Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa
File: 2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa (raw, json)
Hash identifier: h6S/zy05PIezzxNb3iPdo5U16leMk0qkh6Mybr4cUuM=
Subject key identifier: D8:EB:08:22:2E:C6:95:50:E8:F7:46:16:64:B2:C9:FB:48:BD:22:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1685A1B91A622B175212D94F6C61508EE04D8B68
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa
Signing time: Fri 22 Aug 2025 15:10:39 +0000
ROA not before: Fri 22 Aug 2025 15:10:39 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.96.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:85:a1:b9:1a:62:2b:17:52:12:d9:4f:6c:61:50:8e:e0:4d:8b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:39 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=d337def86d2c4bc9912489a235c5b818bb75b49a7a4b7b4253f203991e1ec430, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:70:ab:ff:75:f4:27:22:5e:8d:ec:76:be:cf:
c1:45:31:94:83:16:ea:b5:30:57:7f:a1:9d:55:83:
71:50:35:ef:b9:75:75:2f:95:34:07:12:ea:ac:0f:
73:7f:c9:b1:53:63:c2:4d:b6:63:3a:02:29:b1:1c:
34:3c:00:6e:e4:03:2c:07:92:77:be:fe:f7:60:ae:
ee:f6:16:e2:10:0e:b4:92:4c:dc:a4:18:d1:28:82:
ff:32:c4:6a:64:46:ae:fc:79:56:ce:dc:f0:4a:e5:
2d:41:6b:7f:8b:ac:03:98:45:9b:d1:2b:3e:9c:7b:
22:1d:2f:99:07:ef:c4:80:a4:61:d5:36:ba:b3:ea:
57:86:b1:4f:81:82:14:b1:7c:0f:08:06:4f:84:ac:
14:ab:d6:e4:44:bf:20:f3:ca:2d:39:04:fd:5d:51:
4d:9c:ce:1b:e7:f5:92:df:49:a3:70:98:20:f1:cd:
8f:50:d5:76:eb:24:ac:dd:30:3e:95:b7:e7:46:6d:
bb:f4:75:6f:9c:f0:d1:19:59:3f:bb:6d:76:90:98:
51:93:46:ad:09:9a:0e:91:32:17:f4:95:dd:dd:93:
d5:cc:86:2a:1d:fa:0f:69:8e:a2:66:fe:99:e8:33:
74:ca:50:3f:75:21:8f:f1:71:67:c0:ea:4a:4d:4c:
e1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:EB:08:22:2E:C6:95:50:E8:F7:46:16:64:B2:C9:FB:48:BD:22:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.96.0/19
Signature Algorithm: sha256WithRSAEncryption
6f:f1:0d:bc:40:53:81:cb:07:30:1a:ec:90:a0:0d:aa:b6:f5:
5b:54:bf:ac:b7:35:c5:8f:ea:fe:9d:2e:09:ab:27:6d:2a:00:
af:f7:65:96:1b:50:d8:79:73:b1:c3:d4:c0:bc:a1:cd:fd:2f:
10:65:f0:ac:45:c5:83:dd:ce:a6:29:fd:1d:58:f4:f2:1d:f3:
89:84:da:e3:12:0a:8e:55:06:08:18:cf:0d:37:4b:9a:4f:3e:
c3:c8:ab:bd:5a:ad:79:39:07:d5:25:8e:9d:3e:04:88:a4:9c:
61:43:b2:01:19:18:d0:25:11:85:ca:e8:a3:b8:96:44:bf:2b:
bd:0d:ae:33:f7:6b:60:27:7b:1c:21:70:a0:c3:68:54:da:98:
48:de:af:66:13:b3:cc:99:7f:d7:1b:7e:52:c7:de:2d:56:7c:
99:0a:0b:10:88:29:ea:5b:16:bb:15:c2:0a:4e:20:0b:63:6e:
81:22:3f:dd:cf:3c:b8:4f:59:d7:0c:fb:5a:84:59:56:11:d8:
08:2b:79:90:43:6d:21:0b:f2:1f:c6:32:9e:58:31:cc:02:25:
5c:a5:a8:7f:2f:91:00:62:9b:77:96:32:07:81:73:ea:7b:e9:
3b:a2:33:1b:d4:d5:9c:e6:36:68:5a:7a:b3:65:fe:62:f8:1b:
ae:59:82:22
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFoWhuRpiKxdSEtlPbGFQjuBNi2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMzlaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzMzdkZWY4NmQyYzRiYzk5MTI0ODlhMjM1YzViODE4YmI3NWI0OWE3YTRi
N2I0MjUzZjIwMzk5MWUxZWM0MzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBwq/919CciXo3sdr7PwUUxlIMW6rUwV3+hnVWDcVA177l1dS+VNAcS6qwP
c3/JsVNjwk22YzoCKbEcNDwAbuQDLAeSd77+92Cu7vYW4hAOtJJM3KQY0SiC/zLE
amRGrvx5Vs7c8ErlLUFrf4usA5hFm9ErPpx7Ih0vmQfvxICkYdU2urPqV4axT4GC
FLF8DwgGT4SsFKvW5ES/IPPKLTkE/V1RTZzOG+f1kt9Jo3CYIPHNj1DVduskrN0w
PpW350Ztu/R1b5zw0RlZP7ttdpCYUZNGrQmaDpEyF/SV3d2T1cyGKh36D2mOomb+
megzdMpQP3Uhj/FxZ8DqSk1M4W0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTY6wgi
LsaVUOj3RhZkssn7SL0i3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmZkODAzN2QtMDUzNi00MmJjLWFmNWMtNGQwZWQ0ZjhkZTc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiYDAN
BgkqhkiG9w0BAQsFAAOCAQEAb/ENvEBTgcsHMBrskKANqrb1W1S/rLc1xY/q/p0u
CasnbSoAr/dllhtQ2HlzscPUwLyhzf0vEGXwrEXFg93Opin9HVj08h3ziYTa4xIK
jlUGCBjPDTdLmk8+w8irvVqteTkH1SWOnT4EiKScYUOyARkY0CURhcroo7iWRL8r
vQ2uM/drYCd7HCFwoMNoVNqYSN6vZhOzzJl/1xt+UsfeLVZ8mQoLEIgp6lsWuxXC
Ck4gC2NugSI/3c88uE9Z1wz7WoRZVhHYCCt5kENtIQvyH8YynlgxzAIlXKWofy+R
AGKbd5YyB4Fz6nvpO6IzG9TVnOY2aFp6s2X+YvgbrlmCIg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:46:48 2025 by rpki-client