Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
File: 3c89eb14-e34b-4729-9b6f-b536e1e06692.roa (raw, json)
Hash identifier: csyf82SeBeIgGXClNNz5bWPMvcrHbX19nnb9zlCrVcY=
Subject key identifier: AB:B5:24:17:11:19:49:37:0A:5B:FB:E4:76:DC:C2:9F:4B:50:3D:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5347A0BEE12A4A77B0ED010C6991EF7A3E886DFC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
Signing time: Fri 22 Aug 2025 15:00:26 +0000
ROA not before: Fri 22 Aug 2025 15:00:26 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.32.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:47:a0:be:e1:2a:4a:77:b0:ed:01:0c:69:91:ef:7a:3e:88:6d:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:00:26 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=760d3912991dd483e177264daf493b12d5497893ec74de32553516c28c6ef90f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a8:a7:61:d1:33:cd:f5:95:da:aa:dc:48:8b:
08:fb:13:e8:1b:0f:73:d7:fe:8e:ce:b6:b7:18:b3:
8d:2c:53:b6:70:43:b8:1f:3d:8a:5d:c6:ce:18:73:
e2:68:f8:79:43:95:55:74:03:1b:b8:c5:ed:14:79:
75:6a:30:11:9a:e9:ad:55:b8:b5:90:5f:ed:ba:83:
a2:71:f5:5c:46:10:08:cc:cd:2b:37:bc:8e:3b:d0:
db:cc:68:62:d6:62:df:16:e9:a0:3f:74:43:74:33:
a9:4a:fc:88:6e:17:4a:e6:59:9d:be:14:b0:ed:ce:
ba:ef:f4:d1:5b:1c:82:4d:08:cb:89:03:8c:13:9d:
45:de:16:79:97:db:8b:f8:94:b0:df:19:3e:7b:96:
de:7a:8d:ec:09:e9:6d:cb:f5:52:45:71:4a:62:8d:
90:26:5e:ab:9e:b5:b0:ed:83:e3:89:cc:91:4e:5a:
dc:36:56:ae:1d:60:42:36:4b:b4:c3:a8:4c:d7:39:
d1:c9:c9:20:31:3a:fd:39:ff:41:ef:a4:d2:01:32:
7f:6e:ee:59:57:69:9e:66:3e:f7:08:11:74:e5:4b:
7b:53:67:0d:6a:e5:d5:6a:df:51:de:bb:16:2f:56:
c4:25:eb:77:b5:d7:f6:87:03:82:b7:fd:16:43:0d:
e6:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B5:24:17:11:19:49:37:0A:5B:FB:E4:76:DC:C2:9F:4B:50:3D:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.32.0/21
Signature Algorithm: sha256WithRSAEncryption
2b:41:ad:c4:c4:29:bd:df:80:c0:b1:02:09:ea:67:3a:0b:03:
95:f7:c6:87:e8:24:69:ec:8e:aa:90:e2:64:92:83:23:92:c3:
b3:f5:4f:2a:51:02:40:5e:ef:62:b1:ae:ee:7e:87:8b:ea:eb:
27:4e:e6:dc:80:7d:5b:c9:fa:32:5c:3f:a5:13:b1:db:e4:65:
73:a4:05:30:60:cb:55:33:e5:14:1d:a6:9a:91:bd:30:39:85:
72:4c:96:ac:fc:cb:82:0f:27:84:23:38:a6:7f:a7:e5:54:e6:
10:aa:e5:a2:54:f6:cd:9e:e8:71:5c:eb:3a:47:f3:79:eb:68:
d2:8f:4b:12:64:71:64:a2:62:d1:7c:4b:95:39:b4:c6:7e:89:
08:dc:30:19:f4:3a:0c:a1:07:bd:a5:47:9e:b6:36:eb:68:43:
a1:59:d8:fc:84:2e:c8:0f:b5:35:9f:28:1a:95:fa:fd:a8:5c:
b0:3e:8c:f8:db:18:60:aa:f9:20:98:e2:c9:98:a4:3e:08:06:
ce:62:87:9a:4b:e0:76:f1:a1:77:32:c9:d3:36:5d:79:2a:18:
0e:02:a7:07:9a:be:a6:2f:07:6d:07:af:9b:7e:a9:59:4b:25:
08:0b:5c:05:ca:d9:97:4f:8a:8d:99:a0:80:af:63:04:74:ba:
ee:e4:77:a3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUU0egvuEqSnew7QEMaZHvej6IbfwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTAwMjZaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2MGQzOTEyOTkxZGQ0ODNlMTc3MjY0ZGFmNDkzYjEyZDU0OTc4OTNlYzc0
ZGUzMjU1MzUxNmMyOGM2ZWY5MGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2op2HRM831ldqq3EiLCPsT6BsPc9f+js62txizjSxTtnBDuB89il3Gzhhz
4mj4eUOVVXQDG7jF7RR5dWowEZrprVW4tZBf7bqDonH1XEYQCMzNKze8jjvQ28xo
YtZi3xbpoD90Q3QzqUr8iG4XSuZZnb4UsO3Ouu/00Vscgk0Iy4kDjBOdRd4WeZfb
i/iUsN8ZPnuW3nqN7Anpbcv1UkVxSmKNkCZeq561sO2D44nMkU5a3DZWrh1gQjZL
tMOoTNc50cnJIDE6/Tn/Qe+k0gEyf27uWVdpnmY+9wgRdOVLe1NnDWrl1WrfUd67
Fi9WxCXrd7XX9ocDgrf9FkMN5ksCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSrtSQX
ERlJNwpb++R23MKfS1A9ozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2M4OWViMTQtZTM0Yi00NzI5LTliNmYtYjUzNmUxZTA2NjkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AiIDAN
BgkqhkiG9w0BAQsFAAOCAQEAK0GtxMQpvd+AwLECCepnOgsDlffGh+gkaeyOqpDi
ZJKDI5LDs/VPKlECQF7vYrGu7n6Hi+rrJ07m3IB9W8n6Mlw/pROx2+Rlc6QFMGDL
VTPlFB2mmpG9MDmFckyWrPzLgg8nhCM4pn+n5VTmEKrlolT2zZ7ocVzrOkfzeeto
0o9LEmRxZKJi0XxLlTm0xn6JCNwwGfQ6DKEHvaVHnrY262hDoVnY/IQuyA+1NZ8o
GpX6/ahcsD6M+NsYYKr5IJjiyZikPggGzmKHmkvgdvGhdzLJ0zZdeSoYDgKnB5q+
pi8HbQevm36pWUslCAtcBcrZl0+KjZmggK9jBHS67uR3ow==
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:49:29 2025 by rpki-client