Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
File: c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa (raw, json)
Hash identifier: QV4l20c1cNbj0rb7GBcKmlguEaPmpfBjHNVG53i98oU=
Subject key identifier: F6:87:C7:3A:3A:49:FE:9E:E6:67:6A:8C:D1:FE:F6:4F:81:84:E3:05
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D1F0C74AD13F2BA54597C734F32023F51ECCE3E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
Signing time: Mon 28 Jul 2025 16:00:25 +0000
ROA not before: Mon 28 Jul 2025 16:00:25 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:1f:0c:74:ad:13:f2:ba:54:59:7c:73:4f:32:02:3f:51:ec:ce:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:00:25 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=1c0beb7b1e4f06dbef8d0ce22d41e2ac25414d79863b7b4c1dcedaa55dc7657e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4e:21:c5:3a:d0:c0:29:c4:06:06:5e:18:4f:
3a:61:36:2b:9c:14:aa:d7:ec:6c:c8:70:15:01:1e:
64:7a:a7:30:03:d9:c1:65:6b:5e:ea:b1:b2:b3:7a:
be:9b:dd:f3:69:51:ab:e8:fb:69:86:53:e2:e8:c0:
11:1c:d1:d5:71:6f:18:2f:fa:09:4b:16:db:18:44:
ff:cf:95:20:04:0a:6e:88:ab:d7:e7:f7:71:98:18:
c4:ba:92:3c:ce:3b:9a:7d:64:36:b6:cc:a5:0d:64:
61:dc:e0:39:74:67:36:e5:11:44:94:14:51:d3:b7:
c8:0e:6d:ab:08:02:30:93:f1:aa:f9:80:97:c7:e0:
60:54:bf:35:41:7b:2f:60:ee:f4:84:96:1c:76:34:
82:31:92:ef:00:67:10:f4:ce:78:dd:34:c4:aa:76:
01:e7:c7:00:ce:10:b6:ad:31:e9:93:e3:d0:b9:8e:
a3:67:77:b3:73:23:36:1c:a9:f5:81:ef:ac:a0:be:
d8:64:a1:f4:a6:6d:e7:d9:42:22:61:3e:27:23:b0:
05:6b:05:a7:f2:d4:d4:02:77:0d:dd:f2:ca:5b:d0:
2c:f3:8c:a5:e2:54:b7:b8:cc:45:11:cd:3c:2c:fa:
ac:05:69:25:5f:ce:44:b8:59:cb:32:31:1e:75:63:
ad:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:87:C7:3A:3A:49:FE:9E:E6:67:6A:8C:D1:FE:F6:4F:81:84:E3:05
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/20
Signature Algorithm: sha256WithRSAEncryption
57:a7:93:47:8a:7b:da:9a:90:d9:63:9e:ff:09:a5:1c:15:c1:
b8:4b:19:88:c8:31:21:51:3a:1a:1b:c1:e2:3e:5d:1e:19:90:
ef:ef:34:93:b8:f3:6c:cd:0b:4c:dc:6e:c0:65:44:96:ae:2e:
e9:82:65:56:de:51:37:64:aa:21:88:66:52:20:de:e7:df:41:
34:07:10:63:54:97:8f:b7:f8:2a:b2:22:b3:a8:5e:e5:71:fc:
2e:03:92:7c:6c:00:93:f2:e7:65:8f:62:55:89:f3:41:5c:3c:
14:5b:fa:45:89:bb:cd:58:b8:c1:da:a6:e1:e1:22:84:85:88:
da:18:35:aa:65:6b:4d:13:b0:aa:80:b8:89:0c:b3:02:f8:7a:
6c:7c:7e:d9:9a:70:22:8b:84:19:ae:b7:42:79:c8:e4:c3:5f:
5c:f0:45:de:e8:d6:6a:a0:23:31:58:59:44:c8:91:bd:e8:6a:
08:51:6f:09:23:6e:1d:b9:57:b9:28:fa:84:bc:2d:50:27:67:
b7:50:de:23:f8:d2:05:40:f7:10:a5:c9:be:6e:63:b0:ee:60:
57:d4:01:00:56:f6:98:20:73:c3:86:7a:33:50:5c:df:b6:07:
fe:0c:a7:42:6e:f9:dc:37:74:cf:66:88:01:9e:6a:d5:3a:6a:
e2:54:fb:f8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHR8MdK0T8rpUWXxzTzICP1Hszj4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjAwMjVaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjMGJlYjdiMWU0ZjA2ZGJlZjhkMGNlMjJkNDFlMmFjMjU0MTRkNzk4NjNi
N2I0YzFkY2VkYWE1NWRjNzY1N2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhOIcU60MApxAYGXhhPOmE2K5wUqtfsbMhwFQEeZHqnMAPZwWVrXuqxsrN6
vpvd82lRq+j7aYZT4ujAERzR1XFvGC/6CUsW2xhE/8+VIAQKboir1+f3cZgYxLqS
PM47mn1kNrbMpQ1kYdzgOXRnNuURRJQUUdO3yA5tqwgCMJPxqvmAl8fgYFS/NUF7
L2Du9ISWHHY0gjGS7wBnEPTOeN00xKp2AefHAM4Qtq0x6ZPj0LmOo2d3s3MjNhyp
9YHvrKC+2GSh9KZt59lCImE+JyOwBWsFp/LU1AJ3Dd3yylvQLPOMpeJUt7jMRRHN
PCz6rAVpJV/ORLhZyzIxHnVjrd8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT2h8c6
Okn+nuZnaozR/vZPgYTjBTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzJjZDRkZGYtOWEzOC00MjVhLTgwMjEtYzQ1ZWQ5NmM1MGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAigDAN
BgkqhkiG9w0BAQsFAAOCAQEAV6eTR4p72pqQ2WOe/wmlHBXBuEsZiMgxIVE6GhvB
4j5dHhmQ7+80k7jzbM0LTNxuwGVElq4u6YJlVt5RN2SqIYhmUiDe599BNAcQY1SX
j7f4KrIis6he5XH8LgOSfGwAk/LnZY9iVYnzQVw8FFv6RYm7zVi4wdqm4eEihIWI
2hg1qmVrTROwqoC4iQyzAvh6bHx+2ZpwIouEGa63QnnI5MNfXPBF3ujWaqAjMVhZ
RMiRvehqCFFvCSNuHblXuSj6hLwtUCdnt1DeI/jSBUD3EKXJvm5jsO5gV9QBAFb2
mCBzw4Z6M1Bc37YH/gynQm753Dd0z2aIAZ5q1Tpq4lT7+A==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:40 2025 by rpki-client