Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c4d2d14-aa0a-456e-90f4-bdfa21e668f8.roa
File: 1c4d2d14-aa0a-456e-90f4-bdfa21e668f8.roa (raw, json)
Hash identifier: GToRKuO/VoosXDK8ZmfRueF5k+cEgIG1GiVcnyzsfLg=
Subject key identifier: B0:A4:0C:68:12:50:A9:62:9C:3E:31:11:6B:D9:DF:64:B3:E9:BA:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 321194310C12DDA385C87DB59565A804FDCBF802
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c4d2d14-aa0a-456e-90f4-bdfa21e668f8.roa
Signing time: Mon 28 Jul 2025 16:10:30 +0000
ROA not before: Mon 28 Jul 2025 16:10:30 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:11:94:31:0c:12:dd:a3:85:c8:7d:b5:95:65:a8:04:fd:cb:f8:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:30 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=163505d788abe4839f61a2ca11fc6d1f212942fa9cdc01c764b9117420ff5359, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c5:64:81:78:78:f3:5d:12:75:db:a4:d7:68:
35:28:40:ef:c4:26:8f:88:92:fb:29:f8:3b:fb:71:
97:be:0a:ac:e5:d4:b3:1a:43:c2:9c:ba:20:7d:d2:
bd:0c:5e:a7:d7:30:17:34:16:72:2c:10:cf:86:ae:
08:64:b0:e5:8b:cc:07:ad:13:f2:b2:16:47:e5:b7:
20:19:e6:6b:1e:87:96:03:93:24:70:44:3e:b7:05:
ed:ba:17:67:01:d6:3c:cb:09:dc:b0:67:39:c9:e4:
75:43:98:8f:c1:8b:3f:50:eb:7d:8e:2a:8f:93:dc:
fc:61:d9:8c:8b:48:52:9a:66:55:40:1c:86:99:92:
7f:78:1e:eb:63:27:57:64:75:9b:21:95:20:08:7a:
56:21:7a:89:bc:4f:d6:2e:49:a1:69:ff:0f:13:6f:
ee:47:c0:4c:01:a0:a8:be:76:cf:69:70:98:f3:13:
00:8a:2f:98:66:62:30:0e:e3:03:2f:4a:6e:27:85:
9f:eb:e5:4a:c4:7b:30:be:6d:be:12:17:8a:6f:dd:
76:f3:dd:f4:02:b3:c8:67:0e:71:b9:13:f4:03:ee:
87:4f:17:e1:26:fc:59:c5:9e:15:63:8b:ee:09:f4:
6e:c5:37:b9:15:ba:bb:5b:f8:9a:e2:a3:17:86:41:
f0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A4:0C:68:12:50:A9:62:9C:3E:31:11:6B:D9:DF:64:B3:E9:BA:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c4d2d14-aa0a-456e-90f4-bdfa21e668f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/17
Signature Algorithm: sha256WithRSAEncryption
96:7a:e5:73:d7:76:8f:e3:3c:a6:c9:22:20:c0:0f:8c:33:c1:
5a:82:c7:8d:bb:bc:74:e9:94:8c:41:f4:f4:d7:ec:fc:d5:ea:
fa:11:0a:2f:d2:d7:f1:0e:50:70:7e:5c:0e:38:6b:93:42:5f:
aa:68:f6:f6:e4:0d:c7:23:24:c6:55:d5:55:9e:bc:05:40:69:
22:ad:25:b3:93:cc:d7:e7:c8:ad:85:5e:7b:92:8b:f5:b6:38:
69:95:c0:aa:ff:44:e5:16:73:1a:98:48:a8:af:09:9a:bd:3f:
5a:c6:17:00:73:50:64:70:74:b2:09:1f:d9:d1:c4:10:9c:7f:
bc:87:af:e9:90:e0:fc:f5:66:ea:20:23:91:b1:2b:18:cd:f6:
29:01:03:49:cb:e2:c7:c4:e5:8e:d2:f4:ca:0d:2a:1d:1c:1a:
8e:0b:20:1d:39:a7:92:88:75:4e:ee:6a:bb:bc:30:cd:35:2e:
21:1d:35:11:55:7c:f1:d4:8e:12:2d:e9:ce:d0:14:bf:29:df:
e7:bf:f3:d8:7d:bc:ed:51:2f:e8:3b:1d:22:a0:98:56:0d:86:
35:e6:7f:b7:4f:07:31:7e:ee:be:8e:13:60:65:0f:32:73:1c:
48:e6:c3:43:4d:39:a6:7d:b4:46:1d:8e:ed:55:0c:f0:4d:54:
b7:bc:1e:27
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMhGUMQwS3aOFyH21lWWoBP3L+AIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMzBaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MzUwNWQ3ODhhYmU0ODM5ZjYxYTJjYTExZmM2ZDFmMjEyOTQyZmE5Y2Rj
MDFjNzY0YjkxMTc0MjBmZjUzNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfFZIF4ePNdEnXbpNdoNShA78Qmj4iS+yn4O/txl74KrOXUsxpDwpy6IH3S
vQxep9cwFzQWciwQz4auCGSw5YvMB60T8rIWR+W3IBnmax6HlgOTJHBEPrcF7boX
ZwHWPMsJ3LBnOcnkdUOYj8GLP1DrfY4qj5Pc/GHZjItIUppmVUAchpmSf3ge62Mn
V2R1myGVIAh6ViF6ibxP1i5JoWn/DxNv7kfATAGgqL52z2lwmPMTAIovmGZiMA7j
Ay9KbieFn+vlSsR7ML5tvhIXim/ddvPd9AKzyGcOcbkT9APuh08X4Sb8WcWeFWOL
7gn0bsU3uRW6u1v4muKjF4ZB8GcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSwpAxo
ElCpYpw+MRFr2d9ks+m6KTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWM0ZDJkMTQtYWEwYS00NTZlLTkwZjQtYmRmYTIxZTY2OGY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB7AigDAN
BgkqhkiG9w0BAQsFAAOCAQEAlnrlc9d2j+M8pskiIMAPjDPBWoLHjbu8dOmUjEH0
9Nfs/NXq+hEKL9LX8Q5QcH5cDjhrk0Jfqmj29uQNxyMkxlXVVZ68BUBpIq0ls5PM
1+fIrYVee5KL9bY4aZXAqv9E5RZzGphIqK8Jmr0/WsYXAHNQZHB0sgkf2dHEEJx/
vIev6ZDg/PVm6iAjkbErGM32KQEDScvix8TljtL0yg0qHRwajgsgHTmnkoh1Tu5q
u7wwzTUuIR01EVV88dSOEi3pztAUvynf57/z2H287VEv6DsdIqCYVg2GNeZ/t08H
MX7uvo4TYGUPMnMcSObDQ005pn20Rh2O7VUM8E1Ut7weJw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:51 2025 by rpki-client