Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
File: 40318891-5508-4eb6-bace-e245fbeb145a.roa (raw, json)
Hash identifier: sT6vedNQFGmG+pE2p19cYgMB8FslgO06QdPCLLy8ZCA=
Subject key identifier: 52:74:12:9C:12:41:36:28:A5:64:26:A9:9F:3B:D2:01:A5:55:08:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0DFCC3EE132373F53226A86966E630F5E5BF70C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
Signing time: Mon 28 Jul 2025 16:10:32 +0000
ROA not before: Mon 28 Jul 2025 16:10:32 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:fc:c3:ee:13:23:73:f5:32:26:a8:69:66:e6:30:f5:e5:bf:70:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:32 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=c3186d1aae950cb1f703e51e244e3990fa73f0ad469d5becce287305ed936df0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:96:c7:fb:2a:41:ae:fe:98:b8:34:db:2b:4c:
4f:b8:2a:84:7a:96:74:d4:1b:21:fd:10:74:95:92:
9d:4d:37:ab:1f:2b:42:da:34:f2:e2:e8:be:fc:e9:
d9:a8:82:10:1c:e1:87:07:45:b9:fb:ea:29:01:b1:
82:00:af:91:fd:11:fb:40:18:20:20:20:05:11:69:
34:f7:e1:d5:bd:16:06:49:8c:f5:bd:78:85:59:2b:
f3:95:1a:cf:2d:bd:6c:0c:0b:f4:d1:04:af:0a:e9:
8d:93:f3:5e:4c:76:d5:46:d6:ec:ff:92:10:89:25:
83:3a:91:81:32:dc:e5:96:75:ba:79:43:67:cb:59:
a3:9d:40:62:01:d2:27:5a:78:8f:33:4b:cd:af:ce:
80:3f:30:4b:38:d8:64:f4:dd:11:b3:a2:5e:da:4e:
ce:cd:a8:c3:5e:a6:3d:4a:51:8a:87:c4:0e:27:1e:
a4:30:88:37:eb:2a:87:0d:26:27:56:2f:53:68:c3:
65:c9:d7:70:fd:aa:e2:4b:f0:4f:54:d5:3f:f1:34:
1e:8b:b1:f5:9b:23:d4:45:ba:54:88:0a:62:1b:d9:
b6:8d:80:db:b9:78:89:94:f5:68:fe:05:e2:5c:0c:
3e:57:fe:1f:b6:c3:6b:4b:90:ce:96:5f:71:08:c6:
4f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:74:12:9C:12:41:36:28:A5:64:26:A9:9F:3B:D2:01:A5:55:08:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.160.0/19
Signature Algorithm: sha256WithRSAEncryption
11:5d:f9:69:32:d4:7e:8a:6f:3d:00:72:b2:13:d0:65:cd:ab:
27:0d:98:83:85:6f:4d:82:1c:4e:99:3b:0b:ef:b6:d2:ef:a4:
79:69:5d:2e:83:94:eb:17:07:b5:cb:88:bb:e0:ee:a9:bc:a6:
62:b8:d1:84:7d:7c:52:a1:99:2c:cd:e5:34:aa:9e:6b:06:fb:
b3:9b:91:c2:75:c0:31:c4:e6:15:8b:54:41:60:15:05:d2:0f:
64:36:c4:a7:6a:fc:54:9e:30:5c:7a:db:f3:6d:0f:a0:43:f1:
2d:70:73:86:9a:84:33:8d:a2:e2:ea:dd:f4:65:61:62:19:8e:
80:3b:bf:19:37:10:a2:08:4f:4c:cc:71:4e:b3:d3:fd:a3:01:
07:88:33:b5:de:c9:83:4f:ae:a3:5e:03:b5:26:25:35:c2:88:
e7:0e:de:de:90:7b:a5:cf:27:c1:b0:01:23:35:65:be:14:1e:
bd:2b:94:38:e2:c8:40:e3:2f:a5:7c:11:a2:73:27:64:ce:50:
42:00:61:c7:99:1d:38:59:16:9c:c9:3b:eb:3a:b0:5c:93:c0:
20:23:ad:b9:da:67:02:4b:90:9b:aa:59:ac:36:0f:94:ca:b9:
4e:de:6f:a1:67:74:f1:9f:9e:10:28:ac:35:66:a5:2b:3c:d6:
ba:df:7f:d8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDfzD7hMjc/UyJqhpZuYw9eW/cMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMzJaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzMTg2ZDFhYWU5NTBjYjFmNzAzZTUxZTI0NGUzOTkwZmE3M2YwYWQ0Njlk
NWJlY2NlMjg3MzA1ZWQ5MzZkZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOKWx/sqQa7+mLg02ytMT7gqhHqWdNQbIf0QdJWSnU03qx8rQto08uLovvzp
2aiCEBzhhwdFufvqKQGxggCvkf0R+0AYICAgBRFpNPfh1b0WBkmM9b14hVkr85Ua
zy29bAwL9NEErwrpjZPzXkx21UbW7P+SEIklgzqRgTLc5ZZ1unlDZ8tZo51AYgHS
J1p4jzNLza/OgD8wSzjYZPTdEbOiXtpOzs2ow16mPUpRiofEDicepDCIN+sqhw0m
J1YvU2jDZcnXcP2q4kvwT1TVP/E0Houx9Zsj1EW6VIgKYhvZto2A27l4iZT1aP4F
4lwMPlf+H7bDa0uQzpZfcQjGTy8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRSdBKc
EkE2KKVkJqmfO9IBpVUIJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDAzMTg4OTEtNTUwOC00ZWI2LWJhY2UtZTI0NWZiZWIxNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAioDAN
BgkqhkiG9w0BAQsFAAOCAQEAEV35aTLUfopvPQByshPQZc2rJw2Yg4VvTYIcTpk7
C++20u+keWldLoOU6xcHtcuIu+DuqbymYrjRhH18UqGZLM3lNKqeawb7s5uRwnXA
McTmFYtUQWAVBdIPZDbEp2r8VJ4wXHrb820PoEPxLXBzhpqEM42i4urd9GVhYhmO
gDu/GTcQoghPTMxxTrPT/aMBB4gztd7Jg0+uo14DtSYlNcKI5w7e3pB7pc8nwbAB
IzVlvhQevSuUOOLIQOMvpXwRonMnZM5QQgBhx5kdOFkWnMk76zqwXJPAICOtudpn
AkuQm6pZrDYPlMq5Tt5voWd08Z+eECisNWalKzzWut9/2A==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:17 2025 by rpki-client