Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5744d03-14d6-49dd-bcc7-bbf41846c647.roa
File: e5744d03-14d6-49dd-bcc7-bbf41846c647.roa (raw, json)
Hash identifier: hDx8wnATnY3XgtQzNBKqA11aI6Q9dK09/QG+XJuVVhc=
Subject key identifier: 2D:8D:BE:CD:74:B1:90:50:E7:38:27:F8:8D:80:0E:11:96:73:B3:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D09B756252A7EF6E4E6AC4DBDC0A920586BA814
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5744d03-14d6-49dd-bcc7-bbf41846c647.roa
Signing time: Tue 21 Oct 2025 13:10:39 +0000
ROA not before: Tue 21 Oct 2025 13:10:39 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Nov 2025 11:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:09:b7:56:25:2a:7e:f6:e4:e6:ac:4d:bd:c0:a9:20:58:6b:a8:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:10:39 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=6ad84095e69d9d5041ab5883d4476f9cdf828e6a297eeb5aa5b25db10caccf3a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9c:0a:35:56:e9:f2:22:aa:ff:77:54:01:6e:
d5:76:f3:f7:18:33:bf:84:4a:f1:f0:49:51:9c:e2:
43:cd:f0:c2:3f:8f:cb:da:dd:36:82:00:3e:76:29:
7d:fd:d6:98:26:76:98:b4:07:00:4d:06:68:1f:bb:
12:d6:f0:7c:47:d5:ce:19:e4:75:7d:e2:f0:96:bb:
1e:a0:ff:9f:80:b9:de:24:e5:4d:05:71:49:85:d7:
69:93:e7:1a:1d:da:85:46:fd:ef:1c:93:e9:ff:ba:
d7:30:21:1b:bc:3c:01:a9:3e:42:ef:73:e2:53:7b:
49:e3:dd:c2:75:4c:fa:8a:01:f4:3e:7f:39:f7:6d:
83:b5:a0:c5:75:91:85:f2:5a:a7:b0:f3:ce:b6:3c:
af:0a:1c:e3:f2:b5:cb:92:8f:16:99:26:fb:bd:fe:
51:c3:2a:5d:c2:ff:cb:77:a7:2f:3d:8a:ed:b0:8c:
9a:24:fb:a1:e6:73:db:d1:6c:ee:18:8f:00:d7:1e:
9e:77:b0:bd:13:67:65:bd:29:2f:a1:52:33:3a:28:
33:62:d9:c2:7d:82:c1:68:6e:62:c4:bc:ba:3b:9a:
e5:3a:11:50:2d:b4:fd:da:b3:0a:69:cf:3f:31:5b:
c6:e8:9a:72:37:0f:71:ca:1a:19:77:a6:d4:df:26:
84:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:8D:BE:CD:74:B1:90:50:E7:38:27:F8:8D:80:0E:11:96:73:B3:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5744d03-14d6-49dd-bcc7-bbf41846c647.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.126.0/23
Signature Algorithm: sha256WithRSAEncryption
89:be:7c:1f:c5:59:1d:0b:d5:4a:e8:3e:b4:e2:8a:53:78:18:
14:08:7e:16:3b:38:67:5f:5e:d5:cf:16:82:da:a5:78:a2:0d:
70:c6:59:f1:45:46:f3:48:75:94:3e:c6:70:39:65:ca:31:91:
5d:c4:13:d4:76:d8:4d:14:ab:9c:7e:c8:63:33:10:18:e2:88:
13:07:6f:8d:d8:0f:6d:f2:50:50:3d:e7:aa:c7:df:9d:3f:05:
e7:4c:fe:bc:22:a0:7f:7c:53:99:ea:45:18:94:91:71:65:ef:
b8:56:fa:8a:2d:71:f9:cf:6b:35:77:92:71:bc:6b:c1:37:54:
69:45:39:be:6e:c5:09:75:b6:7c:4f:b2:01:e5:3e:ec:3d:a9:
d0:ea:be:12:1d:a7:f6:5c:f9:d9:cd:58:ec:5b:2c:6f:e8:27:
88:c0:f9:62:f0:a4:60:3f:b2:05:0a:89:4b:ad:d5:e3:7c:ab:
42:32:97:b8:6b:cd:1f:38:87:9f:42:8a:2a:47:c0:a3:5e:5c:
13:e3:8b:80:0f:92:e5:f7:34:ff:2d:ae:e6:5e:bf:69:d4:52:
32:fa:35:c4:17:6e:8e:8b:18:1d:f0:ad:3c:5b:38:5c:b2:3b:
5a:a0:30:c5:d7:b2:56:a0:8d:78:27:d9:d9:06:a7:65:85:91:
91:85:42:78
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfQm3ViUqfvbk5qxNvcCpIFhrqBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzEwMzlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhZDg0MDk1ZTY5ZDlkNTA0MWFiNTg4M2Q0NDc2ZjljZGY4MjhlNmEyOTdl
ZWI1YWE1YjI1ZGIxMGNhY2NmM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6cCjVW6fIiqv93VAFu1Xbz9xgzv4RK8fBJUZziQ83wwj+Py9rdNoIAPnYp
ff3WmCZ2mLQHAE0GaB+7EtbwfEfVzhnkdX3i8Ja7HqD/n4C53iTlTQVxSYXXaZPn
Gh3ahUb97xyT6f+61zAhG7w8Aak+Qu9z4lN7SePdwnVM+ooB9D5/Ofdtg7WgxXWR
hfJap7DzzrY8rwoc4/K1y5KPFpkm+73+UcMqXcL/y3enLz2K7bCMmiT7oeZz29Fs
7hiPANcennewvRNnZb0pL6FSMzooM2LZwn2CwWhuYsS8ujua5ToRUC20/dqzCmnP
PzFbxuiacjcPccoaGXem1N8mhEMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQtjb7N
dLGQUOc4J/iNgA4RlnOz7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTU3NDRkMDMtMTRkNi00OWRkLWJjYzctYmJmNDE4NDZjNjQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbAgfjAN
BgkqhkiG9w0BAQsFAAOCAQEAib58H8VZHQvVSug+tOKKU3gYFAh+Fjs4Z19e1c8W
gtqleKINcMZZ8UVG80h1lD7GcDllyjGRXcQT1HbYTRSrnH7IYzMQGOKIEwdvjdgP
bfJQUD3nqsffnT8F50z+vCKgf3xTmepFGJSRcWXvuFb6ii1x+c9rNXeScbxrwTdU
aUU5vm7FCXW2fE+yAeU+7D2p0Oq+Eh2n9lz52c1Y7Fssb+gniMD5YvCkYD+yBQqJ
S63V43yrQjKXuGvNHziHn0KKKkfAo15cE+OLgA+S5fc0/y2u5l6/adRSMvo1xBdu
josYHfCtPFs4XLI7WqAwxdeyVqCNeCfZ2QanZYWRkYVCeA==
-----END CERTIFICATE-----
Generated at Sat Nov 8 14:14:50 2025 by rpki-client