Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
File: 54957543-b22c-43fb-b523-8f40c64fe15d.roa (raw, json)
Hash identifier: +WzYKO1K4GKYzLXtBwrnq0zZ4ra4YlZVSaIrc4LSic8=
Subject key identifier: 4A:46:C6:B2:72:9C:27:18:2B:AF:AE:07:85:27:AA:CD:2B:BF:FA:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C1777225DDEFE72D9161A1D802B4E449E881217
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
Signing time: Fri 22 Aug 2025 15:10:44 +0000
ROA not before: Fri 22 Aug 2025 15:10:44 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:17:77:22:5d:de:fe:72:d9:16:1a:1d:80:2b:4e:44:9e:88:12:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:44 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=adb7e14fb5942c36b330e4be67e70fcf1c0973812b7b4f06e7154c8baaff6aec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a2:77:71:ca:e6:82:de:09:71:94:1b:65:90:
a1:94:d9:b0:3e:db:27:8c:97:e4:08:30:db:d4:cc:
4b:8b:7a:8b:8f:70:e2:90:47:5c:16:d1:f1:69:e8:
0f:21:09:d0:e2:2f:7e:92:21:74:78:5b:cf:20:35:
7b:59:d0:97:07:0e:10:9c:56:6b:be:08:8f:4f:ff:
28:07:5b:df:e2:f5:03:9b:24:82:e3:0a:23:df:c0:
e7:19:84:b4:76:cc:74:59:73:f5:14:0f:7c:e7:0b:
0b:2c:9c:04:81:59:86:53:44:21:4f:bf:b3:8f:2d:
4c:67:6c:87:61:68:9d:0a:91:42:f0:23:dd:2d:fd:
f6:8b:0a:3b:25:f7:74:fb:c4:32:42:2e:7a:c9:56:
aa:dd:d4:8e:3e:37:7d:ec:e7:e7:c5:d5:71:e3:8b:
bc:7b:35:ce:0d:28:14:04:23:c3:fd:d9:6c:53:96:
33:c4:86:e2:5c:6d:43:ea:d3:55:7d:d4:e4:99:16:
d4:3c:58:d2:c9:96:a6:02:02:25:20:60:11:38:8c:
2f:e9:ba:a3:52:17:74:9f:46:4b:e2:51:37:e6:f1:
1c:f8:01:48:da:6a:26:a2:8a:64:dd:9a:56:44:52:
40:4a:63:c9:2e:3f:6f:07:ff:aa:54:3c:a0:d0:b9:
23:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:46:C6:B2:72:9C:27:18:2B:AF:AE:07:85:27:AA:CD:2B:BF:FA:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.192.0/19
Signature Algorithm: sha256WithRSAEncryption
59:39:dd:2b:07:4e:88:55:9f:22:c9:86:e7:4a:7f:51:4e:8c:
e6:fa:ce:40:ec:ef:89:59:74:59:80:da:45:f1:3f:3b:37:f9:
2a:82:cc:ca:0f:74:c3:b4:bd:47:b2:97:71:aa:8e:24:8d:7f:
54:51:da:d9:95:8d:37:eb:dd:ee:d4:68:31:b2:e6:b7:bb:94:
3a:4f:8b:14:a6:36:0e:cf:db:2e:11:63:16:4b:ae:d5:cf:22:
77:fd:a2:23:6d:76:2d:f2:9c:c2:3a:42:40:72:14:1d:4e:29:
ee:78:7e:55:e3:e4:b9:6d:55:33:11:4e:cf:a8:3b:71:02:05:
0a:cf:b8:9c:f6:b7:a1:2c:79:15:c7:ae:f9:be:e6:e7:4d:4b:
27:c0:db:9c:8c:b9:bb:93:24:15:29:fa:2d:8a:13:ac:60:ef:
df:af:49:db:3a:d7:e7:fc:98:93:da:b1:00:09:6e:b1:38:51:
b3:7b:1b:29:e2:12:86:27:2a:c8:8a:1d:a6:bd:f8:00:d6:f5:
c0:b8:54:57:13:ee:19:c2:83:2d:3e:da:f6:21:c1:18:bf:3e:
a7:98:65:e4:37:4d:e1:4f:ea:6c:b1:77:4b:2f:63:bc:cf:81:
f8:44:3a:79:11:b2:77:f0:4f:cb:7a:41:2f:7d:08:15:97:4a:
09:52:49:f0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXBd3Il3e/nLZFhodgCtORJ6IEhcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwNDRaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkYjdlMTRmYjU5NDJjMzZiMzMwZTRiZTY3ZTcwZmNmMWMwOTczODEyYjdi
NGYwNmU3MTU0YzhiYWFmZjZhZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOid3HK5oLeCXGUG2WQoZTZsD7bJ4yX5Agw29TMS4t6i49w4pBHXBbR8Wno
DyEJ0OIvfpIhdHhbzyA1e1nQlwcOEJxWa74Ij0//KAdb3+L1A5skguMKI9/A5xmE
tHbMdFlz9RQPfOcLCyycBIFZhlNEIU+/s48tTGdsh2FonQqRQvAj3S399osKOyX3
dPvEMkIueslWqt3Ujj43fezn58XVceOLvHs1zg0oFAQjw/3ZbFOWM8SG4lxtQ+rT
VX3U5JkW1DxY0smWpgICJSBgETiML+m6o1IXdJ9GS+JRN+bxHPgBSNpqJqKKZN2a
VkRSQEpjyS4/bwf/qlQ8oNC5I+0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRKRsay
cpwnGCuvrgeFJ6rNK7/6hTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQ5NTc1NDMtYjIyYy00M2ZiLWI1MjMtOGY0MGM2NGZlMTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAWTndKwdOiFWfIsmG50p/UU6M5vrOQOzviVl0WYDa
RfE/Ozf5KoLMyg90w7S9R7KXcaqOJI1/VFHa2ZWNN+vd7tRoMbLmt7uUOk+LFKY2
Ds/bLhFjFkuu1c8id/2iI212LfKcwjpCQHIUHU4p7nh+VePkuW1VMxFOz6g7cQIF
Cs+4nPa3oSx5Fceu+b7m501LJ8DbnIy5u5MkFSn6LYoTrGDv369J2zrX5/yYk9qx
AAlusThRs3sbKeIShicqyIodpr34ANb1wLhUVxPuGcKDLT7a9iHBGL8+p5hl5DdN
4U/qbLF3Sy9jvM+B+EQ6eRGyd/BPy3pBL30IFZdKCVJJ8A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:55 2025 by rpki-client