Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
File: 995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa (raw, json)
Hash identifier: xw6CD3sGUsDWU7QT9nmOglJ6reK+9Q9189vSrnYa+Nk=
Subject key identifier: 80:14:83:E5:B1:3D:D2:BC:35:56:41:6E:40:67:3A:79:3B:B7:58:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4601038CE14CC2B509CDF999C0FAD43316AE1036
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
Signing time: Fri 22 Aug 2025 15:00:21 +0000
ROA not before: Fri 22 Aug 2025 15:00:21 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.16.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:01:03:8c:e1:4c:c2:b5:09:cd:f9:99:c0:fa:d4:33:16:ae:10:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:00:21 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=2373a2d59da22f4a065269bbf9761b0b79cf095efc48e67f48eef910c863426f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b0:cd:06:9a:49:fd:21:02:e1:93:b6:82:4d:
2d:eb:a3:70:de:b1:0f:cf:74:52:44:2a:87:1c:22:
9c:dd:eb:f3:31:b9:dd:58:a8:a7:de:c0:c7:5c:31:
c6:6d:af:b2:fa:c9:16:e4:79:b2:04:32:98:9e:fa:
35:35:6b:a7:f2:d2:fd:b2:63:4b:16:68:a6:30:59:
36:de:18:42:4c:60:66:8a:ab:c4:bc:91:39:09:a2:
ca:bd:d5:cb:a3:10:e9:79:15:cb:38:fd:34:6c:25:
11:4e:83:53:7a:f5:58:47:23:cf:03:65:a5:a6:c6:
a0:35:d9:9e:52:f1:94:19:fc:21:0b:63:4b:5e:df:
4d:0c:73:75:4e:d1:5f:3c:7a:47:65:db:16:8b:a4:
6c:86:19:5e:d1:89:75:db:af:6b:5a:43:67:05:ab:
44:ba:10:17:e9:15:cb:93:26:a4:78:13:be:52:aa:
17:14:4d:94:27:1b:36:a2:12:1c:1e:cd:80:6d:06:
52:55:81:66:1e:37:5e:26:e7:6c:0f:85:f3:b5:4f:
5b:7e:20:d0:b7:d9:b3:73:3e:75:4e:ff:60:73:64:
fe:61:33:af:cc:4a:02:dd:67:57:d9:27:38:8d:b2:
07:d9:5a:51:ba:1b:c8:e6:96:ab:3d:9a:8e:d4:c2:
46:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:14:83:E5:B1:3D:D2:BC:35:56:41:6E:40:67:3A:79:3B:B7:58:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.16.0/22
Signature Algorithm: sha256WithRSAEncryption
80:3e:64:77:e0:e8:23:cc:ce:a4:63:91:80:f5:a6:fb:fe:c9:
c4:f2:55:68:d6:89:bc:9e:5a:30:40:d5:50:8f:16:46:a1:35:
d3:7f:09:95:56:7c:c0:c0:c4:f4:5a:5e:ac:0f:b1:08:4d:54:
d3:eb:03:e9:cb:2b:1d:ce:ec:28:cd:19:56:c4:bd:e6:57:6b:
f1:2a:50:a8:a2:7d:71:c2:95:dd:c2:b4:31:05:e5:b6:cd:a8:
de:c8:aa:a3:db:cf:17:6b:f8:a2:99:77:a8:12:98:c5:ce:c3:
10:b0:38:e7:5d:d9:15:50:82:75:f0:da:c3:85:cd:15:89:6c:
f7:14:88:70:8f:b2:b4:50:db:6c:97:ab:53:25:52:2f:2b:c3:
85:6f:70:63:34:b8:5a:26:1e:83:f8:7e:3f:6e:e8:6a:e4:37:
0c:6f:7d:3f:40:16:c5:dc:f4:ce:38:8d:27:54:12:af:51:31:
87:c7:01:2b:b9:aa:fe:f6:1d:ac:6f:63:36:c5:d6:a1:37:6b:
18:5b:5f:3e:ed:35:8b:f0:ac:60:61:05:e8:0a:fb:e0:6b:41:
f2:06:55:e6:36:3f:06:71:47:1c:06:16:97:b1:38:15:cb:3e:
88:27:b7:5e:60:5f:88:f5:bf:3e:6f:f3:20:22:3e:a1:ff:0c:
da:d0:7f:01
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURgEDjOFMwrUJzfmZwPrUMxauEDYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTAwMjFaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzNzNhMmQ1OWRhMjJmNGEwNjUyNjliYmY5NzYxYjBiNzljZjA5NWVmYzQ4
ZTY3ZjQ4ZWVmOTEwYzg2MzQyNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmwzQaaSf0hAuGTtoJNLeujcN6xD890UkQqhxwinN3r8zG53Viop97Ax1wx
xm2vsvrJFuR5sgQymJ76NTVrp/LS/bJjSxZopjBZNt4YQkxgZoqrxLyROQmiyr3V
y6MQ6XkVyzj9NGwlEU6DU3r1WEcjzwNlpabGoDXZnlLxlBn8IQtjS17fTQxzdU7R
Xzx6R2XbFoukbIYZXtGJdduva1pDZwWrRLoQF+kVy5MmpHgTvlKqFxRNlCcbNqIS
HB7NgG0GUlWBZh43XibnbA+F87VPW34g0LfZs3M+dU7/YHNk/mEzr8xKAt1nV9kn
OI2yB9laUbobyOaWqz2ajtTCRjUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSAFIPl
sT3SvDVWQW5AZzp5O7dYAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk1ZDRmOGQtMGJjZC00YjMwLTlkYmUtNDJiY2RiZWIwNDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiEDAN
BgkqhkiG9w0BAQsFAAOCAQEAgD5kd+DoI8zOpGORgPWm+/7JxPJVaNaJvJ5aMEDV
UI8WRqE1038JlVZ8wMDE9FperA+xCE1U0+sD6csrHc7sKM0ZVsS95ldr8SpQqKJ9
ccKV3cK0MQXlts2o3siqo9vPF2v4opl3qBKYxc7DELA4513ZFVCCdfDaw4XNFYls
9xSIcI+ytFDbbJerUyVSLyvDhW9wYzS4WiYeg/h+P27oauQ3DG99P0AWxdz0zjiN
J1QSr1Exh8cBK7mq/vYdrG9jNsXWoTdrGFtfPu01i/CsYGEF6Ar74GtB8gZV5jY/
BnFHHAYWl7E4Fcs+iCe3XmBfiPW/Pm/zICI+of8M2tB/AQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:55:26 2025 by rpki-client