Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
File: 049fd671-de95-4496-9712-c56affcb2b27.roa (raw, json)
Hash identifier: rFhiJsM4Ljj5ubYqwIvpAQrxreabbHujIdwBdjz+OwE=
Subject key identifier: B7:F9:2B:C9:06:F2:7C:2B:0E:B5:9D:40:82:6A:72:FC:6E:5C:E9:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50EAD9169C3C2ED8B896E36DDFDDB1D71E5062F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
Signing time: Mon 28 Jul 2025 16:00:21 +0000
ROA not before: Mon 28 Jul 2025 16:00:21 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.24.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:ea:d9:16:9c:3c:2e:d8:b8:96:e3:6d:df:dd:b1:d7:1e:50:62:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:00:21 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=c404a99c092e3cf4cf7e05417221340805b2f9ad72c909304b13ed3763340ca0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:33:8c:08:a8:f2:69:b2:56:1f:a6:fc:cc:da:
78:bf:cc:b4:fc:10:bb:2e:fe:b7:ea:f2:a8:c5:28:
6e:bd:cc:97:db:5e:6e:62:9a:10:09:1f:45:65:1a:
4b:7a:4b:8f:98:53:8b:36:f9:d2:d2:d8:b9:ba:c8:
3b:cb:e8:d9:28:00:76:e8:52:71:15:a1:85:6c:13:
74:9e:95:64:bf:d0:1d:86:0a:bd:26:25:c0:55:5f:
88:b3:bb:46:7c:78:dd:85:69:b7:41:2f:d1:54:f7:
1d:c0:c2:b2:ee:4f:18:d2:1c:9c:6e:36:93:c5:68:
43:80:49:a2:2d:9d:de:a4:4b:62:bf:d4:4e:46:1c:
14:a4:cd:f5:84:b0:91:0d:99:20:e1:73:dd:d8:3e:
95:84:62:d5:33:23:50:5a:85:15:48:0c:d4:25:2b:
e5:40:9d:c3:4b:2f:b0:d0:c6:25:a1:0a:d9:99:b4:
86:1b:0a:5c:28:e1:6c:03:7d:5b:27:34:5d:91:6a:
b5:16:2b:e1:eb:4c:d8:45:13:46:05:02:e1:a2:e7:
9e:33:9e:d7:ef:2b:2f:c5:03:15:60:ff:a9:51:ce:
dd:cb:62:a0:f0:77:fc:50:76:9e:c0:8e:8a:90:00:
aa:54:26:a4:36:75:b6:16:b5:c2:4c:9b:03:cf:df:
9a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F9:2B:C9:06:F2:7C:2B:0E:B5:9D:40:82:6A:72:FC:6E:5C:E9:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.24.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:ad:ab:c3:82:62:92:b8:ea:fb:de:e4:a5:18:d9:67:27:b9:
4a:74:1c:3c:b9:da:c8:8a:09:2b:2b:3e:58:c5:05:7a:22:26:
5a:3a:f2:57:19:82:88:50:72:eb:26:a2:53:1f:13:e6:1b:fc:
88:a5:b3:83:a3:f2:74:92:c4:19:d8:11:d7:0e:1b:ab:70:bc:
a6:9c:4c:1d:d6:9b:fa:91:ac:0e:a8:20:6e:ed:75:97:ce:54:
9e:f9:3e:21:82:5c:4d:c5:ed:a2:f4:e0:01:b5:ab:64:c8:bc:
f3:35:c4:19:2a:b2:79:9e:0f:90:3e:d3:6a:8b:97:6c:6c:55:
09:20:80:e0:59:96:76:fd:a9:f9:90:38:33:71:ed:ce:4c:33:
f1:c3:35:db:d7:63:e5:83:27:4a:0a:71:4c:a1:9d:b5:34:2c:
3d:33:ef:0e:97:57:c5:0c:db:63:91:36:b9:fa:45:40:e4:9a:
1b:4e:4f:2e:6e:be:6a:30:2b:07:d9:8d:aa:62:75:04:16:8c:
29:49:4d:eb:1c:27:42:67:fd:bd:5f:ed:79:61:c5:e4:35:68:
91:45:af:bf:ef:88:1a:32:19:a6:02:ae:14:84:1c:76:13:06:
4b:74:e5:92:3d:1c:6c:1f:c4:c6:4d:19:a5:9a:20:d3:78:77:
d9:6f:0c:f2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUOrZFpw8Lti4luNt392x1x5QYvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjAwMjFaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0MDRhOTljMDkyZTNjZjRjZjdlMDU0MTcyMjEzNDA4MDViMmY5YWQ3MmM5
MDkzMDRiMTNlZDM3NjMzNDBjYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4zjAio8mmyVh+m/MzaeL/MtPwQuy7+t+ryqMUobr3Ml9tebmKaEAkfRWUa
S3pLj5hTizb50tLYubrIO8vo2SgAduhScRWhhWwTdJ6VZL/QHYYKvSYlwFVfiLO7
Rnx43YVpt0Ev0VT3HcDCsu5PGNIcnG42k8VoQ4BJoi2d3qRLYr/UTkYcFKTN9YSw
kQ2ZIOFz3dg+lYRi1TMjUFqFFUgM1CUr5UCdw0svsNDGJaEK2Zm0hhsKXCjhbAN9
Wyc0XZFqtRYr4etM2EUTRgUC4aLnnjOe1+8rL8UDFWD/qVHO3ctioPB3/FB2nsCO
ipAAqlQmpDZ1tha1wkybA8/fmuMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS3+SvJ
BvJ8Kw61nUCCanL8blzp0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ5ZmQ2NzEtZGU5NS00NDk2LTk3MTItYzU2YWZmY2IyYjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AiGDAN
BgkqhkiG9w0BAQsFAAOCAQEAmq2rw4Jikrjq+97kpRjZZye5SnQcPLnayIoJKys+
WMUFeiImWjryVxmCiFBy6yaiUx8T5hv8iKWzg6PydJLEGdgR1w4bq3C8ppxMHdab
+pGsDqggbu11l85Unvk+IYJcTcXtovTgAbWrZMi88zXEGSqyeZ4PkD7TaouXbGxV
CSCA4FmWdv2p+ZA4M3Htzkwz8cM129dj5YMnSgpxTKGdtTQsPTPvDpdXxQzbY5E2
ufpFQOSaG05PLm6+ajArB9mNqmJ1BBaMKUlN6xwnQmf9vV/teWHF5DVokUWvv++I
GjIZpgKuFIQcdhMGS3Tlkj0cbB/Exk0ZpZog03h32W8M8g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:51 2025 by rpki-client