Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
File: b2048b1c-363b-4b59-9d56-dc72187194a3.roa (raw, json)
Hash identifier: Vc3rgjn4Y2JrxksyvCnw1B6/fQJtUO/fyAYmgrHjt1c=
Subject key identifier: DD:2B:40:D0:B6:8B:09:18:16:87:0D:7B:BF:E5:9F:3D:D3:DA:9F:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50E6241B8F99A8B69CF75187F706778EC4905834
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
Signing time: Fri 22 Aug 2025 15:00:24 +0000
ROA not before: Fri 22 Aug 2025 15:00:24 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:e6:24:1b:8f:99:a8:b6:9c:f7:51:87:f7:06:77:8e:c4:90:58:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:00:24 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=16aca1aee770f84358d638da9672fcf52555f825b7c95da6e73244f6155600fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:54:4f:6f:76:8a:73:b6:84:aa:1f:6e:9d:5e:
da:31:cf:29:21:36:78:73:ef:a0:06:a7:62:48:53:
4c:ab:8c:13:a1:00:d0:a6:04:ed:fa:0c:62:76:b9:
67:9b:a7:ca:8b:63:47:d0:cc:39:e8:bb:24:02:e7:
e5:c0:98:79:c9:49:69:ca:76:20:06:92:af:3d:42:
ae:cb:2d:11:90:2c:36:b9:a6:57:ff:44:87:69:98:
c0:de:bc:53:86:95:6f:5a:f4:ad:7d:ed:d3:96:2c:
db:4a:2f:13:e3:f1:6a:59:21:f2:ef:07:7d:6c:0b:
72:70:35:b3:87:7a:05:37:76:9b:9b:8a:57:52:f7:
74:29:fb:fd:f2:e1:01:bc:80:e8:4e:e0:69:a8:0a:
0c:c8:0d:fd:f1:f3:f0:40:3c:87:e3:6c:3a:df:ba:
73:9a:61:e0:9e:28:c6:b3:f8:f1:18:e7:5a:67:a5:
fd:18:8c:f2:84:78:48:85:d4:01:85:1c:bf:66:c7:
e3:1d:da:0d:e4:18:94:de:a6:64:88:82:a2:0c:92:
fa:e1:eb:85:e8:9a:41:ff:46:2c:44:ce:4a:97:6c:
3b:77:3d:b3:63:c1:09:61:14:52:35:7e:72:13:cd:
4f:a0:81:c2:d1:8d:e6:23:2b:22:72:17:73:a3:8b:
10:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2B:40:D0:B6:8B:09:18:16:87:0D:7B:BF:E5:9F:3D:D3:DA:9F:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.20.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:e6:30:63:21:24:be:ee:77:87:ce:42:f7:9c:42:93:35:21:
f2:e8:7a:6a:33:5c:cb:07:a4:30:2c:7e:10:f6:24:a4:b9:ab:
3a:36:07:dc:2e:0a:fe:e7:c5:21:85:23:f6:45:c3:51:e2:77:
9c:b5:ab:76:a7:77:2e:92:d3:fe:67:f7:2d:a2:ab:d1:4c:42:
2d:f0:1f:c1:08:4f:41:77:d3:55:59:d7:4a:da:35:3b:2b:b4:
58:90:ef:cc:45:67:5b:07:04:4b:b6:49:0d:5c:f8:33:93:fd:
24:99:ad:70:bf:fc:af:15:bb:fe:e0:ba:45:8a:39:33:ca:24:
b7:44:9d:a5:76:bf:b1:1b:87:1a:aa:ca:bf:fe:3a:29:d9:92:
49:c7:9c:73:df:ac:f7:a2:ec:22:99:0f:20:38:1a:42:07:37:
1b:d6:9a:9a:9f:83:4e:79:13:d0:08:68:a2:52:39:07:96:ee:
f0:58:71:cc:57:54:ed:d0:e8:66:c1:83:a6:82:3d:59:7b:9c:
d1:d9:8b:9d:b9:88:e3:67:b6:5e:5e:be:3e:56:ca:0b:fe:bf:
c6:16:66:45:db:cd:a7:b4:77:86:7c:30:78:b2:fe:c1:98:38:
2d:ae:d7:37:8a:6c:43:af:0e:a7:6f:89:aa:9f:3e:96:85:19:
ed:11:6e:63
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUOYkG4+ZqLac91GH9wZ3jsSQWDQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTAwMjRaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2YWNhMWFlZTc3MGY4NDM1OGQ2MzhkYTk2NzJmY2Y1MjU1NWY4MjViN2M5
NWRhNmU3MzI0NGY2MTU1NjAwZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9UT292inO2hKofbp1e2jHPKSE2eHPvoAanYkhTTKuME6EA0KYE7foMYna5
Z5unyotjR9DMOei7JALn5cCYeclJacp2IAaSrz1CrsstEZAsNrmmV/9Eh2mYwN68
U4aVb1r0rX3t05Ys20ovE+Pxalkh8u8HfWwLcnA1s4d6BTd2m5uKV1L3dCn7/fLh
AbyA6E7gaagKDMgN/fHz8EA8h+NsOt+6c5ph4J4oxrP48RjnWmel/RiM8oR4SIXU
AYUcv2bH4x3aDeQYlN6mZIiCogyS+uHrheiaQf9GLETOSpdsO3c9s2PBCWEUUjV+
chPNT6CBwtGN5iMrInIXc6OLEC0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTdK0DQ
tosJGBaHDXu/5Z8909qfbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjIwNDhiMWMtMzYzYi00YjU5LTlkNTYtZGM3MjE4NzE5NGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiFDAN
BgkqhkiG9w0BAQsFAAOCAQEAGuYwYyEkvu53h85C95xCkzUh8uh6ajNcywekMCx+
EPYkpLmrOjYH3C4K/ufFIYUj9kXDUeJ3nLWrdqd3LpLT/mf3LaKr0UxCLfAfwQhP
QXfTVVnXSto1Oyu0WJDvzEVnWwcES7ZJDVz4M5P9JJmtcL/8rxW7/uC6RYo5M8ok
t0SdpXa/sRuHGqrKv/46KdmSScecc9+s96LsIpkPIDgaQgc3G9aamp+DTnkT0Aho
olI5B5bu8FhxzFdU7dDoZsGDpoI9WXuc0dmLnbmI42e2Xl6+PlbKC/6/xhZmRdvN
p7R3hnwweLL+wZg4La7XN4psQ68Op2+Jqp8+loUZ7RFuYw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:19 2025 by rpki-client