Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
File: 513c0075-edb1-461e-a07d-4eb5874bd9ce.roa (raw, json)
Hash identifier: W49UO4NfbwVALuJuXJYmoELQhYEpdqJUoT0t9R4mpgM=
Subject key identifier: 82:82:A1:54:D8:11:C8:9E:64:60:41:7C:0C:26:DE:61:66:33:82:45
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2112155638331012AACC9F12C16F52A3A0D82B96
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
Signing time: Mon 28 Jul 2025 16:10:30 +0000
ROA not before: Mon 28 Jul 2025 16:10:30 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.160.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:12:15:56:38:33:10:12:aa:cc:9f:12:c1:6f:52:a3:a0:d8:2b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:30 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=a243a0dae48e1047f5d8efb9b7038a54fce4d9fa82db6bfb524e543c4a71ebcc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:19:16:dd:af:a5:de:a8:4e:6c:18:a0:23:eb:
8e:b7:7f:9b:aa:82:d1:19:84:a1:db:d8:fb:ac:55:
07:4b:a1:eb:2f:04:a2:70:58:6d:04:8c:31:69:e0:
59:b8:7f:7d:32:ee:6a:5b:23:83:3f:03:d9:1d:1e:
1c:73:7c:62:c2:c6:67:51:31:2f:4e:46:4e:07:4c:
50:ef:87:5e:02:d3:58:5b:4d:44:45:f0:c4:aa:c0:
54:21:d3:42:18:77:c4:f0:56:fa:a6:bd:e9:c5:9b:
7b:39:55:c7:c2:92:64:ea:2c:fd:54:fe:4d:3c:55:
b5:82:14:aa:35:f9:44:7c:a6:19:96:78:85:a8:c2:
9f:0e:f2:6b:09:3c:7c:a1:72:dd:e2:89:f9:63:1f:
26:7a:29:b3:09:b1:1b:7d:67:14:f7:67:14:9e:6b:
96:38:47:6c:71:b6:5a:97:90:11:65:17:07:ca:a6:
00:79:ee:10:4d:95:2e:ac:c2:9f:99:7e:e8:a5:05:
af:83:25:c5:99:69:47:96:fd:8f:ef:99:28:db:82:
2d:83:7b:35:d0:19:36:e7:42:ca:74:38:e9:2b:65:
12:ae:71:e2:d4:2d:02:f1:8f:ad:d3:b3:6e:e4:6b:
43:63:2b:ca:1b:e9:59:83:32:8e:3b:57:0e:c5:99:
1b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:82:A1:54:D8:11:C8:9E:64:60:41:7C:0C:26:DE:61:66:33:82:45
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.160.0/20
Signature Algorithm: sha256WithRSAEncryption
c4:07:cc:b3:b4:6a:93:d5:c5:7e:b4:ab:39:3e:c7:9f:ef:88:
28:21:86:b3:30:cc:06:53:65:ea:17:3e:b4:ff:15:dc:59:bc:
d7:ab:ad:79:60:e3:66:b1:cd:16:cd:e8:d0:5d:9e:e4:e0:3b:
72:c3:7f:86:64:f3:2a:91:c7:a9:85:10:fc:76:e5:b5:8c:26:
5b:68:96:d6:2f:e8:a8:8c:12:4c:65:30:d5:a9:5b:fa:a0:c9:
62:e2:80:a6:90:04:63:da:46:b8:a4:9f:b5:e6:e1:81:f5:ec:
2b:01:84:85:66:d1:c8:c2:12:c9:4d:16:ba:00:4c:4d:d5:eb:
ef:90:02:ab:fe:c8:a3:e9:cc:eb:8e:ea:89:bc:b4:3b:85:ca:
a0:c5:29:1e:d4:ea:22:ad:3c:1e:f0:8a:56:cb:89:a7:29:69:
89:61:6a:fc:bc:96:ef:24:7d:38:84:df:ec:05:59:3b:2a:8a:
e8:ff:20:4c:6d:6b:dd:c4:55:9e:2d:56:ac:af:4f:dc:10:1b:
97:e4:93:02:fc:39:3f:50:20:0d:90:b7:24:8a:cb:23:48:a9:
76:16:68:a2:b4:7d:6d:0c:8f:aa:16:0e:d5:43:bf:ff:13:c0:
61:1f:30:8e:4e:f7:87:64:74:bc:63:c0:38:77:e6:06:3a:f8:
f5:85:4b:a0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIRIVVjgzEBKqzJ8SwW9So6DYK5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMzBaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyNDNhMGRhZTQ4ZTEwNDdmNWQ4ZWZiOWI3MDM4YTU0ZmNlNGQ5ZmE4MmRi
NmJmYjUyNGU1NDNjNGE3MWViY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4ZFt2vpd6oTmwYoCPrjrd/m6qC0RmEodvY+6xVB0uh6y8EonBYbQSMMWng
Wbh/fTLualsjgz8D2R0eHHN8YsLGZ1ExL05GTgdMUO+HXgLTWFtNREXwxKrAVCHT
Qhh3xPBW+qa96cWbezlVx8KSZOos/VT+TTxVtYIUqjX5RHymGZZ4hajCnw7yawk8
fKFy3eKJ+WMfJnopswmxG31nFPdnFJ5rljhHbHG2WpeQEWUXB8qmAHnuEE2VLqzC
n5l+6KUFr4MlxZlpR5b9j++ZKNuCLYN7NdAZNudCynQ46StlEq5x4tQtAvGPrdOz
buRrQ2MryhvpWYMyjjtXDsWZG5sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSCgqFU
2BHInmRgQXwMJt5hZjOCRTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTEzYzAwNzUtZWRiMS00NjFlLWEwN2QtNGViNTg3NGJkOWNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAioDAN
BgkqhkiG9w0BAQsFAAOCAQEAxAfMs7Rqk9XFfrSrOT7Hn++IKCGGszDMBlNl6hc+
tP8V3Fm816uteWDjZrHNFs3o0F2e5OA7csN/hmTzKpHHqYUQ/HbltYwmW2iW1i/o
qIwSTGUw1alb+qDJYuKAppAEY9pGuKSftebhgfXsKwGEhWbRyMISyU0WugBMTdXr
75ACq/7Io+nM647qiby0O4XKoMUpHtTqIq08HvCKVsuJpylpiWFq/LyW7yR9OITf
7AVZOyqK6P8gTG1r3cRVni1WrK9P3BAbl+STAvw5P1AgDZC3JIrLI0ipdhZoorR9
bQyPqhYO1UO//xPAYR8wjk73h2R0vGPAOHfmBjr49YVLoA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:18 2025 by rpki-client