2B:3F:5A:98:09:E3:3A:80:34:5B:3E:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A63D924DBC4499CA9F0A29BAC0F067F85E01EAA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
Signing time: Tue 21 Oct 2025 13:10:39 +0000
ROA not before: Tue 21 Oct 2025 13:10:39 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:63:d9:24:db:c4:49:9c:a9:f0:a2:9b:ac:0f:06:7f:85:e0:1e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:10:39 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=821cd34496c506713eb1c73f89db61b562ce32b9510eede684ff36037484667a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a8:0e:7e:05:34:e8:ac:68:d9:90:47:58:07:
0a:3e:3d:3e:04:6c:e0:60:fa:b4:de:87:1a:11:69:
40:b7:68:8d:b3:55:25:b1:11:41:33:d4:39:cc:3e:
63:78:1e:37:1d:ab:d1:dd:58:0e:c6:fb:38:08:32:
ac:ca:64:0d:1f:e9:5c:12:da:cd:85:21:8e:ed:c4:
b8:59:94:fa:2c:f3:02:cf:20:e3:a2:75:ee:3d:bc:
da:8d:2b:c7:3d:5f:01:16:2c:3d:a1:c9:fc:78:96:
df:b0:2b:46:d4:1a:5f:b5:17:8a:72:14:55:ff:60:
ad:98:c3:b4:d5:be:9f:81:31:e8:bb:b0:7e:e1:cd:
40:06:7b:63:fe:32:aa:32:52:b0:68:81:68:ca:20:
c7:29:42:56:3b:ed:d0:fe:27:0f:1d:de:1c:ca:1c:
9d:ae:3d:bc:55:35:7b:a1:6b:ac:c2:05:5b:e3:3a:
d6:cd:7e:89:51:e4:69:66:29:b4:fc:c4:1d:ba:ea:
d6:e2:30:8f:4a:ed:ce:e8:03:28:ef:62:c8:8c:b7:
d1:c8:e8:87:a4:d9:4f:57:a6:ca:bb:bb:b8:68:2e:
3d:da:db:bd:74:2b:09:44:f2:46:fe:8d:b4:de:ad:
78:7e:ff:84:59:f4:ab:a2:15:49:dc:ea:5a:65:91:
7c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:88:94:82:EA:86:4E:A6:2B:3F:5A:98:09:E3:3A:80:34:5B:3E:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.112.0/21
Signature Algorithm: sha256WithRSAEncryption
18:eb:ad:de:f5:37:48:6c:bb:b5:c9:d5:1a:8c:51:e1:09:40:
78:6d:f4:10:ca:ec:0b:44:e8:01:3b:e1:47:8a:2d:4c:df:87:
7b:34:41:63:2f:af:f3:62:2b:44:8d:a9:15:e7:5e:8e:d6:07:
b9:39:e8:b8:70:87:32:b4:65:de:03:14:14:7e:56:0d:f1:5a:
1e:58:4d:eb:f1:62:bc:70:30:d5:e5:03:9c:66:ab:4d:98:aa:
8f:5e:4d:6e:49:25:20:25:52:25:6c:de:bb:00:ef:29:dd:5f:
a6:5f:1d:6f:6b:7e:62:1e:1e:ac:26:a8:1f:de:a7:92:b6:b0:
0f:66:09:06:55:16:7e:39:13:81:26:25:45:3d:0e:c5:47:b4:
3a:a1:86:10:2e:6a:3d:3f:b2:a0:34:eb:f8:9a:7f:8c:c0:58:
d2:a9:16:60:88:17:b1:58:af:fe:6a:26:66:4e:26:0f:31:19:
c5:d8:d5:58:db:70:0f:48:a4:1b:25:61:3c:ce:93:10:95:fb:
a4:c0:14:09:96:f0:74:d1:a6:88:2e:48:7a:17:7d:a9:f9:4e:
5d:13:b4:c1:bd:85:ac:56:84:ce:20:4d:3b:fa:41:db:48:e0:
5f:45:9f:84:71:04:aa:6c:4a:09:16:cd:42:ea:eb:7c:b2:f4:
1c:99:c2:52
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOmPZJNvESZyp8KKbrA8Gf4XgHqowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzEwMzlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyMWNkMzQ0OTZjNTA2NzEzZWIxYzczZjg5ZGI2MWI1NjJjZTMyYjk1MTBl
ZWRlNjg0ZmYzNjAzNzQ4NDY2N2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+oDn4FNOisaNmQR1gHCj49PgRs4GD6tN6HGhFpQLdojbNVJbERQTPUOcw+
Y3geNx2r0d1YDsb7OAgyrMpkDR/pXBLazYUhju3EuFmU+izzAs8g46J17j282o0r
xz1fARYsPaHJ/HiW37ArRtQaX7UXinIUVf9grZjDtNW+n4Ex6LuwfuHNQAZ7Y/4y
qjJSsGiBaMogxylCVjvt0P4nDx3eHMocna49vFU1e6FrrMIFW+M61s1+iVHkaWYp
tPzEHbrq1uIwj0rtzugDKO9iyIy30cjoh6TZT1emyru7uGguPdrbvXQrCUTyRv6N
tN6teH7/hFn0q6IVSdzqWmWRfOsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRwiJSC
6oZOpis/WpgJ4zqANFs+WTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE3MjUzNmItMmVkYy00ZmZiLTlmY2EtYjExMWYzZDAzOGE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgcDAN
BgkqhkiG9w0BAQsFAAOCAQEAGOut3vU3SGy7tcnVGoxR4QlAeG30EMrsC0ToATvh
R4otTN+HezRBYy+v82IrRI2pFedejtYHuTnouHCHMrRl3gMUFH5WDfFaHlhN6/Fi
vHAw1eUDnGarTZiqj15NbkklICVSJWzeuwDvKd1fpl8db2t+Yh4erCaoH96nkraw
D2YJBlUWfjkTgSYlRT0OxUe0OqGGEC5qPT+yoDTr+Jp/jMBY0qkWYIgXsViv/mom
Zk4mDzEZxdjVWNtwD0ikGyVhPM6TEJX7pMAUCZbwdNGmiC5Iehd9qflOXRO0wb2F
rFaEziBNO/pB20jgX0WfhHEEqmxKCRbNQurrfLL0HJnCUg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:31 2025 by rpki-client