Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
File: 65fd1736-b3cd-4b5b-abca-9d430a70e064.roa (raw, json)
Hash identifier: 8zQ9dt20W2ZxWxrtOjJ+QppPvNqdYJIq3TeWNCvCQV8=
Subject key identifier: A1:86:43:4B:F1:A2:A1:AF:F8:04:73:53:9A:2E:5C:90:8D:93:73:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6010845CF59384E0ABE1D17199E35C62761D1699
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
Signing time: Mon 28 Jul 2025 16:10:39 +0000
ROA not before: Mon 28 Jul 2025 16:10:39 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:10:84:5c:f5:93:84:e0:ab:e1:d1:71:99:e3:5c:62:76:1d:16:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:39 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=5961986a7c2868ef2c16316ced843e2aa908434a11f53b86bbd9b1a3f3a9eb87, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:fe:e1:8c:59:bc:55:2a:b4:92:07:55:02:66:
e5:d6:80:07:cf:c8:86:95:90:76:1a:6e:1e:17:89:
75:b6:79:57:17:48:63:2e:fb:15:02:9b:81:73:e9:
34:cd:7f:df:b7:85:ba:1c:80:a6:79:07:1d:98:31:
67:89:93:f8:e8:27:23:f5:cf:e3:f0:04:88:d6:ed:
76:3f:1f:f5:c1:c0:9a:3d:61:b5:62:54:19:55:dd:
f3:c8:d3:a3:32:3e:ce:34:9b:69:dc:72:20:6f:99:
2a:2d:ab:00:58:10:4e:1e:57:64:cd:f4:8a:1a:0e:
cb:b6:9f:a7:a6:a8:ab:5e:08:6e:9b:b7:46:db:e3:
ea:f5:06:f6:b6:19:fc:ba:96:ba:9f:52:00:f8:4d:
c2:67:38:79:23:ee:ac:65:89:60:4c:af:ca:83:b9:
ad:d3:d8:11:fb:b4:6a:78:52:b6:5e:1f:de:6f:94:
44:7d:c2:9f:09:d0:70:9c:b6:5a:c8:3c:7b:79:d2:
5d:2d:82:1e:f4:bb:d7:80:e7:2d:13:78:5c:e8:20:
de:dd:06:0a:c9:2b:7d:86:7d:79:9e:63:71:44:b7:
d0:a3:7d:ac:d9:8b:88:66:eb:c1:8c:39:83:70:f9:
30:f5:f5:28:9e:af:2b:81:32:91:fb:70:71:c4:a3:
3c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:86:43:4B:F1:A2:A1:AF:F8:04:73:53:9A:2E:5C:90:8D:93:73:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.192.0/18
Signature Algorithm: sha256WithRSAEncryption
17:0d:75:3d:f2:2f:f5:43:02:a5:0b:ab:a8:b9:8f:0d:ce:f9:
d5:da:3b:fa:51:92:45:a7:09:3d:ab:04:d4:ad:bb:1e:cd:49:
b8:ac:74:74:10:18:0e:d0:3f:53:f9:2b:da:4e:00:39:89:13:
ee:75:77:3b:f8:f6:51:e4:41:95:1d:2e:e1:35:18:78:9a:d2:
b5:ae:5a:c0:15:13:87:e6:94:91:a3:ba:5e:ee:85:d8:30:b0:
71:0d:d0:25:40:c8:a2:5a:96:4f:4e:98:4c:27:df:cd:cb:7f:
a5:78:97:7f:12:53:bc:17:c3:e1:5d:03:c2:d6:4d:4e:48:f7:
57:46:76:3f:17:cc:5b:eb:ba:77:23:d0:80:d3:34:92:37:b2:
71:f8:80:91:6f:61:82:b7:16:f9:84:21:e3:fa:42:94:1d:95:
67:4c:33:b0:2e:08:03:d5:35:7e:7f:bb:a7:9d:d3:f6:4a:c2:
55:3c:14:0e:8f:4e:22:00:c9:b6:14:63:ba:33:f8:40:8e:cb:
d8:cf:bc:11:b8:30:02:97:f7:ac:dc:50:76:6c:d7:22:e6:54:
63:84:72:8b:82:b9:07:e0:69:d5:28:db:ca:22:15:48:3a:15:
c0:b3:96:5c:59:e9:0a:45:3c:af:69:52:28:ae:90:df:3b:46:
d5:ed:07:2f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYBCEXPWThOCr4dFxmeNcYnYdFpkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMzlaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5NjE5ODZhN2MyODY4ZWYyYzE2MzE2Y2VkODQzZTJhYTkwODQzNGExMWY1
M2I4NmJiZDliMWEzZjNhOWViODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPr+4YxZvFUqtJIHVQJm5daAB8/IhpWQdhpuHheJdbZ5VxdIYy77FQKbgXPp
NM1/37eFuhyApnkHHZgxZ4mT+OgnI/XP4/AEiNbtdj8f9cHAmj1htWJUGVXd88jT
ozI+zjSbadxyIG+ZKi2rAFgQTh5XZM30ihoOy7afp6aoq14Ibpu3Rtvj6vUG9rYZ
/LqWup9SAPhNwmc4eSPurGWJYEyvyoO5rdPYEfu0anhStl4f3m+URH3CnwnQcJy2
Wsg8e3nSXS2CHvS714DnLRN4XOgg3t0GCskrfYZ9eZ5jcUS30KN9rNmLiGbrwYw5
g3D5MPX1KJ6vK4EykftwccSjPNMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBShhkNL
8aKhr/gEc1OaLlyQjZNzOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjVmZDE3MzYtYjNjZC00YjViLWFiY2EtOWQ0MzBhNzBlMDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAFw11PfIv9UMCpQurqLmPDc751do7+lGSRacJPasE
1K27Hs1JuKx0dBAYDtA/U/kr2k4AOYkT7nV3O/j2UeRBlR0u4TUYeJrSta5awBUT
h+aUkaO6Xu6F2DCwcQ3QJUDIolqWT06YTCffzct/pXiXfxJTvBfD4V0DwtZNTkj3
V0Z2PxfMW+u6dyPQgNM0kjeycfiAkW9hgrcW+YQh4/pClB2VZ0wzsC4IA9U1fn+7
p53T9krCVTwUDo9OIgDJthRjujP4QI7L2M+8EbgwApf3rNxQdmzXIuZUY4Ryi4K5
B+Bp1SjbyiIVSDoVwLOWXFnpCkU8r2lSKK6Q3ztG1e0HLw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:19 2025 by rpki-client