Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
File: b2048b1c-363b-4b59-9d56-dc72187194a3.roa (raw, json)
Hash identifier: D2mdVZ9/8OXHIxtJ4eCInZVVR1bKYVvyVotdrjFGsOQ=
Subject key identifier: 8D:C2:7D:03:EF:D2:96:BA:81:2E:02:FF:28:AD:4B:B5:18:32:C4:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F3B155A5D252CE92DC0EF293E8AEEE3FA342F29
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
Signing time: Mon 28 Jul 2025 16:00:21 +0000
ROA not before: Mon 28 Jul 2025 16:00:21 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:3b:15:5a:5d:25:2c:e9:2d:c0:ef:29:3e:8a:ee:e3:fa:34:2f:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:00:21 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=2fa9e04b330794337e834c066c2ea5fc6b0b02352988df57017cc1c486118df5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:89:44:d5:99:2f:fc:05:06:17:60:da:62:3f:
91:4b:c4:f4:53:39:c0:08:76:bc:27:0b:0e:05:37:
7e:5b:42:f6:2d:22:b4:84:c7:3d:13:b9:b5:ae:50:
ba:ec:66:20:52:d8:35:4b:d7:45:a2:8e:8d:04:d8:
e9:8f:bd:72:52:fd:9e:6d:77:ff:99:e8:e1:5a:b0:
53:7c:23:2d:c1:6a:90:98:a7:c5:bc:63:54:35:5e:
37:df:51:d5:1c:8b:ed:31:e2:55:09:8e:97:f3:db:
32:02:af:17:6f:21:83:66:2c:59:23:97:dd:80:64:
fe:78:2c:78:45:99:0a:64:fd:5d:86:6f:5c:0f:73:
79:36:bb:a3:b1:2e:a4:02:d9:7f:c5:e5:79:56:6c:
d5:13:2a:ec:ab:a5:f0:15:70:05:bd:8e:31:3c:de:
6a:e2:90:be:ec:39:c0:37:2b:96:a2:57:59:96:46:
4a:22:c7:e3:56:1d:7a:eb:a7:18:72:db:91:43:04:
dd:2a:5e:d6:06:06:ea:18:20:f6:34:46:32:04:f8:
b3:1a:d5:4f:39:a6:73:3a:dc:3b:b4:1b:3b:4f:27:
c6:5b:7d:21:ea:f9:3c:30:e1:ce:c4:c4:a8:81:40:
b7:c8:58:a1:13:fd:b1:19:0d:f7:85:14:b8:9b:5e:
c4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:C2:7D:03:EF:D2:96:BA:81:2E:02:FF:28:AD:4B:B5:18:32:C4:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.20.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:f5:30:c0:4e:4a:71:d4:89:6f:45:e4:ac:53:64:25:ee:ec:
89:d9:95:9a:9c:c8:3b:e2:8b:64:06:49:af:b1:45:7c:1b:74:
6c:99:d1:e0:fb:6b:58:a9:84:d4:35:a7:d3:b1:ed:fb:86:9f:
b8:96:b3:39:67:40:f9:39:08:49:fa:58:48:2f:cb:0e:d0:a7:
25:52:fe:6f:0b:9d:47:ce:2d:8c:c9:4a:e7:76:8d:9d:b1:6f:
0c:c6:8c:f5:0e:75:b5:b9:fa:39:3d:95:54:2b:eb:cd:4e:ed:
12:70:56:21:62:47:af:b0:0b:05:3d:99:6c:ce:c6:fa:17:2e:
5a:99:e2:f1:17:e1:24:ae:0d:c1:bd:d0:e7:a3:70:1e:be:e1:
ac:0d:e2:7e:be:a7:21:b9:40:c7:e5:7e:17:01:da:42:50:ed:
6a:02:5e:85:85:fa:10:c2:0e:46:f7:7b:70:af:ef:f8:45:65:
62:25:6a:7c:5f:f8:b5:e7:60:07:9b:13:bf:e6:0f:7a:be:bd:
5f:c5:f0:ca:e9:75:df:bb:a6:95:7f:f2:2d:69:4d:6a:da:b3:
1a:e3:1e:63:f0:a2:0a:49:62:b6:db:38:42:94:69:e8:5a:c7:
8e:11:c4:d0:61:b8:5c:26:52:a8:b7:06:06:63:37:1b:3f:7e:
09:e7:f7:bd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDzsVWl0lLOktwO8pPoru4/o0LykwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjAwMjFaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmYTllMDRiMzMwNzk0MzM3ZTgzNGMwNjZjMmVhNWZjNmIwYjAyMzUyOTg4
ZGY1NzAxN2NjMWM0ODYxMThkZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeJRNWZL/wFBhdg2mI/kUvE9FM5wAh2vCcLDgU3fltC9i0itITHPRO5ta5Q
uuxmIFLYNUvXRaKOjQTY6Y+9clL9nm13/5no4VqwU3wjLcFqkJinxbxjVDVeN99R
1RyL7THiVQmOl/PbMgKvF28hg2YsWSOX3YBk/ngseEWZCmT9XYZvXA9zeTa7o7Eu
pALZf8XleVZs1RMq7Kul8BVwBb2OMTzeauKQvuw5wDcrlqJXWZZGSiLH41Ydeuun
GHLbkUME3Spe1gYG6hgg9jRGMgT4sxrVTzmmczrcO7QbO08nxlt9Ier5PDDhzsTE
qIFAt8hYoRP9sRkN94UUuJtexIMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSNwn0D
79KWuoEuAv8orUu1GDLEATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjIwNDhiMWMtMzYzYi00YjU5LTlkNTYtZGM3MjE4NzE5NGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiFDAN
BgkqhkiG9w0BAQsFAAOCAQEApfUwwE5KcdSJb0XkrFNkJe7sidmVmpzIO+KLZAZJ
r7FFfBt0bJnR4PtrWKmE1DWn07Ht+4afuJazOWdA+TkISfpYSC/LDtCnJVL+bwud
R84tjMlK53aNnbFvDMaM9Q51tbn6OT2VVCvrzU7tEnBWIWJHr7ALBT2ZbM7G+hcu
Wpni8RfhJK4Nwb3Q56NwHr7hrA3ifr6nIblAx+V+FwHaQlDtagJehYX6EMIORvd7
cK/v+EVlYiVqfF/4tedgB5sTv+YPer69X8Xwyul137umlX/yLWlNatqzGuMeY/Ci
Cklitts4QpRp6FrHjhHE0GG4XCZSqLcGBmM3Gz9+Cef3vQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:47 2025 by rpki-client