Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
File: 40318891-5508-4eb6-bace-e245fbeb145a.roa (raw, json)
Hash identifier: tRZfJ6Zgb6ZI+y5/yKk4oozwcZTWA5GGGN3t3dkoxB8=
Subject key identifier: A0:CF:C0:D0:C8:0A:96:6C:F2:78:7A:CF:81:0F:63:A6:68:65:B4:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4AE26B3DF88BA320600E60959A7655D4C1E0D74F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
Signing time: Fri 22 Aug 2025 15:10:34 +0000
ROA not before: Fri 22 Aug 2025 15:10:34 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:e2:6b:3d:f8:8b:a3:20:60:0e:60:95:9a:76:55:d4:c1:e0:d7:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:34 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=0e4ee2002d822c7895fe9ae7916b543376b7d1176588f36f707aac93c42b4e33, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:48:39:5c:93:9a:b9:2f:c6:99:a8:d8:f7:1a:
60:64:47:1e:e8:b8:ad:25:72:bc:58:6a:54:f4:ab:
ce:b8:33:12:0e:46:ef:bd:13:aa:65:36:6d:97:9b:
e1:72:18:26:28:22:a9:7d:43:45:47:36:33:f2:35:
a5:e1:77:0d:92:dd:14:66:57:92:71:00:77:26:0d:
8c:9a:3b:19:07:97:c3:c8:bc:a5:43:79:f5:6d:3f:
ed:29:cb:6b:9b:32:c3:85:39:27:b0:fd:49:20:82:
99:7d:9b:5d:51:82:00:bc:5c:f4:3c:fc:60:63:9f:
09:c7:4a:71:09:3a:06:a7:44:dc:6a:a7:b2:8b:6c:
eb:38:34:31:91:aa:7f:08:25:00:02:15:63:56:45:
0c:45:e7:48:95:b3:05:31:cd:19:32:81:62:bd:19:
de:97:b9:fb:73:07:1a:ec:67:fc:ee:9e:76:ab:4a:
69:57:e3:13:1c:c4:fa:6b:22:19:4d:87:23:ef:80:
1f:0d:b1:82:a8:27:0e:a6:97:b0:5d:13:45:4f:51:
66:b0:d9:b9:c6:6d:93:3d:d9:25:75:f9:cb:f6:2c:
93:81:d9:c7:f4:9e:f2:56:35:61:3f:82:7e:9e:64:
39:eb:a8:c3:68:a1:57:6d:2e:fe:68:44:8d:5e:21:
da:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:CF:C0:D0:C8:0A:96:6C:F2:78:7A:CF:81:0F:63:A6:68:65:B4:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.160.0/19
Signature Algorithm: sha256WithRSAEncryption
2a:28:07:79:a7:29:7d:f3:73:32:77:9b:ee:0c:6b:74:c1:26:
c8:d1:be:e0:3c:0b:82:eb:3e:b7:09:9d:05:e1:bb:8c:e7:39:
67:a1:d9:03:2b:3f:ca:0d:9a:db:e7:cc:3f:e0:53:09:d7:82:
e6:7a:0b:61:9e:b8:a2:d3:c0:dd:cb:41:bd:d4:45:30:4a:55:
78:af:eb:3a:f0:4a:0f:aa:7d:99:e1:f3:ca:fd:a5:b4:ef:05:
4f:e6:3a:50:d0:b9:84:e9:87:67:68:5b:10:af:1f:f0:30:54:
d1:18:16:38:4d:56:ae:28:3a:a2:a6:5f:28:62:c2:70:d5:50:
a3:04:b9:38:a5:55:11:22:58:ea:08:ad:05:5b:af:5d:6f:33:
3b:c6:1b:e1:3e:4a:03:a5:61:42:cb:e4:ce:59:b3:90:eb:7e:
46:1f:76:f1:18:de:8b:65:0c:1b:14:44:12:e8:09:ed:79:b1:
62:d8:ce:dd:18:32:4c:cc:a7:0f:1c:8d:e9:fd:bc:b6:84:94:
4a:07:30:53:73:f3:51:78:fa:2a:de:63:63:99:20:1a:c7:9a:
56:73:9f:49:c6:e2:2b:6c:59:0b:54:f5:81:e4:bf:68:49:01:
94:92:ca:89:3e:0a:ae:31:f8:61:e5:fc:f9:fe:d3:8a:13:ef:
d1:e1:57:e1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSuJrPfiLoyBgDmCVmnZV1MHg108wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMzRaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlNGVlMjAwMmQ4MjJjNzg5NWZlOWFlNzkxNmI1NDMzNzZiN2QxMTc2NTg4
ZjM2ZjcwN2FhYzkzYzQyYjRlMzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJIOVyTmrkvxpmo2PcaYGRHHui4rSVyvFhqVPSrzrgzEg5G770TqmU2bZeb
4XIYJigiqX1DRUc2M/I1peF3DZLdFGZXknEAdyYNjJo7GQeXw8i8pUN59W0/7SnL
a5syw4U5J7D9SSCCmX2bXVGCALxc9Dz8YGOfCcdKcQk6BqdE3Gqnsots6zg0MZGq
fwglAAIVY1ZFDEXnSJWzBTHNGTKBYr0Z3pe5+3MHGuxn/O6edqtKaVfjExzE+msi
GU2HI++AHw2xgqgnDqaXsF0TRU9RZrDZucZtkz3ZJXX5y/Ysk4HZx/Se8lY1YT+C
fp5kOeuow2ihV20u/mhEjV4h2tsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSgz8DQ
yAqWbPJ4es+BD2OmaGW0djAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDAzMTg4OTEtNTUwOC00ZWI2LWJhY2UtZTI0NWZiZWIxNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAioDAN
BgkqhkiG9w0BAQsFAAOCAQEAKigHeacpffNzMneb7gxrdMEmyNG+4DwLgus+twmd
BeG7jOc5Z6HZAys/yg2a2+fMP+BTCdeC5noLYZ64otPA3ctBvdRFMEpVeK/rOvBK
D6p9meHzyv2ltO8FT+Y6UNC5hOmHZ2hbEK8f8DBU0RgWOE1Wrig6oqZfKGLCcNVQ
owS5OKVVESJY6gitBVuvXW8zO8Yb4T5KA6VhQsvkzlmzkOt+Rh928Rjei2UMGxRE
EugJ7XmxYtjO3RgyTMynDxyN6f28toSUSgcwU3PzUXj6Kt5jY5kgGseaVnOfScbi
K2xZC1T1geS/aEkBlJLKiT4KrjH4YeX8+f7TihPv0eFX4Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:05:02 2025 by rpki-client