Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
File: e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa (raw, json)
Hash identifier: 9E6KIzhvI9XJ+1OTSaSlZhIgBKmMh3KDzWzgLlYuIlE=
Subject key identifier: 18:A7:07:A5:66:C0:E2:40:B1:59:FC:AA:18:A1:07:01:78:2D:EA:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10D2E90AAC616CF886451CC7A9B19F32FE9B022A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
Signing time: Mon 28 Jul 2025 16:00:20 +0000
ROA not before: Mon 28 Jul 2025 16:00:20 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:d2:e9:0a:ac:61:6c:f8:86:45:1c:c7:a9:b1:9f:32:fe:9b:02:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:00:20 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=a70bd9c914698d1353876b16a67a9d85f32092b4253bc27ef70819393a37ac1f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2e:8b:85:a9:15:94:44:83:f9:5a:bc:1b:af:
1b:31:83:85:01:21:ff:3e:ae:e4:5a:a2:f1:7e:b7:
67:b5:44:ea:d7:e9:8b:de:b1:ef:2a:8d:bb:29:78:
27:a9:00:4b:c7:d9:78:7a:b2:a5:f4:fa:46:8d:0b:
45:e0:2d:a7:a9:45:c6:0b:23:6b:29:a9:3f:56:40:
81:b3:dd:8a:f2:e8:8f:fb:29:c8:f2:f7:c2:da:a1:
c1:38:7a:d6:6c:f4:98:c8:77:d7:3d:55:69:e4:9e:
6d:e8:a8:58:54:7b:05:a1:4a:c6:90:f7:91:aa:1f:
4d:5f:97:6b:43:b8:75:5d:83:50:dc:72:8d:12:63:
3a:bb:98:33:13:7a:1e:32:99:dd:fd:7c:0c:4f:cf:
40:f1:1d:2d:6a:93:2c:db:e1:74:6a:9d:f3:2b:f2:
c7:d4:93:bd:29:f6:fe:06:c2:0a:bc:0b:02:ea:67:
b5:25:33:9c:1b:b7:54:01:c8:f4:2a:39:5d:3a:da:
2d:16:19:1e:88:61:15:62:dd:9d:e4:63:86:5a:aa:
ec:4d:ce:81:ac:21:02:9c:6e:35:eb:6e:ce:d3:da:
62:83:c0:50:fb:30:ab:11:76:3f:40:ab:c2:e9:4f:
a5:9a:32:86:58:04:99:e5:37:6d:67:cc:d7:c9:33:
0b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A7:07:A5:66:C0:E2:40:B1:59:FC:AA:18:A1:07:01:78:2D:EA:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.40.0/22
Signature Algorithm: sha256WithRSAEncryption
67:d9:25:6b:cb:6c:f9:74:4b:82:d8:1f:61:65:22:2b:a0:0c:
3d:70:ee:50:29:49:c0:05:27:ea:e6:38:f1:15:21:e9:18:45:
0c:49:bb:50:53:72:52:f5:39:47:ef:11:20:57:d0:8d:ff:49:
8f:5d:53:3e:3d:5b:b6:36:ed:b8:b6:b5:69:30:33:d8:4e:d9:
16:88:f5:a7:7f:67:cd:78:ee:3e:67:4a:29:d9:9c:2b:e8:98:
d4:df:90:d9:21:7f:8c:80:25:83:66:79:77:4a:8e:52:84:88:
11:a0:fe:99:2e:ca:65:f2:77:92:16:5b:fb:07:6c:12:d6:eb:
72:91:08:49:17:31:d7:9b:d1:34:38:a9:c3:0a:a9:b9:c2:c6:
67:15:1b:73:a8:b7:d4:22:9d:98:a0:f5:7f:65:78:08:73:5e:
32:eb:26:c6:69:3f:c3:d0:f7:99:83:db:6d:4a:cf:42:e1:36:
1d:69:00:f7:2b:6d:59:ec:fd:d6:1c:2f:e8:dc:20:25:56:ea:
6e:a0:ce:f6:b4:ac:29:8f:62:61:28:13:9f:cc:de:5d:eb:7e:
70:76:f5:c5:d5:cf:ac:cc:28:7f:fe:6a:76:ea:a8:57:32:26:
4d:04:a1:53:a9:be:1f:af:64:2d:06:d2:6d:94:90:c9:ef:62:
ca:c3:e3:cf
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUENLpCqxhbPiGRRzHqbGfMv6bAiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjAwMjBaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3MGJkOWM5MTQ2OThkMTM1Mzg3NmIxNmE2N2E5ZDg1ZjMyMDkyYjQyNTNi
YzI3ZWY3MDgxOTM5M2EzN2FjMWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQui4WpFZREg/lavBuvGzGDhQEh/z6u5Fqi8X63Z7VE6tfpi96x7yqNuyl4
J6kAS8fZeHqypfT6Ro0LReAtp6lFxgsjaympP1ZAgbPdivLoj/spyPL3wtqhwTh6
1mz0mMh31z1VaeSebeioWFR7BaFKxpD3kaofTV+Xa0O4dV2DUNxyjRJjOruYMxN6
HjKZ3f18DE/PQPEdLWqTLNvhdGqd8yvyx9STvSn2/gbCCrwLAupntSUznBu3VAHI
9Co5XTraLRYZHohhFWLdneRjhlqq7E3OgawhApxuNetuztPaYoPAUPswqxF2P0Cr
wulPpZoyhlgEmeU3bWfM18kzC88CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQYpwel
ZsDiQLFZ/KoYoQcBeC3qIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUyZTlkYWQtY2JmMy00YWMwLWE1MmUtZGEyYmYwM2U5MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiKDAN
BgkqhkiG9w0BAQsFAAOCAQEAZ9kla8ts+XRLgtgfYWUiK6AMPXDuUClJwAUn6uY4
8RUh6RhFDEm7UFNyUvU5R+8RIFfQjf9Jj11TPj1btjbtuLa1aTAz2E7ZFoj1p39n
zXjuPmdKKdmcK+iY1N+Q2SF/jIAlg2Z5d0qOUoSIEaD+mS7KZfJ3khZb+wdsEtbr
cpEISRcx15vRNDipwwqpucLGZxUbc6i31CKdmKD1f2V4CHNeMusmxmk/w9D3mYPb
bUrPQuE2HWkA9yttWez91hwv6NwgJVbqbqDO9rSsKY9iYSgTn8zeXet+cHb1xdXP
rMwof/5qduqoVzImTQShU6m+H69kLQbSbZSQye9iysPjzw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:37 2025 by rpki-client