Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa
File: aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa (raw, json)
Hash identifier: miCKO2GChqlFkFdWod7agDNbgo588UVfwiVaqsBghBU=
Subject key identifier: 8C:61:12:E3:DB:6D:00:8A:5A:59:62:FF:45:C7:92:FE:29:03:46:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FE35EB3C6D886D4E04AF04B354BA8E5BB0B91E7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa
Signing time: Fri 22 Aug 2025 15:10:36 +0000
ROA not before: Fri 22 Aug 2025 15:10:36 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.144.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:e3:5e:b3:c6:d8:86:d4:e0:4a:f0:4b:35:4b:a8:e5:bb:0b:91:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:36 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=8e5ecd6e8a304ff782f27ced3e3f8054d0c977cf6fecf256efc86de18e9fb316, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:64:05:15:15:09:4c:95:31:f9:0b:1a:89:fe:
e9:cb:4b:a9:b9:85:d1:bd:54:d1:d5:36:7b:8a:a4:
1b:4c:6d:88:2b:67:b6:49:eb:fc:9e:89:0e:8f:7c:
be:6d:d5:83:1f:1f:38:dc:c3:9c:97:db:24:ca:cf:
0b:4b:b5:71:a0:44:4b:94:04:5b:ec:cd:bf:6d:3c:
08:40:ab:a7:ee:b9:e5:a9:19:00:96:e2:6b:cd:59:
b6:92:8c:7f:74:d7:44:63:85:d7:82:c9:50:69:cd:
5b:b8:cb:05:b0:72:3f:bb:3c:f8:2b:19:94:eb:6f:
b5:b2:98:b1:ac:2a:0c:2b:d0:d7:c8:d6:bc:4e:9b:
3c:49:f3:7a:f2:ba:d1:4b:26:9a:3b:4e:83:f0:7a:
17:2a:d6:5f:57:ba:e1:f7:c7:3f:2e:ab:39:46:77:
4f:ef:6f:f4:c5:1a:b4:67:5b:ab:6e:3e:cf:2c:42:
ea:fc:d5:fc:dd:2f:63:bd:f0:8f:5d:6b:56:71:3d:
2c:40:6f:6a:cc:61:63:76:48:dd:ee:8a:67:77:6a:
4e:6e:49:58:43:71:b8:a8:48:43:b7:0e:95:f1:db:
b9:03:3c:4b:c4:67:6f:10:f1:6e:20:1d:6b:4c:e5:
20:fc:ef:9b:59:ba:d6:94:94:f1:94:ff:37:9d:08:
09:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:61:12:E3:DB:6D:00:8A:5A:59:62:FF:45:C7:92:FE:29:03:46:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.144.0/20
Signature Algorithm: sha256WithRSAEncryption
75:16:cc:4b:bc:ef:64:05:28:37:b3:c8:71:97:f3:f8:d8:d0:
59:4f:81:06:d9:43:4b:ce:6d:c4:4f:10:ef:66:49:71:14:c0:
04:44:01:8a:f4:a3:4f:42:2c:dd:94:90:8a:75:28:df:3f:55:
38:a2:33:73:35:e5:80:ff:1a:f0:25:23:17:e8:8d:a7:d2:17:
46:c5:ff:d3:85:c1:78:f1:cb:8c:fb:f7:a2:fe:dd:17:12:41:
71:12:22:4b:e8:bd:2b:ee:f2:92:1e:42:c7:74:ac:01:a1:5c:
ee:11:6f:fa:90:42:a4:d2:91:8b:e6:f7:a5:60:23:8b:a5:f8:
d7:55:4f:ee:37:b1:7d:4a:bf:77:07:fb:83:d5:ee:d0:76:b7:
af:75:62:8e:68:89:06:b5:16:a4:b8:89:9c:6a:f7:97:ef:80:
3b:2f:03:02:cf:91:2f:17:1e:2d:f6:97:2b:fb:08:c2:2d:8d:
7c:b5:64:8f:17:93:3f:e5:0a:de:0c:d1:a0:92:f6:30:90:c6:
fc:98:a6:52:2b:77:8c:d8:37:39:4e:26:ad:d1:39:55:48:02:
71:9a:cb:bc:21:6f:ec:a9:04:5e:79:d4:72:e4:61:e4:70:74:
4d:63:cc:6b:78:29:2d:92:f4:ea:b9:d8:ba:85:7a:3c:a0:ca:
08:3d:35:60
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUX+Nes8bYhtTgSvBLNUuo5bsLkecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMzZaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlNWVjZDZlOGEzMDRmZjc4MmYyN2NlZDNlM2Y4MDU0ZDBjOTc3Y2Y2ZmVj
ZjI1NmVmYzg2ZGUxOGU5ZmIzMTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlkBRUVCUyVMfkLGon+6ctLqbmF0b1U0dU2e4qkG0xtiCtntknr/J6JDo98
vm3Vgx8fONzDnJfbJMrPC0u1caBES5QEW+zNv208CECrp+655akZAJbia81ZtpKM
f3TXRGOF14LJUGnNW7jLBbByP7s8+CsZlOtvtbKYsawqDCvQ18jWvE6bPEnzevK6
0UsmmjtOg/B6FyrWX1e64ffHPy6rOUZ3T+9v9MUatGdbq24+zyxC6vzV/N0vY73w
j11rVnE9LEBvasxhY3ZI3e6KZ3dqTm5JWENxuKhIQ7cOlfHbuQM8S8RnbxDxbiAd
a0zlIPzvm1m61pSU8ZT/N50ICUECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSMYRLj
220AilpZYv9Fx5L+KQNG4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWE3OWJiMTgtYjc0ZC00Y2MzLWJhMDUtMjBhZjBmOTQzNWIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAikDAN
BgkqhkiG9w0BAQsFAAOCAQEAdRbMS7zvZAUoN7PIcZfz+NjQWU+BBtlDS85txE8Q
72ZJcRTABEQBivSjT0Is3ZSQinUo3z9VOKIzczXlgP8a8CUjF+iNp9IXRsX/04XB
ePHLjPv3ov7dFxJBcRIiS+i9K+7ykh5Cx3SsAaFc7hFv+pBCpNKRi+b3pWAji6X4
11VP7jexfUq/dwf7g9Xu0Ha3r3VijmiJBrUWpLiJnGr3l++AOy8DAs+RLxceLfaX
K/sIwi2NfLVkjxeTP+UK3gzRoJL2MJDG/JimUit3jNg3OU4mrdE5VUgCcZrLvCFv
7KkEXnnUcuRh5HB0TWPMa3gpLZL06rnYuoV6PKDKCD01YA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:55:22 2025 by rpki-client