Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
File: 9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa (raw, json)
Hash identifier: bWJGsQqhneA83C5NmlR9LAfWw4lr4/BO2zEb4MHnXPQ=
Subject key identifier: F5:BE:AF:59:32:BB:F3:E3:49:FC:83:75:87:88:18:C4:F4:08:67:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F8630808FB00615F31A0A5D510EEFFE3C69F629
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
Signing time: Sat 15 Nov 2025 05:50:48 +0000
ROA not before: Sat 15 Nov 2025 05:50:48 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:86:30:80:8f:b0:06:15:f3:1a:0a:5d:51:0e:ef:fe:3c:69:f6:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 05:50:48 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=a3dc49f5053b3b2e1e64c57be45f21727f0726105337227665033ddabc1167b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9b:44:81:b5:9f:a5:71:7d:46:e9:80:37:fd:
1f:06:c0:32:35:0a:d7:53:5d:b2:e4:c8:ad:a3:78:
c0:9c:02:7f:4c:ff:89:6d:50:7d:5a:12:ee:b0:59:
4d:ec:de:96:ec:64:6d:ef:a4:42:a8:3e:93:a0:e9:
d6:a4:8e:e8:41:d2:13:9c:fc:9c:f9:5e:a5:4a:b4:
5c:74:34:bc:39:5f:86:51:78:d2:9d:b8:9f:31:86:
5a:fc:99:ca:15:04:db:c9:96:25:ab:fe:5a:61:bd:
27:5b:a4:a9:67:1e:59:55:f3:9d:b0:9e:d3:19:f6:
13:9f:c2:40:89:c2:28:94:f5:f5:ea:aa:19:63:53:
34:5f:53:58:bb:06:de:f6:75:97:03:81:75:a1:32:
64:3d:60:38:db:9e:ff:28:43:93:66:98:21:a7:02:
e6:ce:bf:22:d0:76:6b:f4:15:ab:26:a4:de:82:c6:
5d:42:82:f4:c4:5b:18:2c:6d:02:fb:8b:a7:7a:8e:
e6:b5:4d:7c:a4:4e:5e:8d:20:da:48:a4:18:2e:71:
da:61:34:fd:42:c8:09:27:46:ae:49:be:35:2e:06:
28:8d:0b:ca:4d:06:25:6e:7f:c1:43:97:7f:51:6c:
11:48:ba:8e:19:b5:82:41:b1:0c:60:76:4e:1c:5c:
75:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:BE:AF:59:32:BB:F3:E3:49:FC:83:75:87:88:18:C4:F4:08:67:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.104.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:40:ed:50:66:d6:d7:c9:0c:37:30:d0:ad:2a:15:aa:11:26:
7f:37:de:bb:7c:61:de:5f:99:3f:8c:23:da:96:a2:c5:22:c6:
81:a2:4c:20:c8:7f:3b:b1:fe:5b:7b:6e:ca:39:d3:b9:84:39:
2e:4d:b0:b3:71:a5:33:ef:69:8e:57:af:62:db:ea:11:a2:1e:
b5:71:61:bf:5a:ac:fc:8a:85:f2:c5:81:c9:b5:e5:68:bb:66:
6a:eb:8f:1d:7a:ce:32:1b:4a:cf:d0:ad:d7:a0:ec:f3:14:15:
c1:a2:9b:d5:1b:dd:0f:90:e0:92:b3:e3:39:81:7a:e7:a4:30:
67:c3:58:f1:21:e3:d5:5f:1e:86:3a:e4:c1:a8:bd:23:32:e2:
aa:5b:fb:73:39:e2:1e:65:5b:de:47:7d:86:b9:bb:38:be:7d:
c1:bc:22:f0:6c:1d:0e:20:d2:87:c6:19:3e:05:35:37:ee:9a:
05:1b:1d:4c:d2:c7:6e:b4:65:eb:ee:e6:a5:6b:a4:ff:16:d2:
7c:36:e5:77:f2:ae:2d:b5:80:22:9f:32:d3:ea:c5:4a:47:f8:
6f:ea:4f:de:5d:10:e3:ba:b5:1d:7e:c8:91:94:e9:c9:99:92:
78:8e:97:df:32:23:f9:1b:01:2d:ee:e7:3a:ad:d1:d9:8d:f9:
ed:2f:ea:2c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUL4YwgI+wBhXzGgpdUQ7v/jxp9ikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMTUwNTUwNDhaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzZGM0OWY1MDUzYjNiMmUxZTY0YzU3YmU0NWYyMTcyN2YwNzI2MTA1MzM3
MjI3NjY1MDMzZGRhYmMxMTY3YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMObRIG1n6VxfUbpgDf9HwbAMjUK11NdsuTIraN4wJwCf0z/iW1QfVoS7rBZ
Tezeluxkbe+kQqg+k6Dp1qSO6EHSE5z8nPlepUq0XHQ0vDlfhlF40p24nzGGWvyZ
yhUE28mWJav+WmG9J1ukqWceWVXznbCe0xn2E5/CQInCKJT19eqqGWNTNF9TWLsG
3vZ1lwOBdaEyZD1gONue/yhDk2aYIacC5s6/ItB2a/QVqyak3oLGXUKC9MRbGCxt
AvuLp3qO5rVNfKROXo0g2kikGC5x2mE0/ULICSdGrkm+NS4GKI0Lyk0GJW5/wUOX
f1FsEUi6jhm1gkGxDGB2ThxcdV8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT1vq9Z
Mrvz40n8g3WHiBjE9AhnNTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVlY2ZhNmQtZWIxYi00ZjExLTllZDMtNDUwYTIxYWJkYzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgaDAN
BgkqhkiG9w0BAQsFAAOCAQEAbUDtUGbW18kMNzDQrSoVqhEmfzfeu3xh3l+ZP4wj
2paixSLGgaJMIMh/O7H+W3tuyjnTuYQ5Lk2ws3GlM+9pjlevYtvqEaIetXFhv1qs
/IqF8sWBybXlaLtmauuPHXrOMhtKz9Ct16Ds8xQVwaKb1RvdD5DgkrPjOYF656Qw
Z8NY8SHj1V8ehjrkwai9IzLiqlv7czniHmVb3kd9hrm7OL59wbwi8GwdDiDSh8YZ
PgU1N+6aBRsdTNLHbrRl6+7mpWuk/xbSfDbld/KuLbWAIp8y0+rFSkf4b+pP3l0Q
47q1HX7IkZTpyZmSeI6X3zIj+RsBLe7nOq3R2Y357S/qLA==
-----END CERTIFICATE-----
Generated at Tue Nov 18 10:13:29 2025 by rpki-client