Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
File: db2d9177-e3d4-459e-980d-b68f027facc9.roa (raw, json)
Hash identifier: uyTxGlQ9LPMWlMQqSoKXVBD9rd35zMpsLUGYY104aU0=
Subject key identifier: AA:30:D0:C6:97:76:A6:89:BD:51:23:76:88:DA:25:8E:1B:F3:AB:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B3BFC51DB9E2B4639894939EA2478A7837BB9FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
Signing time: Tue 21 Oct 2025 14:00:32 +0000
ROA not before: Tue 21 Oct 2025 14:00:32 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:3b:fc:51:db:9e:2b:46:39:89:49:39:ea:24:78:a7:83:7b:b9:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:00:32 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=2c7f4def77cde5fb21db20ed293a34c26dd174dbb3f7fdbf8415bdd0e3df5a46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:52:db:48:f7:af:4c:df:dc:99:66:f9:db:c0:
cf:0a:a6:1f:47:a3:ba:69:11:be:cb:29:6c:a3:46:
4b:21:a9:8b:1f:ff:93:51:96:4f:2d:c8:99:34:b6:
04:73:d3:0d:a8:96:36:5e:14:85:91:f3:c5:32:db:
7b:45:d2:79:bb:4a:db:d9:49:4a:09:99:3f:02:af:
27:42:57:a9:f5:8d:6b:2c:f3:74:70:b8:67:a2:f4:
bb:4c:9d:74:9f:31:9c:7f:2d:50:4d:4d:28:b7:44:
fd:b9:95:1b:5e:ce:89:96:dc:a5:ef:70:16:f4:d9:
02:3e:3a:d5:66:4c:53:1c:d7:dc:c6:1b:97:08:43:
65:da:cd:5f:1e:24:3d:23:16:3d:53:32:31:6d:2e:
45:e3:78:b2:80:d2:47:90:bd:d6:f7:e9:c8:c0:ee:
89:26:f3:a7:15:2e:d0:1c:87:55:93:6a:d3:a3:7b:
8a:cd:aa:3c:e5:1c:58:32:05:c3:65:62:d7:dc:45:
4c:b1:f4:3f:e1:5d:d0:da:2a:42:4e:68:03:f5:7c:
3a:fd:fe:bd:fa:64:0c:65:10:20:9d:3c:8b:2b:84:
cc:61:23:d8:3e:2f:3a:8c:e9:e3:74:98:6f:d1:23:
70:c2:4d:26:1d:0a:8f:57:a8:e1:d3:b8:cb:53:79:
4c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:30:D0:C6:97:76:A6:89:BD:51:23:76:88:DA:25:8E:1B:F3:AB:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:0e:1e:8b:1a:08:be:b2:03:3e:f5:47:0a:63:67:c3:d2:40:
e7:da:65:43:db:79:af:fe:25:ad:4b:c8:d8:4d:a3:a8:7d:30:
f6:58:9b:2a:84:64:02:13:fa:99:68:7e:be:e1:ec:be:a1:50:
4f:cb:b3:95:3e:72:22:72:99:07:ef:d3:ca:09:bb:41:6b:7b:
14:5c:98:f1:70:57:67:29:15:b4:1f:f3:04:56:b4:c6:23:25:
39:f2:01:74:ee:55:04:94:de:9b:ed:91:c7:04:32:87:d0:65:
5d:2e:aa:3d:72:e9:01:20:b9:d4:3a:74:7a:02:e5:c7:5e:42:
45:22:a6:06:19:f0:7e:6f:31:0a:a9:24:bd:e6:d6:87:72:84:
04:98:ed:89:b4:07:33:cc:8a:f9:0c:07:a9:7d:6e:b9:16:da:
e7:6e:45:b9:19:6d:90:4d:01:d6:ed:77:77:0f:5b:5d:04:d9:
9c:ae:8e:34:50:b1:94:9a:33:ba:ab:15:6f:30:6a:2c:0f:22:
6a:4a:6b:45:ab:07:5a:7e:0c:05:df:70:d0:4c:07:b9:a7:c8:
7d:74:8a:1e:94:3d:47:c6:a9:ff:30:54:5a:a4:33:0d:cf:d4:
f1:31:fd:3b:f1:7a:31:c9:13:96:7f:48:2e:af:33:10:7a:59:
60:d1:79:16
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOzv8UdueK0Y5iUk56iR4p4N7uf4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDAwMzJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjN2Y0ZGVmNzdjZGU1ZmIyMWRiMjBlZDI5M2EzNGMyNmRkMTc0ZGJiM2Y3
ZmRiZjg0MTViZGQwZTNkZjVhNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZS20j3r0zf3Jlm+dvAzwqmH0ejumkRvsspbKNGSyGpix//k1GWTy3ImTS2
BHPTDaiWNl4UhZHzxTLbe0XSebtK29lJSgmZPwKvJ0JXqfWNayzzdHC4Z6L0u0yd
dJ8xnH8tUE1NKLdE/bmVG17OiZbcpe9wFvTZAj461WZMUxzX3MYblwhDZdrNXx4k
PSMWPVMyMW0uReN4soDSR5C91vfpyMDuiSbzpxUu0ByHVZNq06N7is2qPOUcWDIF
w2Vi19xFTLH0P+Fd0NoqQk5oA/V8Ov3+vfpkDGUQIJ08iyuEzGEj2D4vOozp43SY
b9EjcMJNJh0Kj1eo4dO4y1N5TH0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSqMNDG
l3amib1RI3aI2iWOG/OrSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGIyZDkxNzctZTNkNC00NTllLTk4MGQtYjY4ZjAyN2ZhY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAHA4eixoIvrIDPvVHCmNnw9JA59plQ9t5r/4lrUvI
2E2jqH0w9libKoRkAhP6mWh+vuHsvqFQT8uzlT5yInKZB+/Tygm7QWt7FFyY8XBX
ZykVtB/zBFa0xiMlOfIBdO5VBJTem+2RxwQyh9BlXS6qPXLpASC51Dp0egLlx15C
RSKmBhnwfm8xCqkkvebWh3KEBJjtibQHM8yK+QwHqX1uuRba525FuRltkE0B1u13
dw9bXQTZnK6ONFCxlJozuqsVbzBqLA8iakprRasHWn4MBd9w0EwHuafIfXSKHpQ9
R8ap/zBUWqQzDc/U8TH9O/F6MckTln9ILq8zEHpZYNF5Fg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:57 2025 by rpki-client