Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa
File: 296e983c-f59b-4a15-a74d-56b2bff88779.roa (raw, json)
Hash identifier: /Oz0eQ5icwwt4MB57nMzDiwWvQkq04wPH0kTda2p9cA=
Subject key identifier: 54:B5:39:9C:68:3E:A7:F7:7F:92:A5:12:BA:1F:07:1F:19:AF:0D:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61AE31239C0954BD9E97A809D96B59795D1C93B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa
Signing time: Mon 28 Jul 2025 16:10:28 +0000
ROA not before: Mon 28 Jul 2025 16:10:28 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.48.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:ae:31:23:9c:09:54:bd:9e:97:a8:09:d9:6b:59:79:5d:1c:93:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:28 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=ab90bc7575c58579c31ddf755cfcbd0a57717e2cbe6a6d06b659c16c9ba2b926, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a3:8c:b2:ab:ae:5f:61:70:4c:11:46:9a:03:
22:aa:7f:9e:02:fb:78:4c:36:ad:3f:f4:fb:f9:78:
c8:4f:8e:de:6c:44:62:63:9f:b6:8f:5b:72:c0:15:
55:f7:d6:8d:b8:89:9e:39:99:72:1a:b7:37:4d:f6:
a1:d4:29:28:8e:cc:08:8a:5e:7f:ea:01:9e:c8:66:
c4:2f:a1:11:34:ec:69:97:1e:37:64:95:1a:d7:73:
ff:15:e3:f2:7b:2d:dc:c0:37:b5:2a:a9:f3:e8:9a:
86:9f:47:b2:ce:b9:9d:b1:ad:ad:7d:a4:c4:b7:fd:
fb:98:0c:61:b4:af:56:41:b8:aa:aa:a0:15:af:b0:
ef:96:bf:a3:68:b4:2f:92:74:6d:3a:60:50:57:51:
14:4f:cc:9a:81:5c:2e:02:10:9e:4f:04:20:39:68:
76:e2:ea:47:f7:7a:91:ce:13:ae:31:24:df:09:d4:
03:bf:a0:75:ec:a1:59:0a:0a:9d:f5:bf:6f:98:15:
6f:c0:6b:35:24:a7:45:f6:1c:50:66:a0:53:f8:e1:
3a:c3:21:02:68:c5:7d:e9:0f:93:89:93:b6:1a:6c:
43:ef:86:81:c2:38:49:26:00:f0:b0:cd:c0:a0:43:
04:04:bf:8b:b1:91:ab:16:e8:2d:73:9e:0b:6c:d6:
74:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:B5:39:9C:68:3E:A7:F7:7F:92:A5:12:BA:1F:07:1F:19:AF:0D:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.48.0/20
Signature Algorithm: sha256WithRSAEncryption
c9:61:dd:9a:70:47:2e:0e:27:af:44:f3:ad:cc:34:9d:1f:e0:
36:45:8e:5e:39:12:d0:85:cc:47:38:8f:df:3b:72:83:dc:84:
9d:ec:46:57:c5:83:ce:0b:cf:0f:59:a9:80:58:a3:c8:86:e4:
e7:98:3d:ed:16:10:46:e5:67:68:82:04:89:e0:db:cb:ec:28:
62:a7:66:0c:14:0e:f1:9f:dc:85:d2:d8:75:b8:9a:af:60:00:
6a:56:bc:f8:46:46:13:e0:7c:1a:06:38:71:32:8e:5f:d5:1c:
0f:5b:83:7d:6b:f6:e3:41:d8:47:f4:df:e9:2e:f3:9b:fd:51:
ef:34:27:db:09:a8:40:8c:02:40:e6:64:1a:22:8a:bf:f0:33:
12:79:42:b1:f2:3c:68:cc:6c:7a:87:a6:1d:2f:ef:5b:68:18:
10:0d:66:b0:6a:c8:89:a5:26:8b:89:2c:38:01:1e:40:9a:96:
de:ea:8d:b1:64:c3:33:4f:dd:28:9b:9d:5a:b0:ea:30:45:e1:
b4:db:11:e2:ec:82:47:8d:e4:fa:e4:d9:69:3f:bd:3c:ce:de:
d4:0c:6f:57:a2:e6:bb:8f:83:68:e6:86:36:89:d5:0e:c6:69:
e7:91:03:ac:52:3c:4e:ba:19:30:3e:cf:4f:86:1f:75:7e:38:
e0:0e:17:b0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYa4xI5wJVL2el6gJ2WtZeV0ck7kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMjhaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiOTBiYzc1NzVjNTg1NzljMzFkZGY3NTVjZmNiZDBhNTc3MTdlMmNiZTZh
NmQwNmI2NTljMTZjOWJhMmI5MjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOWjjLKrrl9hcEwRRpoDIqp/ngL7eEw2rT/0+/l4yE+O3mxEYmOfto9bcsAV
VffWjbiJnjmZchq3N032odQpKI7MCIpef+oBnshmxC+hETTsaZceN2SVGtdz/xXj
8nst3MA3tSqp8+iahp9Hss65nbGtrX2kxLf9+5gMYbSvVkG4qqqgFa+w75a/o2i0
L5J0bTpgUFdRFE/MmoFcLgIQnk8EIDloduLqR/d6kc4TrjEk3wnUA7+gdeyhWQoK
nfW/b5gVb8BrNSSnRfYcUGagU/jhOsMhAmjFfekPk4mTthpsQ++GgcI4SSYA8LDN
wKBDBAS/i7GRqxboLXOeC2zWdDMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRUtTmc
aD6n93+SpRK6HwcfGa8NYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjk2ZTk4M2MtZjU5Yi00YTE1LWE3NGQtNTZiMmJmZjg4Nzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiMDAN
BgkqhkiG9w0BAQsFAAOCAQEAyWHdmnBHLg4nr0Tzrcw0nR/gNkWOXjkS0IXMRziP
3ztyg9yEnexGV8WDzgvPD1mpgFijyIbk55g97RYQRuVnaIIEieDby+woYqdmDBQO
8Z/chdLYdbiar2AAala8+EZGE+B8GgY4cTKOX9UcD1uDfWv240HYR/Tf6S7zm/1R
7zQn2wmoQIwCQOZkGiKKv/AzEnlCsfI8aMxseoemHS/vW2gYEA1msGrIiaUmi4ks
OAEeQJqW3uqNsWTDM0/dKJudWrDqMEXhtNsR4uyCR43k+uTZaT+9PM7e1AxvV6Lm
u4+DaOaGNonVDsZp55EDrFI8TroZMD7PT4YfdX444A4XsA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:35 2025 by rpki-client