Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
File: b176a187-5863-4413-a001-74ccc0321be5.roa (raw, json)
Hash identifier: kJPlXY2szKrCmL9um4+wFkXPLhWojvuVWVMeKGdX404=
Subject key identifier: 19:EE:BB:41:A0:77:F7:FB:D6:A3:E1:75:75:B7:F1:0F:A5:07:B2:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A8A13B4E0FBE0FA24A21B52EFC762AEADBFC1AA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
Signing time: Mon 01 Sep 2025 21:20:55 +0000
ROA not before: Mon 01 Sep 2025 21:20:55 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02c::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:8a:13:b4:e0:fb:e0:fa:24:a2:1b:52:ef:c7:62:ae:ad:bf:c1:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:20:55 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=5314fe10159341b7d61585e74e15d614fb253b3f6f36466f968a15464a07be0b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d2:90:c4:05:55:eb:34:e2:b8:b8:2b:08:0b:
d1:3d:cd:a0:c8:fb:c8:a1:62:8d:ea:a5:3a:81:96:
15:19:89:48:c8:cc:10:a0:bc:56:51:43:c2:98:1b:
bb:13:97:53:a1:a9:c5:7c:14:35:04:6e:6f:f2:7b:
ab:3c:3b:24:1c:32:c6:75:79:10:9f:02:4d:db:52:
98:1d:96:81:a2:af:89:77:12:ce:1e:07:d7:c6:c5:
68:ad:13:3b:9a:eb:c8:19:db:b8:5d:2e:70:1d:a0:
25:9a:0a:9d:39:f9:13:6e:be:38:ff:82:c1:df:5f:
c2:f3:5e:14:d8:72:42:c1:8b:9e:bd:b4:6c:52:b7:
67:68:ce:eb:cb:81:73:88:c3:28:ea:d9:f3:c1:44:
dc:da:ed:f5:d0:40:b6:26:57:a1:24:ce:9e:fe:e7:
58:24:58:50:a5:58:f1:84:1a:80:f9:07:4a:f2:cd:
ec:fe:7a:c9:b6:f6:60:86:18:90:b7:36:0b:15:dd:
61:46:8e:d5:69:15:17:76:af:f2:6b:79:dd:c6:db:
f0:9a:d2:96:3b:4c:05:6a:bb:43:63:27:4a:f1:7d:
be:f9:6a:6f:d2:5d:02:b1:a6:29:e6:cd:38:9d:e1:
42:d2:65:ce:87:d1:02:90:ae:2c:e8:72:bb:30:20:
e7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:EE:BB:41:A0:77:F7:FB:D6:A3:E1:75:75:B7:F1:0F:A5:07:B2:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02c::/36
Signature Algorithm: sha256WithRSAEncryption
16:55:73:9c:1d:e5:29:9a:f7:fa:9f:de:5f:ed:90:2b:eb:b8:
7b:4b:08:eb:51:6b:d0:b6:6c:68:a6:9b:e3:08:41:d6:43:b1:
a8:56:d8:10:ba:d8:43:6f:50:69:73:e2:5d:2a:41:34:42:50:
5d:be:c2:59:ad:c6:aa:6f:37:24:d8:a7:37:40:59:e8:e2:00:
1c:47:9c:aa:9b:e2:37:13:ae:80:9c:6d:16:f4:d7:da:a4:f8:
d8:02:ac:fa:fb:d0:37:9e:d4:98:58:01:90:14:be:e0:86:54:
a0:1d:53:a3:c4:d2:d2:92:e7:4f:6d:c3:0a:cc:11:e3:f4:c0:
33:ed:40:96:af:0c:0e:57:36:6e:5d:e0:8b:0a:56:6c:7f:73:
64:9b:fb:29:18:f1:9a:15:a9:a6:c5:43:ac:84:7b:08:66:62:
fe:db:99:8f:27:1f:b6:16:2f:99:71:a0:b9:76:83:c7:a6:53:
9c:4c:60:c5:6e:7b:2e:ad:50:1b:53:b8:6e:21:dc:cd:a4:a0:
a7:e7:a0:2e:ce:af:74:c3:4b:e8:77:66:66:a7:79:42:cd:35:
02:04:c2:7e:17:f7:1b:89:51:c2:8e:c9:b3:75:a1:3a:dd:21:
4c:0e:d3:92:a1:55:d0:61:86:95:3c:19:ee:ec:a3:75:08:91:
f9:2c:e8:19
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeooTtOD74PokohtS78dirq2/waowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIwNTVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzMTRmZTEwMTU5MzQxYjdkNjE1ODVlNzRlMTVkNjE0ZmIyNTNiM2Y2ZjM2
NDY2Zjk2OGExNTQ2NGEwN2JlMGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI3SkMQFVes04ri4KwgL0T3NoMj7yKFijeqlOoGWFRmJSMjMEKC8VlFDwpgb
uxOXU6GpxXwUNQRub/J7qzw7JBwyxnV5EJ8CTdtSmB2WgaKviXcSzh4H18bFaK0T
O5rryBnbuF0ucB2gJZoKnTn5E26+OP+Cwd9fwvNeFNhyQsGLnr20bFK3Z2jO68uB
c4jDKOrZ88FE3Nrt9dBAtiZXoSTOnv7nWCRYUKVY8YQagPkHSvLN7P56ybb2YIYY
kLc2CxXdYUaO1WkVF3av8mt53cbb8JrSljtMBWq7Q2MnSvF9vvlqb9JdArGmKebN
OJ3hQtJlzofRApCuLOhyuzAg5ysCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZ7rtB
oHf3+9aj4XV1t/EPpQeyfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE3NmExODctNTg2My00NDEzLWEwMDEtNzRjY2MwMzIxYmU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CwA
MA0GCSqGSIb3DQEBCwUAA4IBAQAWVXOcHeUpmvf6n95f7ZAr67h7SwjrUWvQtmxo
ppvjCEHWQ7GoVtgQuthDb1Bpc+JdKkE0QlBdvsJZrcaqbzck2Kc3QFno4gAcR5yq
m+I3E66AnG0W9NfapPjYAqz6+9A3ntSYWAGQFL7ghlSgHVOjxNLSkudPbcMKzBHj
9MAz7UCWrwwOVzZuXeCLClZsf3Nkm/spGPGaFammxUOshHsIZmL+25mPJx+2Fi+Z
caC5doPHplOcTGDFbnsurVAbU7huIdzNpKCn56Auzq90w0vod2Zmp3lCzTUCBMJ+
F/cbiVHCjsmzdaE63SFMDtOSoVXQYYaVPBnu7KN1CJH5LOgZ
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:46 2025 by rpki-client