Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
File: 8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa (raw, json)
Hash identifier: uCPuHq9MFAYa5ApA1GusbZHcI/7gqI+P6rFwZmBL/4I=
Subject key identifier: 60:76:16:9D:A9:4D:3D:FB:1F:98:F9:55:CD:86:D6:35:9E:B3:6D:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 030A29BDE43500BAF02947AC91A1F48712DD6F56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
Signing time: Fri 22 Aug 2025 15:10:38 +0000
ROA not before: Fri 22 Aug 2025 15:10:38 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:0a:29:bd:e4:35:00:ba:f0:29:47:ac:91:a1:f4:87:12:dd:6f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:38 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=f3ec25f9cb3d3a2929d4a3ec7db234332e4b64b3e9b25a0cb5fb8cd3dd6cc915, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:16:1e:4d:05:be:84:cd:f4:51:61:47:37:98:
ec:8f:00:79:89:df:91:bf:3c:e7:26:3a:45:03:ce:
59:4e:99:b2:24:de:a0:13:9f:bf:f0:cf:11:09:11:
66:c2:10:21:30:a4:ed:99:d0:f8:d3:b8:de:5d:a3:
87:73:16:7f:c8:a8:51:e4:5c:b7:bb:a2:e9:1b:27:
5d:1d:49:a0:b8:55:8a:31:44:92:7a:99:af:3a:27:
03:c4:a4:df:7a:de:47:01:29:c2:89:d1:46:6a:ea:
44:c8:cc:bf:fc:8e:f3:b7:d4:e3:d2:ec:0a:9e:55:
fe:75:88:79:1d:5a:44:f4:e1:4e:2c:b1:7f:e0:5b:
c0:2f:1b:e1:e2:0d:f4:18:01:ba:7a:a2:e0:06:4e:
8b:48:7d:94:73:fd:28:2a:a7:cb:b3:b1:e0:2c:b1:
5a:89:cf:5b:11:e2:36:0e:79:65:ab:60:36:03:c1:
96:07:fc:b2:e1:2d:85:79:86:33:79:40:bd:1c:e2:
e0:98:68:44:a3:1a:9f:47:04:c4:e8:65:46:1c:d6:
0b:27:6d:42:31:13:27:0f:2f:2d:54:c5:69:34:2b:
3d:52:cc:14:bf:24:3a:ef:6e:72:47:9b:46:f1:2a:
20:4a:bc:d0:be:10:3e:60:d5:93:73:15:86:23:50:
bd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:76:16:9D:A9:4D:3D:FB:1F:98:F9:55:CD:86:D6:35:9E:B3:6D:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/19
Signature Algorithm: sha256WithRSAEncryption
90:59:43:94:6f:7f:7c:df:4d:48:d8:93:c1:74:b7:0f:51:e0:
dc:77:5f:61:09:25:9d:58:1b:84:86:b0:90:30:15:95:ec:51:
aa:3a:54:f6:51:4e:d0:9b:03:3d:99:ce:51:e5:2e:af:b9:59:
0a:39:03:52:72:dc:5b:3e:97:42:7e:28:10:95:36:e5:08:e5:
4a:07:0f:4c:0a:30:48:a4:4c:c7:47:ac:a2:80:b4:a0:3f:85:
b1:a7:ea:02:5c:41:22:97:d6:41:f2:8f:f3:5e:51:eb:74:67:
e7:84:93:e8:44:39:09:7b:72:1c:e2:94:0e:ae:a8:35:a3:e2:
a5:86:e2:50:ac:9d:a8:ce:d4:7d:c7:90:1e:80:0c:c9:c7:70:
89:13:5a:3e:79:bc:a2:fd:01:ef:e4:fd:17:d3:46:6f:6f:aa:
7d:ca:fd:e2:7c:af:7a:5e:f1:59:73:1b:53:1d:03:d8:dc:44:
db:5c:0b:4f:62:97:2c:d9:19:3f:35:d3:a9:10:bc:7b:2e:7a:
80:23:3e:a7:b9:c6:af:59:fa:bd:f2:4a:79:14:cb:49:9e:0b:
6d:67:eb:55:2c:e0:48:c7:36:e8:c6:4c:df:98:68:bf:76:78:
41:90:e4:4a:35:92:01:ef:da:0d:c2:70:53:00:4e:d4:58:78:
3f:70:9e:ef
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAwopveQ1ALrwKUeskaH0hxLdb1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMzhaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzZWMyNWY5Y2IzZDNhMjkyOWQ0YTNlYzdkYjIzNDMzMmU0YjY0YjNlOWIy
NWEwY2I1ZmI4Y2QzZGQ2Y2M5MTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOMWHk0FvoTN9FFhRzeY7I8AeYnfkb885yY6RQPOWU6ZsiTeoBOfv/DPEQkR
ZsIQITCk7ZnQ+NO43l2jh3MWf8ioUeRct7ui6RsnXR1JoLhVijFEknqZrzonA8Sk
33reRwEpwonRRmrqRMjMv/yO87fU49LsCp5V/nWIeR1aRPThTiyxf+BbwC8b4eIN
9BgBunqi4AZOi0h9lHP9KCqny7Ox4CyxWonPWxHiNg55ZatgNgPBlgf8suEthXmG
M3lAvRzi4JhoRKMan0cExOhlRhzWCydtQjETJw8vLVTFaTQrPVLMFL8kOu9uckeb
RvEqIEq80L4QPmDVk3MVhiNQvSUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRgdhad
qU09+x+Y+VXNhtY1nrNtMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGVlNmE0M2ItYjRlNC00ODlhLTljZDItMjFhNzJmMWNmNmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAigDAN
BgkqhkiG9w0BAQsFAAOCAQEAkFlDlG9/fN9NSNiTwXS3D1Hg3HdfYQklnVgbhIaw
kDAVlexRqjpU9lFO0JsDPZnOUeUur7lZCjkDUnLcWz6XQn4oEJU25QjlSgcPTAow
SKRMx0esooC0oD+FsafqAlxBIpfWQfKP815R63Rn54ST6EQ5CXtyHOKUDq6oNaPi
pYbiUKydqM7UfceQHoAMycdwiRNaPnm8ov0B7+T9F9NGb2+qfcr94nyvel7xWXMb
Ux0D2NxE21wLT2KXLNkZPzXTqRC8ey56gCM+p7nGr1n6vfJKeRTLSZ4LbWfrVSzg
SMc26MZM35hov3Z4QZDkSjWSAe/aDcJwUwBO1Fh4P3Ce7w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:49:56 2025 by rpki-client