Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
File: 2780ebe2-8258-4510-a848-89116418e1c7.roa (raw, json)
Hash identifier: cdTrHD0zbPLyE/iY0YP7qbkHa1bOsAVf5MG7zjBEprk=
Subject key identifier: 4B:EA:FB:1D:F6:11:EA:81:EF:06:B0:3D:F1:93:27:E7:F3:87:03:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F24FC79D43CCDD6CFDCC775400B91772516C7DB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
Signing time: Fri 22 Aug 2025 15:10:41 +0000
ROA not before: Fri 22 Aug 2025 15:10:41 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:24:fc:79:d4:3c:cd:d6:cf:dc:c7:75:40:0b:91:77:25:16:c7:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:41 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=032304ee5f28ead8a92819eeafb41a88f874f2b9c99e273c164ddc80714f9de2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:0d:99:17:8f:62:34:17:42:24:f6:17:7f:2c:
fb:8c:9e:1f:ce:c9:eb:2b:f7:9c:6f:4b:23:cb:a3:
1e:27:72:07:49:75:a6:77:51:24:c1:d9:0f:34:0a:
06:6c:a2:72:b3:eb:26:38:3d:65:5c:97:e8:4a:0c:
2c:7e:2c:c4:ff:a4:a0:06:7e:bc:af:5c:40:c3:0e:
3c:56:a1:2a:2c:d5:f9:d2:13:5b:10:5d:af:50:85:
d4:45:bc:be:94:e2:1e:c2:45:cf:9a:3f:b1:eb:6e:
e8:dc:ad:c7:88:91:06:17:e6:20:ad:5f:2a:e2:52:
40:19:00:b2:08:65:f3:59:66:32:e7:c4:d4:49:a4:
64:5e:cd:3a:30:f6:63:89:ae:15:d4:63:c4:1f:e3:
7b:83:60:e7:e2:41:9e:98:9c:69:7b:18:23:38:72:
aa:81:c0:2f:82:6d:ce:78:f0:1a:60:48:a6:98:19:
a0:35:b8:b7:d0:5d:47:a0:68:48:8d:7c:0d:c5:7f:
cc:25:32:58:8c:db:2d:46:ec:96:7f:61:89:5a:2b:
32:e2:05:00:13:41:48:85:57:6a:08:7a:fd:4e:f0:
b4:59:ad:45:21:77:42:4b:17:ed:b3:f7:e5:ca:28:
a2:75:67:e2:60:00:5d:6e:c6:00:87:e2:49:d2:b8:
bb:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:EA:FB:1D:F6:11:EA:81:EF:06:B0:3D:F1:93:27:E7:F3:87:03:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/19
Signature Algorithm: sha256WithRSAEncryption
c7:95:05:ff:ea:02:f3:fe:e2:2f:39:a9:19:f6:1e:83:c2:41:
67:bf:42:2f:99:06:92:a2:3a:5d:a0:69:2a:ea:5c:96:0c:99:
44:36:9d:cb:1a:e2:2a:35:01:42:49:b4:2b:8a:21:cc:b6:1d:
01:7d:7c:23:37:5a:f5:a4:ed:cc:bd:a7:6b:a9:f2:91:a9:1f:
e2:3b:5e:ca:43:15:91:11:f6:5e:d9:ae:53:17:5f:81:18:a8:
18:6b:c0:77:d3:fa:b1:1a:cd:49:8b:8d:8b:71:e3:04:46:2b:
61:0d:ae:5e:7f:a0:d5:2b:19:65:ce:2b:9e:b8:fb:4e:f6:43:
00:84:b7:b1:75:13:7e:2c:02:96:f3:eb:6b:9a:e1:18:30:de:
ff:e5:d2:79:24:a6:44:39:c2:39:fc:c6:b6:ba:f7:af:2c:8e:
92:69:66:f9:c7:6d:ed:dc:09:74:1a:cd:92:06:cb:09:a5:df:
ab:68:18:5e:36:c3:8a:e1:31:55:d6:bb:f8:29:d3:f1:fb:9d:
f4:46:d7:ea:eb:d0:2e:55:ea:5e:54:03:46:df:89:59:e0:d2:
83:e8:4b:a3:cb:a0:78:d9:8d:2f:54:c9:94:8d:5c:43:32:00:
e5:10:6e:d1:96:fe:47:44:97:10:a3:9b:c5:bc:14:99:0b:a1:
7b:8f:48:6a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPyT8edQ8zdbP3Md1QAuRdyUWx9swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwNDFaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzMjMwNGVlNWYyOGVhZDhhOTI4MTllZWFmYjQxYTg4Zjg3NGYyYjljOTll
MjczYzE2NGRkYzgwNzE0ZjlkZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOgNmRePYjQXQiT2F38s+4yeH87J6yv3nG9LI8ujHidyB0l1pndRJMHZDzQK
BmyicrPrJjg9ZVyX6EoMLH4sxP+koAZ+vK9cQMMOPFahKizV+dITWxBdr1CF1EW8
vpTiHsJFz5o/setu6Nytx4iRBhfmIK1fKuJSQBkAsghl81lmMufE1EmkZF7NOjD2
Y4muFdRjxB/je4Ng5+JBnpicaXsYIzhyqoHAL4JtznjwGmBIppgZoDW4t9BdR6Bo
SI18DcV/zCUyWIzbLUbsln9hiVorMuIFABNBSIVXagh6/U7wtFmtRSF3QksX7bP3
5cooonVn4mAAXW7GAIfiSdK4uycCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRL6vsd
9hHqge8GsD3xkyfn84cDmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4MGViZTItODI1OC00NTEwLWE4NDgtODkxMTY0MThlMWM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEAx5UF/+oC8/7iLzmpGfYeg8JBZ79CL5kGkqI6XaBp
KupclgyZRDadyxriKjUBQkm0K4ohzLYdAX18Izda9aTtzL2na6nykakf4jteykMV
kRH2XtmuUxdfgRioGGvAd9P6sRrNSYuNi3HjBEYrYQ2uXn+g1SsZZc4rnrj7TvZD
AIS3sXUTfiwClvPra5rhGDDe/+XSeSSmRDnCOfzGtrr3ryyOkmlm+cdt7dwJdBrN
kgbLCaXfq2gYXjbDiuExVda7+CnT8fud9EbX6uvQLlXqXlQDRt+JWeDSg+hLo8ug
eNmNL1TJlI1cQzIA5RBu0Zb+R0SXEKObxbwUmQuhe49Iag==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:35 2025 by rpki-client