Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
File: e00516db-a674-4a02-8de9-e0ad569ecc6f.roa (raw, json)
Hash identifier: 5QHwpf8X9KxwSEBr45sBOQSgs9K6gpfvaKgVxEB9NZk=
Subject key identifier: 2A:18:0F:91:46:9F:FB:79:C2:46:C0:DA:DD:26:9A:B8:EE:4A:3A:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28B33F2EC6E57FD117BFEE4FA32CB565ACFE5638
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
Signing time: Mon 28 Jul 2025 16:10:33 +0000
ROA not before: Mon 28 Jul 2025 16:10:33 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:b3:3f:2e:c6:e5:7f:d1:17:bf:ee:4f:a3:2c:b5:65:ac:fe:56:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:33 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=c41aa5fd26dad045b193530710a7ed7f9358143aab9148837d2b7ebfa93418c6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a2:0e:98:fc:e6:25:f1:ee:91:43:ee:54:c6:
53:77:a4:f7:08:c5:75:15:c1:33:44:0a:c8:ca:bf:
7e:5b:57:68:fb:70:54:c0:6c:2c:ae:20:37:4c:1d:
55:ee:95:0c:d1:c4:f6:d0:7a:6d:51:a4:63:66:f9:
55:44:42:bc:17:c2:fa:c8:cc:72:71:63:fa:e1:7c:
1a:dc:36:0e:45:36:90:60:5f:80:5a:ec:88:4b:1e:
88:a0:18:91:a9:d5:c1:fe:85:82:5d:66:07:e8:fa:
7c:f2:a9:9e:19:e5:cc:c6:4b:c4:33:92:76:e0:1c:
3d:84:3d:5c:8c:bc:d9:75:b7:31:6d:18:05:67:0c:
56:50:03:18:fb:b6:41:98:da:9c:58:44:fb:9a:09:
66:16:f3:d8:2a:81:41:17:bb:1e:72:64:78:c6:05:
0b:7c:14:92:6b:b5:c9:ca:64:c4:76:40:0f:d3:c0:
36:66:b1:90:89:28:d5:e1:ed:8d:1c:57:64:03:29:
10:df:99:94:37:71:a9:98:42:67:de:83:d9:1e:c6:
ea:e0:d0:2e:79:c0:86:1d:bd:b4:b1:40:7a:eb:33:
17:5b:74:9f:b6:45:74:60:d7:d6:99:31:bb:10:9e:
45:4a:0e:b8:39:78:33:0b:e9:2c:39:89:60:9e:31:
f1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:18:0F:91:46:9F:FB:79:C2:46:C0:DA:DD:26:9A:B8:EE:4A:3A:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.176.0/20
Signature Algorithm: sha256WithRSAEncryption
65:63:fc:55:c3:c2:d9:74:d9:ff:41:07:2e:1b:1a:c9:5e:f3:
b6:6d:21:74:5f:3a:f8:79:bf:a1:d7:60:e7:6b:fc:72:10:f7:
63:0e:dc:a3:dd:f0:0d:2b:04:f0:d4:8c:bd:6b:13:68:ba:db:
df:7a:d4:b4:24:da:82:64:e1:80:7f:74:04:59:42:09:59:be:
88:c8:73:09:ad:03:26:58:33:c8:27:32:04:4e:6f:e1:b9:4c:
31:c4:b1:8b:ba:8b:f2:46:bf:dc:fc:08:4c:8a:18:04:27:9c:
af:ba:02:a3:3e:4f:92:d9:90:6c:e4:a7:93:0f:35:ea:43:5a:
e0:8a:7a:5a:25:bb:f1:38:16:31:18:78:1f:1b:a2:5f:94:5b:
2b:07:c8:26:35:b0:65:8a:4a:83:5f:aa:5e:33:76:a0:0d:52:
d1:8f:ef:ac:d7:03:f6:b4:26:7f:37:10:ce:52:1b:0e:58:bf:
d9:06:28:64:aa:76:20:2a:c1:eb:b7:b0:c8:00:b0:14:a6:eb:
6e:61:5a:b9:a7:80:a7:11:e5:dc:c1:c7:b7:5f:bb:dd:8a:6f:
37:df:ac:27:ca:4a:d5:73:5b:12:57:c8:a2:e9:30:39:c1:a6:
c0:1d:ce:16:88:9f:ca:bb:88:b0:25:82:bb:e5:6c:c5:15:92:
6d:77:84:f2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKLM/Lsblf9EXv+5Poyy1Zaz+VjgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMzNaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0MWFhNWZkMjZkYWQwNDViMTkzNTMwNzEwYTdlZDdmOTM1ODE0M2FhYjkx
NDg4MzdkMmI3ZWJmYTkzNDE4YzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJqiDpj85iXx7pFD7lTGU3ek9wjFdRXBM0QKyMq/fltXaPtwVMBsLK4gN0wd
Ve6VDNHE9tB6bVGkY2b5VURCvBfC+sjMcnFj+uF8Gtw2DkU2kGBfgFrsiEseiKAY
kanVwf6Fgl1mB+j6fPKpnhnlzMZLxDOSduAcPYQ9XIy82XW3MW0YBWcMVlADGPu2
QZjanFhE+5oJZhbz2CqBQRe7HnJkeMYFC3wUkmu1ycpkxHZAD9PANmaxkIko1eHt
jRxXZAMpEN+ZlDdxqZhCZ96D2R7G6uDQLnnAhh29tLFAeuszF1t0n7ZFdGDX1pkx
uxCeRUoOuDl4MwvpLDmJYJ4x8aUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQqGA+R
Rp/7ecJGwNrdJpq47ko6DzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTAwNTE2ZGItYTY3NC00YTAyLThkZTktZTBhZDU2OWVjYzZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAisDAN
BgkqhkiG9w0BAQsFAAOCAQEAZWP8VcPC2XTZ/0EHLhsayV7ztm0hdF86+Hm/oddg
52v8chD3Yw7co93wDSsE8NSMvWsTaLrb33rUtCTagmThgH90BFlCCVm+iMhzCa0D
JlgzyCcyBE5v4blMMcSxi7qL8ka/3PwITIoYBCecr7oCoz5PktmQbOSnkw816kNa
4Ip6WiW78TgWMRh4HxuiX5RbKwfIJjWwZYpKg1+qXjN2oA1S0Y/vrNcD9rQmfzcQ
zlIbDli/2QYoZKp2ICrB67ewyACwFKbrbmFauaeApxHl3MHHt1+73YpvN9+sJ8pK
1XNbElfIoukwOcGmwB3OFoifyruIsCWCu+VsxRWSbXeE8g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:04 2025 by rpki-client