Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
File: 3c89eb14-e34b-4729-9b6f-b536e1e06692.roa (raw, json)
Hash identifier: jKcPgPXo3Bvhr8pFYkUhmqfDbSqvP0Ezy9LFezZwBlk=
Subject key identifier: A6:4F:D1:0E:32:83:71:E1:7C:B5:06:15:D4:94:E9:02:30:65:CC:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03DF77885CEFDFD5F589129E5267FBB68A2E7597
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
Signing time: Mon 28 Jul 2025 16:00:23 +0000
ROA not before: Mon 28 Jul 2025 16:00:23 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.32.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:df:77:88:5c:ef:df:d5:f5:89:12:9e:52:67:fb:b6:8a:2e:75:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:00:23 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=f634e0ea21b4e055a80e1505cbf91f3eb41dbe959803993b226cbde3dffc49cf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:74:4c:8c:87:bb:fc:b7:a2:db:1c:4f:db:13:
7e:5a:86:ab:83:df:95:bc:68:1f:f8:69:97:4f:2b:
11:42:4a:de:f5:02:ac:31:ed:0b:13:5e:a8:9d:d6:
b8:72:5b:3b:5e:f7:a3:17:76:3c:58:d0:de:54:5e:
31:f0:b9:3b:a8:a0:b3:34:a8:fe:18:29:1b:1c:09:
78:64:ee:34:12:68:42:fb:ea:82:f3:3f:78:da:68:
d4:36:00:05:35:5f:39:13:2b:23:79:b5:bc:e3:f5:
05:99:ff:c2:c8:b2:7c:b0:86:92:43:d3:0a:47:e0:
10:8b:39:03:33:ce:b5:f9:94:9d:0b:9c:07:0e:46:
77:83:f4:f8:38:f0:22:2d:57:fe:c7:44:6d:c5:b4:
d2:a5:cb:fc:d5:98:78:96:94:6f:91:ce:c8:07:b2:
18:a4:b8:f0:60:67:3a:3d:60:44:7d:52:36:8a:7e:
3e:fb:3c:ac:09:68:52:87:bb:bc:ba:19:68:2c:c9:
5b:70:95:df:75:a0:69:7f:f8:14:4b:0c:d5:ca:4a:
dc:ec:c6:07:7f:f8:cd:f7:37:cb:96:b9:30:50:83:
bf:4f:2c:bb:ff:50:8b:f1:15:00:ef:f8:c1:42:07:
81:8e:c0:66:6a:0b:56:9f:c8:bf:99:0b:33:cf:f1:
28:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:4F:D1:0E:32:83:71:E1:7C:B5:06:15:D4:94:E9:02:30:65:CC:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.32.0/21
Signature Algorithm: sha256WithRSAEncryption
89:b7:06:3b:9e:71:87:1d:cb:13:36:03:02:48:3a:5f:80:d6:
20:9e:8a:3a:d2:1e:54:56:ee:7b:6a:5f:f6:78:04:bd:5c:bb:
7c:82:ae:14:c7:32:7e:cd:d0:ba:c5:0e:56:1c:76:e4:9d:83:
ea:bc:a2:c3:07:59:5e:7b:fb:35:47:d9:d3:e1:6e:93:a7:89:
d2:93:6e:d2:e3:9e:33:48:a1:b5:c4:ac:09:77:98:ed:6f:85:
94:fc:85:35:5f:13:72:d7:67:e8:7b:0d:9b:28:9b:3a:80:20:
29:19:03:81:c6:43:9a:89:fd:f3:32:39:98:cc:b3:73:8e:8b:
9f:29:99:b7:16:91:54:58:8c:d6:07:76:f0:eb:1f:b2:c3:b5:
92:66:a9:ac:b3:03:4b:94:b6:34:be:b2:19:f0:25:e9:21:e1:
75:4a:45:e8:ff:f4:e8:3f:f2:70:41:c1:07:3d:4b:44:38:82:
ba:35:78:10:4a:4d:49:fe:d4:2b:a5:87:b9:ef:36:6a:7e:f0:
ea:06:52:8f:1b:62:3b:63:32:40:8f:8e:fc:bc:d7:3f:09:72:
94:45:20:c3:97:fe:96:24:37:83:aa:3f:3b:15:58:db:fa:34:
91:ef:a4:78:66:05:dd:25:99:bf:18:05:71:12:a7:f0:f7:c0:
8d:1a:9f:c0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUA993iFzv39X1iRKeUmf7tooudZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjAwMjNaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2MzRlMGVhMjFiNGUwNTVhODBlMTUwNWNiZjkxZjNlYjQxZGJlOTU5ODAz
OTkzYjIyNmNiZGUzZGZmYzQ5Y2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKx0TIyHu/y3otscT9sTflqGq4PflbxoH/hpl08rEUJK3vUCrDHtCxNeqJ3W
uHJbO173oxd2PFjQ3lReMfC5O6igszSo/hgpGxwJeGTuNBJoQvvqgvM/eNpo1DYA
BTVfORMrI3m1vOP1BZn/wsiyfLCGkkPTCkfgEIs5AzPOtfmUnQucBw5Gd4P0+Djw
Ii1X/sdEbcW00qXL/NWYeJaUb5HOyAeyGKS48GBnOj1gRH1SNop+Pvs8rAloUoe7
vLoZaCzJW3CV33WgaX/4FEsM1cpK3OzGB3/4zfc3y5a5MFCDv08su/9Qi/EVAO/4
wUIHgY7AZmoLVp/Iv5kLM8/xKE8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSmT9EO
MoNx4Xy1BhXUlOkCMGXMTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2M4OWViMTQtZTM0Yi00NzI5LTliNmYtYjUzNmUxZTA2NjkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AiIDAN
BgkqhkiG9w0BAQsFAAOCAQEAibcGO55xhx3LEzYDAkg6X4DWIJ6KOtIeVFbue2pf
9ngEvVy7fIKuFMcyfs3QusUOVhx25J2D6ryiwwdZXnv7NUfZ0+Fuk6eJ0pNu0uOe
M0ihtcSsCXeY7W+FlPyFNV8Tctdn6HsNmyibOoAgKRkDgcZDmon98zI5mMyzc46L
nymZtxaRVFiM1gd28OsfssO1kmaprLMDS5S2NL6yGfAl6SHhdUpF6P/06D/ycEHB
Bz1LRDiCujV4EEpNSf7UK6WHue82an7w6gZSjxtiO2MyQI+O/LzXPwlylEUgw5f+
liQ3g6o/OxVY2/o0ke+keGYF3SWZvxgFcRKn8PfAjRqfwA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:22:50 2025 by rpki-client