Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
File: 2780ebe2-8258-4510-a848-89116418e1c7.roa (raw, json)
Hash identifier: flA6H9NZpG1EwFWsgyMG0i8oe220jhtICKiNT7lWXLE=
Subject key identifier: 73:6E:43:02:30:12:11:DE:64:EE:89:6F:02:EE:91:A9:4F:96:C7:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 083EF2D58AD86BAFD39292ED9EC37D33841765B2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
Signing time: Mon 28 Jul 2025 16:10:37 +0000
ROA not before: Mon 28 Jul 2025 16:10:37 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:3e:f2:d5:8a:d8:6b:af:d3:92:92:ed:9e:c3:7d:33:84:17:65:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:37 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=4bf9d124f46fdff5837847318429ca7c611c5bcd1da6d6027d03952e63f64166, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:87:24:91:6d:0e:20:58:79:cc:6c:db:fe:63:
8d:fb:4c:44:7c:94:6b:55:b7:09:77:18:36:52:70:
de:b1:95:4d:6c:12:0c:e7:62:79:6d:70:e3:12:e8:
fb:04:81:ec:84:56:00:e3:f8:90:51:85:eb:86:e7:
49:df:d7:65:76:ce:18:55:ec:ef:ab:26:a1:49:cb:
d6:c9:71:84:90:d5:e5:ea:5c:6f:e2:da:e2:bd:19:
06:c8:02:a9:e5:56:a9:f4:8b:1d:51:84:04:91:34:
36:cf:60:be:83:47:22:b9:5d:e4:ed:e6:80:9d:67:
7f:a0:30:f2:f5:da:7d:43:26:0b:7b:e3:bd:61:be:
59:f1:6e:d9:7f:51:b1:66:f8:a1:a4:5e:30:24:d2:
9f:5c:a5:07:b3:14:3f:7c:a1:3e:84:6f:3a:27:62:
0c:46:3d:52:21:e8:88:79:60:80:b7:6c:f8:df:9e:
25:48:22:5f:2a:3a:83:bc:40:a3:be:4f:3b:3d:3d:
47:ce:cc:12:76:a3:03:4f:3b:24:38:23:44:9f:2f:
22:82:99:43:6c:2f:2f:9b:87:4b:e0:9c:b6:78:92:
df:0f:76:43:30:2c:ac:2e:fc:ac:ff:4e:0b:b9:95:
05:e6:44:f5:b2:35:be:64:33:79:de:55:9d:46:46:
6e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:6E:43:02:30:12:11:DE:64:EE:89:6F:02:EE:91:A9:4F:96:C7:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/19
Signature Algorithm: sha256WithRSAEncryption
28:6a:9e:74:4e:b7:1e:93:2f:fe:b7:43:a5:e2:55:aa:d3:7d:
cf:8a:63:80:01:6a:61:f4:0a:f7:7d:91:e0:62:38:ed:b9:dc:
f2:b8:08:80:ef:dd:c3:81:2d:10:f9:52:9a:82:33:2c:8b:38:
a6:3e:fc:0e:70:ba:cc:66:38:c6:c5:71:94:e2:dd:0f:ed:93:
1b:aa:2e:09:43:e3:48:ba:18:4c:86:e6:95:98:29:46:c1:d6:
9c:08:07:20:fa:f7:22:ce:b1:8f:ac:33:94:f7:dc:03:b9:08:
e1:24:d8:14:60:7b:ed:55:f8:f9:89:45:1b:b5:c1:2d:ac:7e:
65:1f:81:f7:e5:ca:3e:0a:71:93:60:65:12:cc:8f:11:24:82:
07:28:2f:23:7f:1a:8c:16:bd:91:09:4c:4e:a2:82:5d:0d:bd:
de:05:e9:c3:8b:d7:04:c5:10:b8:ae:56:f8:f9:19:77:da:72:
b2:25:e4:9d:9c:30:ce:d4:83:b4:7c:4f:a6:87:28:9a:b2:05:
a2:fb:d0:d7:de:76:22:d4:fb:8a:c4:58:f2:ff:59:fa:e6:a4:
00:e0:4c:af:ca:62:ea:4c:2b:49:2d:92:87:b8:b7:cd:f1:6e:
68:60:e9:4d:99:db:cd:10:60:6c:ad:d1:6b:80:49:bb:d1:b2:
2e:31:96:a6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCD7y1YrYa6/TkpLtnsN9M4QXZbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMzdaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiZjlkMTI0ZjQ2ZmRmZjU4Mzc4NDczMTg0MjljYTdjNjExYzViY2QxZGE2
ZDYwMjdkMDM5NTJlNjNmNjQxNjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6HJJFtDiBYecxs2/5jjftMRHyUa1W3CXcYNlJw3rGVTWwSDOdieW1w4xLo
+wSB7IRWAOP4kFGF64bnSd/XZXbOGFXs76smoUnL1slxhJDV5epcb+La4r0ZBsgC
qeVWqfSLHVGEBJE0Ns9gvoNHIrld5O3mgJ1nf6Aw8vXafUMmC3vjvWG+WfFu2X9R
sWb4oaReMCTSn1ylB7MUP3yhPoRvOidiDEY9UiHoiHlggLds+N+eJUgiXyo6g7xA
o75POz09R87MEnajA087JDgjRJ8vIoKZQ2wvL5uHS+CctniS3w92QzAsrC78rP9O
C7mVBeZE9bI1vmQzed5VnUZGbg0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRzbkMC
MBIR3mTuiW8C7pGpT5bH3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4MGViZTItODI1OC00NTEwLWE4NDgtODkxMTY0MThlMWM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEAKGqedE63HpMv/rdDpeJVqtN9z4pjgAFqYfQK932R
4GI47bnc8rgIgO/dw4EtEPlSmoIzLIs4pj78DnC6zGY4xsVxlOLdD+2TG6ouCUPj
SLoYTIbmlZgpRsHWnAgHIPr3Is6xj6wzlPfcA7kI4STYFGB77VX4+YlFG7XBLax+
ZR+B9+XKPgpxk2BlEsyPESSCBygvI38ajBa9kQlMTqKCXQ293gXpw4vXBMUQuK5W
+PkZd9pysiXknZwwztSDtHxPpocomrIFovvQ1952ItT7isRY8v9Z+uakAOBMr8pi
6kwrSS2Sh7i3zfFuaGDpTZnbzRBgbK3Ra4BJu9GyLjGWpg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:14 2025 by rpki-client