Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
File: 513c0075-edb1-461e-a07d-4eb5874bd9ce.roa (raw, json)
Hash identifier: K76IyIjxM+NlIJ8XYueHeLzuTglAlX0NpE5hYMbhDF4=
Subject key identifier: 57:D9:56:CB:5B:28:7E:FF:E3:E0:AC:88:99:B9:36:BB:71:E9:4F:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36CC1F73188DEA212B292623A3248E06C3800A26
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
Signing time: Fri 22 Aug 2025 15:10:33 +0000
ROA not before: Fri 22 Aug 2025 15:10:33 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.160.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:cc:1f:73:18:8d:ea:21:2b:29:26:23:a3:24:8e:06:c3:80:0a:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:33 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=34377607da5901f7d94ba5fa5d7610cc0e13cb80410ea8b133af1a904b86b6a5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6e:28:c8:79:61:43:8f:e6:d9:fe:9f:3c:fa:
86:c5:48:1a:65:fe:bc:62:24:59:aa:33:63:93:05:
76:98:9a:f6:9b:3a:83:6c:f7:30:c6:36:75:fd:bf:
25:ba:a2:7c:ad:a3:f8:2c:7c:ef:3c:ba:56:6c:f4:
95:cf:64:75:1c:35:30:50:16:2c:d6:4c:8d:ac:cb:
ab:36:de:af:79:2d:02:35:ad:18:c2:4c:a5:c8:a5:
d6:ff:51:3c:f8:6d:3d:c6:15:d4:93:93:99:5e:10:
8b:94:11:e8:9e:72:7e:07:b8:b2:68:0d:da:28:0e:
90:e5:12:1c:3c:a7:d2:a0:6a:68:90:be:8a:f5:38:
3b:b4:5b:e1:03:7f:11:f2:6a:1a:11:d2:9f:0b:18:
d1:66:ea:a4:77:b9:a3:3c:7c:ae:4b:85:fb:a8:d6:
49:01:c2:af:ee:0c:65:86:2f:e2:d7:fd:65:6d:6e:
b0:99:bb:b9:c6:6c:8b:a8:12:33:15:34:f1:a9:da:
91:6a:48:cb:60:af:be:fe:01:55:07:1b:78:30:85:
43:7d:d3:8a:74:ca:ca:94:8d:c9:60:58:60:b6:c9:
65:ec:4e:5b:da:61:56:e9:48:1c:4d:69:97:69:b6:
37:e5:5b:e8:b7:6f:d1:e1:40:8a:37:f0:41:c3:ef:
47:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D9:56:CB:5B:28:7E:FF:E3:E0:AC:88:99:B9:36:BB:71:E9:4F:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.160.0/20
Signature Algorithm: sha256WithRSAEncryption
46:0a:04:7d:8a:41:46:09:c0:57:e6:50:46:67:2b:d7:77:0a:
2b:f6:b1:ce:6f:bf:6e:36:88:fd:4e:79:fb:c2:f0:cf:d4:8a:
f5:02:0e:eb:f0:6b:cb:63:95:77:69:69:ca:b2:c1:3e:cc:4a:
f4:e0:72:ca:ce:c3:7f:d4:b4:ee:e0:e3:5e:d6:7e:12:75:d6:
94:87:f2:31:53:72:77:d8:13:d4:29:55:46:39:d5:1c:fd:47:
da:10:0b:de:c2:91:c5:5e:ff:6c:76:35:90:e8:ad:d3:0e:22:
42:f0:5c:6e:08:8a:bf:3a:1b:c9:f7:47:c0:1d:81:5a:4c:7f:
80:6c:3b:fb:de:94:a5:0b:76:5c:21:9f:21:b0:e5:ca:76:2f:
f9:95:7f:d4:0b:20:b0:a1:0c:d8:20:59:be:69:5b:78:48:e4:
bc:7d:9b:c2:a3:6d:51:10:0e:f8:77:d9:9b:7e:18:f0:62:a9:
fa:16:c6:7c:16:3c:31:83:f5:71:69:0e:b7:59:67:67:55:a1:
8c:95:54:ea:14:63:44:76:1b:37:3d:50:ba:cb:ac:3e:be:61:
d5:ff:84:c1:a8:cc:5f:fa:fd:16:76:39:f5:0e:5d:fc:fb:4c:
1d:fb:ad:c7:94:1b:04:7d:aa:9d:5b:d9:83:d4:a4:b9:ac:bf:
ab:8f:81:2d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNswfcxiN6iErKSYjoySOBsOACiYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMzNaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0Mzc3NjA3ZGE1OTAxZjdkOTRiYTVmYTVkNzYxMGNjMGUxM2NiODA0MTBl
YThiMTMzYWYxYTkwNGI4NmI2YTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRuKMh5YUOP5tn+nzz6hsVIGmX+vGIkWaozY5MFdpia9ps6g2z3MMY2df2/
JbqifK2j+Cx87zy6Vmz0lc9kdRw1MFAWLNZMjazLqzber3ktAjWtGMJMpcil1v9R
PPhtPcYV1JOTmV4Qi5QR6J5yfge4smgN2igOkOUSHDyn0qBqaJC+ivU4O7Rb4QN/
EfJqGhHSnwsY0WbqpHe5ozx8rkuF+6jWSQHCr+4MZYYv4tf9ZW1usJm7ucZsi6gS
MxU08anakWpIy2Cvvv4BVQcbeDCFQ33TinTKypSNyWBYYLbJZexOW9phVulIHE1p
l2m2N+Vb6Ldv0eFAijfwQcPvR40CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRX2VbL
Wyh+/+PgrIiZuTa7celPxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTEzYzAwNzUtZWRiMS00NjFlLWEwN2QtNGViNTg3NGJkOWNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAioDAN
BgkqhkiG9w0BAQsFAAOCAQEARgoEfYpBRgnAV+ZQRmcr13cKK/axzm+/bjaI/U55
+8Lwz9SK9QIO6/Bry2OVd2lpyrLBPsxK9OByys7Df9S07uDjXtZ+EnXWlIfyMVNy
d9gT1ClVRjnVHP1H2hAL3sKRxV7/bHY1kOit0w4iQvBcbgiKvzobyfdHwB2BWkx/
gGw7+96UpQt2XCGfIbDlynYv+ZV/1AsgsKEM2CBZvmlbeEjkvH2bwqNtURAO+HfZ
m34Y8GKp+hbGfBY8MYP1cWkOt1lnZ1WhjJVU6hRjRHYbNz1QususPr5h1f+EwajM
X/r9FnY59Q5d/PtMHfutx5QbBH2qnVvZg9Skuay/q4+BLQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:43 2025 by rpki-client