Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
File: 54957543-b22c-43fb-b523-8f40c64fe15d.roa (raw, json)
Hash identifier: FvQi1xynSqp1LMGi2Q+9yoZmgixgswa2nqYQBJmFc3w=
Subject key identifier: 6A:35:75:45:A7:67:7B:BF:02:A2:D8:8E:45:D4:A9:F7:27:A0:AE:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B4F6A38E1A63B0C3FD0864CE8B5A4C0E9802040
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
Signing time: Mon 28 Jul 2025 16:10:40 +0000
ROA not before: Mon 28 Jul 2025 16:10:40 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:4f:6a:38:e1:a6:3b:0c:3f:d0:86:4c:e8:b5:a4:c0:e9:80:20:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:40 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=934e79812537b2e848003c5bd5974056a5ef45d131971b9b23f2a816fa25eeb0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2d:aa:e4:c3:b9:57:a7:f1:de:f2:65:f1:9f:
61:e3:57:e4:de:52:10:4b:66:7e:fb:2c:3c:d6:af:
dc:a1:73:33:ee:68:49:2d:dd:fd:e4:1e:98:8f:35:
d0:8c:cb:72:18:b4:6a:52:71:ae:94:6a:6b:c2:c1:
3a:f2:ff:2d:c3:f0:a5:4d:e8:e6:6b:82:6a:8b:bd:
50:5d:3c:66:69:95:64:10:28:82:18:38:c7:37:aa:
1b:c6:32:b1:59:c5:92:84:74:24:c2:ef:4b:9a:85:
1b:dc:d0:5c:c2:fd:99:ea:ff:28:37:76:8f:0c:1e:
55:00:4b:db:7a:1f:f4:51:23:13:25:ef:87:62:b2:
3d:27:79:bd:e0:e8:f9:62:20:78:c2:3a:ed:85:ec:
a8:be:2f:c4:6c:0f:ec:df:78:e3:cd:41:53:a4:9e:
bc:7d:93:59:1a:bb:4c:61:18:cb:97:2c:69:39:f9:
4c:f8:6c:fa:85:f3:73:db:10:b0:47:a9:d0:82:15:
8b:24:41:fd:00:69:d8:5f:e0:44:56:ff:0f:08:56:
d9:3e:43:d2:e1:92:71:9a:44:7a:ac:e3:e5:9e:38:
48:c3:95:1e:04:8a:d1:a0:b6:03:5f:a5:10:a1:a5:
a6:c3:4a:f3:35:8c:6f:9d:4e:9a:c2:d9:39:27:93:
f9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:35:75:45:A7:67:7B:BF:02:A2:D8:8E:45:D4:A9:F7:27:A0:AE:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.192.0/19
Signature Algorithm: sha256WithRSAEncryption
a5:3e:2d:e7:94:15:2e:ca:e4:29:32:8b:6a:6f:6f:3e:58:35:
01:89:d3:24:6a:ab:77:58:cb:8b:86:cd:4e:3f:1d:b4:c1:3f:
99:80:d2:30:92:5d:c4:f9:98:76:98:ad:e4:88:8d:8e:13:05:
13:60:fe:52:c3:34:bc:cd:6f:80:da:3a:e3:a7:dd:cc:8f:6e:
0c:2f:69:32:03:9f:56:c3:25:cd:44:0d:2c:45:46:34:ee:ae:
d3:0a:d7:36:91:7c:b3:ed:3a:26:bb:7e:ae:33:a3:6c:69:27:
f0:83:db:a3:08:d0:85:d6:60:20:b1:13:5e:36:23:1c:c7:ff:
37:f9:f3:26:d6:dd:1f:81:df:c9:d9:42:12:96:bc:81:47:cb:
58:5e:a3:e1:ad:61:b4:93:a0:37:96:6f:99:61:f9:df:af:9f:
bd:61:c4:d4:fb:c6:40:e6:33:77:da:4f:62:75:4a:59:44:f4:
1d:0c:70:38:4e:8d:c9:06:2f:dc:df:b4:45:1c:81:9d:3d:c6:
77:bb:ca:ef:8f:18:f7:26:21:81:45:f7:ec:e1:f8:24:1b:37:
39:f7:1b:b4:25:54:1f:d0:9b:25:6e:7e:e1:96:61:d8:84:09:
8d:dd:20:a1:53:80:84:e2:04:bf:48:51:b7:a3:19:b3:09:93:
39:73:06:bc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUC09qOOGmOww/0IZM6LWkwOmAIEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwNDBaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzNGU3OTgxMjUzN2IyZTg0ODAwM2M1YmQ1OTc0MDU2YTVlZjQ1ZDEzMTk3
MWI5YjIzZjJhODE2ZmEyNWVlYjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKctquTDuVen8d7yZfGfYeNX5N5SEEtmfvssPNav3KFzM+5oSS3d/eQemI81
0IzLchi0alJxrpRqa8LBOvL/LcPwpU3o5muCaou9UF08ZmmVZBAoghg4xzeqG8Yy
sVnFkoR0JMLvS5qFG9zQXML9mer/KDd2jwweVQBL23of9FEjEyXvh2KyPSd5veDo
+WIgeMI67YXsqL4vxGwP7N94481BU6SevH2TWRq7TGEYy5csaTn5TPhs+oXzc9sQ
sEep0IIViyRB/QBp2F/gRFb/DwhW2T5D0uGScZpEeqzj5Z44SMOVHgSK0aC2A1+l
EKGlpsNK8zWMb51OmsLZOSeT+WUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRqNXVF
p2d7vwKi2I5F1Kn3J6CufTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQ5NTc1NDMtYjIyYy00M2ZiLWI1MjMtOGY0MGM2NGZlMTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiwDAN
BgkqhkiG9w0BAQsFAAOCAQEApT4t55QVLsrkKTKLam9vPlg1AYnTJGqrd1jLi4bN
Tj8dtME/mYDSMJJdxPmYdpit5IiNjhMFE2D+UsM0vM1vgNo646fdzI9uDC9pMgOf
VsMlzUQNLEVGNO6u0wrXNpF8s+06Jrt+rjOjbGkn8IPbowjQhdZgILETXjYjHMf/
N/nzJtbdH4HfydlCEpa8gUfLWF6j4a1htJOgN5ZvmWH536+fvWHE1PvGQOYzd9pP
YnVKWUT0HQxwOE6NyQYv3N+0RRyBnT3Gd7vK748Y9yYhgUX37OH4JBs3OfcbtCVU
H9CbJW5+4ZZh2IQJjd0goVOAhOIEv0hRt6MZswmTOXMGvA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:56 2025 by rpki-client