Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4df3a9b8-4cdc-4366-a38e-16d2eab129b7.roa
File: 4df3a9b8-4cdc-4366-a38e-16d2eab129b7.roa (raw, json)
Hash identifier: YSkpCC897GSeViGAZ9sgpfIXyQ0jUle1P23kjzz3qT0=
Subject key identifier: E5:35:0C:52:DF:84:D8:B1:30:AD:42:80:3E:EC:57:FA:24:1E:D9:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7468A3B36A2D46350CC34A811899167CF67B5052
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4df3a9b8-4cdc-4366-a38e-16d2eab129b7.roa
Signing time: Mon 28 Jul 2025 16:10:29 +0000
ROA not before: Mon 28 Jul 2025 16:10:29 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:68:a3:b3:6a:2d:46:35:0c:c3:4a:81:18:99:16:7c:f6:7b:50:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:29 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=00c614af092a9d45369679679e58273874a71bded8bf9ea46f552d18bb252478, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ab:9e:1c:90:1a:24:2d:d2:7d:9d:48:74:02:
39:7a:37:48:c2:2e:ad:10:6d:b4:56:f7:ed:01:6c:
23:df:b6:15:4e:ad:45:d5:75:75:a4:4e:53:41:26:
23:de:16:84:0c:f2:e8:35:d5:f4:d1:f0:c9:7d:89:
92:5f:96:7a:81:c0:6b:50:12:98:5f:28:48:18:65:
9c:92:c2:c1:37:e0:2c:12:89:b4:43:7f:9f:0e:23:
d0:17:00:68:a4:f7:8a:35:9d:78:7c:26:bd:16:81:
7d:f4:bf:41:90:46:9c:94:9f:f7:bc:d7:1f:23:00:
13:bd:b3:13:0d:78:b7:1e:0e:3a:83:b6:a5:d5:bd:
66:f6:db:13:31:86:75:a3:98:da:27:b2:b6:89:05:
e9:4a:4a:ee:d4:7d:87:32:38:c5:71:97:9f:53:82:
13:8e:e2:6f:54:0f:1f:c9:f9:1e:f4:fa:6e:c5:3f:
df:19:44:25:f4:72:0f:5c:d9:7d:36:b5:84:db:8e:
70:ce:72:21:9c:5a:95:b0:37:f6:2f:81:cb:13:12:
36:5b:fb:87:cc:ad:85:c7:5f:db:9a:55:06:27:ed:
92:97:77:ec:3f:02:0b:3c:4a:77:5a:6c:67:88:f1:
42:cd:d1:8d:d9:a4:53:d1:74:83:ae:03:ef:ef:8f:
59:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:35:0C:52:DF:84:D8:B1:30:AD:42:80:3E:EC:57:FA:24:1E:D9:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4df3a9b8-4cdc-4366-a38e-16d2eab129b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.32.0/19
Signature Algorithm: sha256WithRSAEncryption
bc:b4:2f:7d:eb:5f:6b:d3:ce:8f:24:af:cf:20:49:d1:75:1c:
11:8c:9d:ef:90:30:b4:68:2c:cc:41:f5:82:0f:a5:cb:51:e7:
60:cf:a5:92:90:38:84:9d:42:e8:3d:e7:b4:39:0b:6d:7a:81:
7a:21:31:03:75:bb:95:14:10:86:5c:32:80:19:aa:57:89:c6:
1e:09:8f:8a:12:9e:d3:13:e6:43:5f:04:cb:59:f5:a9:a9:f8:
d6:dc:6d:1f:c1:c8:c2:46:9c:24:92:2f:44:9b:58:d5:12:bb:
0a:73:7c:c5:88:12:61:15:b8:09:26:48:01:1d:6a:88:7b:4a:
95:74:bd:d7:f1:0f:fc:35:74:6c:c4:44:e9:37:e2:c2:49:67:
5b:16:5a:d0:7c:cf:9e:cb:fa:2b:52:1f:c9:52:13:d9:78:16:
80:fc:c2:ae:0f:84:b2:36:a4:9e:00:40:79:bc:d5:e6:58:77:
a4:57:a0:59:32:a7:e8:ae:78:bd:be:e0:2f:1c:72:63:28:e1:
ef:d7:8a:59:51:ae:01:99:41:9e:13:bc:30:89:e6:58:0e:25:
73:4f:a2:35:2a:ee:67:04:65:2c:72:bc:b8:da:34:18:32:b0:
0b:4d:7f:26:e9:7e:c8:b8:0c:d8:19:94:df:db:c8:5a:9e:cd:
7b:cc:10:f2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdGijs2otRjUMw0qBGJkWfPZ7UFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMjlaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwYzYxNGFmMDkyYTlkNDUzNjk2Nzk2NzllNTgyNzM4NzRhNzFiZGVkOGJm
OWVhNDZmNTUyZDE4YmIyNTI0NzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMarnhyQGiQt0n2dSHQCOXo3SMIurRBttFb37QFsI9+2FU6tRdV1daROU0Em
I94WhAzy6DXV9NHwyX2Jkl+WeoHAa1ASmF8oSBhlnJLCwTfgLBKJtEN/nw4j0BcA
aKT3ijWdeHwmvRaBffS/QZBGnJSf97zXHyMAE72zEw14tx4OOoO2pdW9ZvbbEzGG
daOY2ieytokF6UpK7tR9hzI4xXGXn1OCE47ib1QPH8n5HvT6bsU/3xlEJfRyD1zZ
fTa1hNuOcM5yIZxalbA39i+ByxMSNlv7h8ythcdf25pVBiftkpd37D8CCzxKd1ps
Z4jxQs3RjdmkU9F0g64D7++PWU0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTlNQxS
34TYsTCtQoA+7Ff6JB7ZPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRmM2E5YjgtNGNkYy00MzY2LWEzOGUtMTZkMmVhYjEyOWI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiIDAN
BgkqhkiG9w0BAQsFAAOCAQEAvLQvfetfa9POjySvzyBJ0XUcEYyd75AwtGgszEH1
gg+ly1HnYM+lkpA4hJ1C6D3ntDkLbXqBeiExA3W7lRQQhlwygBmqV4nGHgmPihKe
0xPmQ18Ey1n1qan41txtH8HIwkacJJIvRJtY1RK7CnN8xYgSYRW4CSZIAR1qiHtK
lXS91/EP/DV0bMRE6TfiwklnWxZa0HzPnsv6K1IfyVIT2XgWgPzCrg+EsjakngBA
ebzV5lh3pFegWTKn6K54vb7gLxxyYyjh79eKWVGuAZlBnhO8MInmWA4lc0+iNSru
ZwRlLHK8uNo0GDKwC01/Jul+yLgM2BmU39vIWp7Ne8wQ8g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:52 2025 by rpki-client