Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
File: 65fd1736-b3cd-4b5b-abca-9d430a70e064.roa (raw, json)
Hash identifier: jEWi/wWwRJXmdUSLUBRGgKLD351MBBXQwLbkCCcE38M=
Subject key identifier: 97:14:97:A2:F4:9B:01:EE:C7:49:9C:96:B8:F0:4E:A7:DB:BD:2D:E9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A7D38A5C6A450D3E566A5D44C3215E1A69A79FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
Signing time: Fri 22 Aug 2025 15:10:43 +0000
ROA not before: Fri 22 Aug 2025 15:10:43 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:7d:38:a5:c6:a4:50:d3:e5:66:a5:d4:4c:32:15:e1:a6:9a:79:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:43 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=4ad9425ab6f103e3d5d5b1f9df0c10a35027fd8886cbec647ff80ac6e1fc1fc7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d8:26:bc:d8:9b:db:0d:20:33:96:a5:2c:32:
76:8b:3f:dd:f4:e2:a9:02:31:53:6b:4c:58:52:7e:
50:c0:60:e5:68:f1:66:c9:9f:60:5d:38:9c:20:51:
80:5a:4a:c5:c1:6d:ba:03:7a:37:d7:b7:b2:ae:51:
c9:db:fe:6a:7c:9e:e0:51:77:89:dc:57:f2:2b:06:
3d:27:7a:9d:80:1a:9d:39:6f:59:d1:43:25:75:81:
90:a2:e8:b9:1d:8d:30:8b:d0:95:e5:62:a7:e0:7d:
c4:06:20:60:96:a9:08:fb:2a:b9:a2:1e:cb:2b:4a:
d3:2a:0a:eb:59:a4:2c:4a:ad:4f:42:40:ed:36:91:
41:0d:a0:c2:c6:aa:f8:84:dd:1b:0f:2b:47:04:99:
0e:bc:f9:4f:df:c0:89:a9:45:c0:52:f6:3f:2b:ef:
00:c5:06:3f:cf:ab:a9:21:e6:21:3f:65:4f:14:df:
d6:49:19:fc:68:70:98:c0:2d:c8:35:8b:24:bb:3f:
28:76:42:ff:11:04:28:20:03:29:9d:72:f9:72:f7:
9c:60:04:ba:43:3b:d7:c1:bd:d5:7d:86:bf:9c:bf:
9e:ba:73:14:0d:92:f7:dc:4b:26:bd:4f:73:12:51:
14:39:22:75:7e:70:f8:ee:b5:de:39:7d:ae:6a:50:
11:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:14:97:A2:F4:9B:01:EE:C7:49:9C:96:B8:F0:4E:A7:DB:BD:2D:E9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.192.0/18
Signature Algorithm: sha256WithRSAEncryption
ae:79:95:ea:b5:d9:ee:e6:f1:ce:e7:9f:1e:b9:f7:97:d9:66:
19:fe:ad:db:c0:1d:bb:80:d7:d0:f4:68:21:9f:6f:f2:3d:ce:
58:b1:57:32:0e:92:db:cd:a6:89:fc:af:90:7d:3b:b2:50:78:
3b:93:c6:78:fc:ae:3d:01:d5:02:28:34:b3:a9:4d:71:98:74:
42:59:18:72:43:18:1d:56:1f:7e:18:4c:10:f8:27:5a:7c:41:
ed:82:2f:63:d7:b5:67:91:bd:ba:e1:36:57:2f:e8:ab:19:59:
dc:16:58:87:fb:17:ce:76:dd:2f:15:ce:ef:07:c7:ba:cf:11:
a3:c4:e5:34:9d:95:b0:eb:55:33:60:3c:1e:ae:6b:44:ff:b7:
16:33:1a:6f:72:66:f3:29:8b:02:e9:79:35:b4:e5:c7:0d:37:
37:9e:90:67:ef:85:20:5e:fb:ab:44:aa:56:49:45:36:12:0e:
c8:ab:ff:be:94:2f:f8:15:78:14:e6:30:80:7a:60:e6:17:a8:
de:31:23:23:59:4f:a6:f7:6a:3a:f2:26:42:88:9b:1f:a5:13:
dd:a2:e1:38:dd:aa:ed:71:10:48:36:7a:e3:2f:7f:41:35:6e:
73:5c:15:ec:e0:c1:5d:02:52:18:ff:4d:0c:97:68:1e:d5:91:
53:ac:be:a5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOn04pcakUNPlZqXUTDIV4aaaef4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwNDNaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhZDk0MjVhYjZmMTAzZTNkNWQ1YjFmOWRmMGMxMGEzNTAyN2ZkODg4NmNi
ZWM2NDdmZjgwYWM2ZTFmYzFmYzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTYJrzYm9sNIDOWpSwydos/3fTiqQIxU2tMWFJ+UMBg5WjxZsmfYF04nCBR
gFpKxcFtugN6N9e3sq5Rydv+anye4FF3idxX8isGPSd6nYAanTlvWdFDJXWBkKLo
uR2NMIvQleVip+B9xAYgYJapCPsquaIeyytK0yoK61mkLEqtT0JA7TaRQQ2gwsaq
+ITdGw8rRwSZDrz5T9/AialFwFL2PyvvAMUGP8+rqSHmIT9lTxTf1kkZ/GhwmMAt
yDWLJLs/KHZC/xEEKCADKZ1y+XL3nGAEukM718G91X2Gv5y/nrpzFA2S99xLJr1P
cxJRFDkidX5w+O613jl9rmpQEW0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSXFJei
9JsB7sdJnJa48E6n270t6TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjVmZDE3MzYtYjNjZC00YjViLWFiY2EtOWQ0MzBhNzBlMDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAiwDAN
BgkqhkiG9w0BAQsFAAOCAQEArnmV6rXZ7ubxzuefHrn3l9lmGf6t28Adu4DX0PRo
IZ9v8j3OWLFXMg6S282mifyvkH07slB4O5PGePyuPQHVAig0s6lNcZh0QlkYckMY
HVYffhhMEPgnWnxB7YIvY9e1Z5G9uuE2Vy/oqxlZ3BZYh/sXznbdLxXO7wfHus8R
o8TlNJ2VsOtVM2A8Hq5rRP+3FjMab3Jm8ymLAul5NbTlxw03N56QZ++FIF77q0Sq
VklFNhIOyKv/vpQv+BV4FOYwgHpg5heo3jEjI1lPpvdqOvImQoibH6UT3aLhON2q
7XEQSDZ64y9/QTVuc1wV7ODBXQJSGP9NDJdoHtWRU6y+pQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:00 2025 by rpki-client