Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
File: 4b12830e-a860-4a14-b52f-5284626c1a96.roa (raw, json)
Hash identifier: avG8mKuiswpL11MzQrtk7NemZo1/z38yRDSQx98O5jw=
Subject key identifier: 0B:B2:FE:B9:A7:06:C3:49:5D:88:F9:C0:81:B6:40:CA:B3:F1:B2:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37CDB6ACD56776DAB27F6F261C60A291FF504D76
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
Signing time: Mon 28 Jul 2025 16:10:28 +0000
ROA not before: Mon 28 Jul 2025 16:10:28 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:cd:b6:ac:d5:67:76:da:b2:7f:6f:26:1c:60:a2:91:ff:50:4d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:28 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=3fa6ff8418e17984623c01fcc06a49cfe56ad681d49543b2282416c9eb27976e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0b:13:b0:40:17:c5:26:bd:c3:33:11:58:d7:
87:45:0a:4f:86:fe:1f:ae:91:5c:aa:18:35:07:d5:
46:4a:28:de:56:f7:28:12:c0:5e:31:5e:56:b0:3a:
41:e5:0b:5e:d6:f6:c2:4c:18:bd:45:0d:85:d3:05:
dd:84:a6:29:e1:13:ba:37:d0:10:48:c7:20:7f:2e:
02:b3:2b:85:f3:68:52:30:a3:b2:d8:ed:be:96:2a:
82:45:e5:25:b6:4c:8d:06:a9:53:57:51:4a:85:66:
c3:f0:1d:a0:a6:12:31:26:86:9f:4e:23:ec:26:9a:
bd:8c:7f:f3:54:ee:3f:e5:99:c6:33:8e:e4:63:85:
34:16:31:c4:8e:b3:c0:74:71:7c:f4:d7:48:c3:93:
4d:d2:72:2d:26:02:08:a8:57:31:11:0a:62:26:7a:
45:e6:b5:a6:ae:6c:27:19:07:62:f7:30:ae:41:9d:
1d:bf:36:e5:ef:dc:ed:6e:7d:cf:81:da:3b:24:4a:
ff:f3:c9:9d:89:72:07:5f:b4:f4:66:67:a8:ea:ab:
1b:7c:4a:d6:57:1c:99:e9:5e:00:ac:da:04:73:30:
1e:8a:5b:4c:af:f7:a8:f8:8b:54:97:7d:0b:0f:77:
e5:5b:5c:aa:04:9d:fa:bd:ae:f4:83:aa:c9:69:21:
5c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B2:FE:B9:A7:06:C3:49:5D:88:F9:C0:81:B6:40:CA:B3:F1:B2:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b1:24:08:79:85:ba:24:4c:f2:c8:e5:ba:ff:40:af:82:1e:74:
9a:7c:cf:b3:ab:71:b1:44:0e:2c:f1:9d:87:cd:2d:8b:3c:e3:
15:dd:d4:fb:ed:fe:bb:24:46:58:ba:e0:15:f4:bf:c1:38:62:
53:7f:c1:4c:6e:21:f2:58:ba:b8:56:bc:07:52:79:cf:2b:1e:
53:2f:8b:75:85:c0:e0:11:45:ac:cf:de:04:51:96:9e:86:2b:
08:12:e1:d9:18:ee:e5:8d:c6:c6:01:c2:51:dc:f3:5a:a8:94:
ae:5d:ba:c0:35:d2:12:2b:20:c5:7e:fb:0a:ab:55:92:b5:2c:
8c:78:cd:58:e4:bf:b6:54:f0:ae:50:71:d6:ba:1e:be:07:43:
22:68:40:13:89:f6:4f:62:38:21:bc:87:13:64:56:75:f1:81:
d6:a7:83:71:a3:06:10:46:ea:ac:b5:9a:0d:9b:a0:0b:4f:9d:
c2:4f:d6:92:46:08:be:c6:e4:ef:20:dd:ad:bd:d8:d7:04:59:
8e:4f:49:77:bf:fa:67:e6:4d:01:ed:d8:e9:c5:b2:33:ed:08:
0b:51:00:fe:9d:cb:2c:76:52:9d:33:20:04:05:f4:5e:9f:52:
9a:f1:46:e1:e7:8a:02:8b:1b:af:c8:44:04:8d:e7:e9:8a:db:
c7:f2:93:94
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUN822rNVndtqyf28mHGCikf9QTXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMjhaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmYTZmZjg0MThlMTc5ODQ2MjNjMDFmY2MwNmE0OWNmZTU2YWQ2ODFkNDk1
NDNiMjI4MjQxNmM5ZWIyNzk3NmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsLE7BAF8UmvcMzEVjXh0UKT4b+H66RXKoYNQfVRkoo3lb3KBLAXjFeVrA6
QeULXtb2wkwYvUUNhdMF3YSmKeETujfQEEjHIH8uArMrhfNoUjCjstjtvpYqgkXl
JbZMjQapU1dRSoVmw/AdoKYSMSaGn04j7CaavYx/81TuP+WZxjOO5GOFNBYxxI6z
wHRxfPTXSMOTTdJyLSYCCKhXMREKYiZ6Rea1pq5sJxkHYvcwrkGdHb825e/c7W59
z4HaOyRK//PJnYlyB1+09GZnqOqrG3xK1lccmeleAKzaBHMwHopbTK/3qPiLVJd9
Cw935VtcqgSd+r2u9IOqyWkhXNMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQLsv65
pwbDSV2I+cCBtkDKs/GymDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGIxMjgzMGUtYTg2MC00YTE0LWI1MmYtNTI4NDYyNmMxYTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDALAiMA0G
CSqGSIb3DQEBCwUAA4IBAQCxJAh5hbokTPLI5br/QK+CHnSafM+zq3GxRA4s8Z2H
zS2LPOMV3dT77f67JEZYuuAV9L/BOGJTf8FMbiHyWLq4VrwHUnnPKx5TL4t1hcDg
EUWsz94EUZaehisIEuHZGO7ljcbGAcJR3PNaqJSuXbrANdISKyDFfvsKq1WStSyM
eM1Y5L+2VPCuUHHWuh6+B0MiaEATifZPYjghvIcTZFZ18YHWp4NxowYQRuqstZoN
m6ALT53CT9aSRgi+xuTvIN2tvdjXBFmOT0l3v/pn5k0B7djpxbIz7QgLUQD+ncss
dlKdMyAEBfRen1Ka8Ubh54oCixuvyEQEjefpitvH8pOU
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:40 2025 by rpki-client