Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
File: c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa (raw, json)
Hash identifier: x89CmtV/txcgUaB7GJb36COq1T2towTc06Mq4i4fNpM=
Subject key identifier: 2D:FE:FE:60:C4:A7:3B:1E:59:6D:E2:07:B1:09:04:3E:1B:43:2B:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CFF522B5651191C156337EE179E60157D4F1A6A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
Signing time: Fri 22 Aug 2025 15:00:28 +0000
ROA not before: Fri 22 Aug 2025 15:00:28 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:ff:52:2b:56:51:19:1c:15:63:37:ee:17:9e:60:15:7d:4f:1a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:00:28 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=03ef23815aaf4bc7b37fea019fa3108f99986cb7eeebb09c207ec1b3c2682877, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:8f:e6:54:88:54:3d:12:9c:6d:49:7c:4a:50:
67:4a:14:1f:93:73:97:4b:9e:0f:18:c3:2d:80:fe:
8e:c5:bd:e0:8a:fd:ac:08:18:32:44:3a:f3:45:9b:
85:61:cd:40:95:36:86:0f:13:9a:4b:68:6b:0f:be:
62:ff:f1:4b:af:b9:7e:85:f1:dd:86:c8:88:bb:31:
37:b7:9d:47:ee:a6:9c:89:dd:22:bf:5c:aa:6f:cc:
3b:4b:2c:e1:f7:98:88:a8:d0:b3:e3:19:b4:6f:ee:
d1:71:47:72:80:c6:04:ec:3b:84:fa:b4:1e:c9:1f:
af:07:a9:73:90:c2:f8:8f:1c:4e:d6:07:14:05:b5:
68:8f:54:e1:39:4d:0b:be:33:e8:d3:5a:d4:20:b8:
61:6d:1f:9b:e9:e8:01:ee:dd:44:d3:76:dd:46:76:
fb:52:f2:49:a0:24:29:08:02:35:a6:92:11:d6:5e:
63:97:7d:83:db:48:41:26:bd:d3:a4:bc:f7:90:e7:
b2:67:a7:41:eb:f2:22:f5:47:7a:f1:c8:fd:26:c6:
a6:e1:aa:98:6b:3c:85:93:f0:1d:2a:6a:35:0f:9e:
13:1e:25:8b:4b:e2:06:4c:70:12:18:ad:ed:77:16:
8e:6c:24:db:34:d2:7c:76:61:db:95:53:57:df:94:
eb:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FE:FE:60:C4:A7:3B:1E:59:6D:E2:07:B1:09:04:3E:1B:43:2B:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/20
Signature Algorithm: sha256WithRSAEncryption
4f:5b:59:82:e1:37:03:1a:21:17:23:22:f6:81:2d:3c:32:75:
e2:91:a4:4a:3f:82:23:3c:b5:a9:1d:81:3e:2d:58:19:81:e9:
f5:c8:e8:f5:1f:d0:7b:95:b4:70:7f:b1:ed:c9:00:40:da:77:
89:b8:fd:d5:87:a5:66:36:c6:e0:7c:1f:fd:ac:34:a1:14:47:
22:2c:2a:c6:6f:77:5b:19:7e:df:74:b6:e2:a9:e6:6b:c9:4d:
78:87:10:75:0a:64:4a:a4:df:fd:12:82:1f:46:61:c0:f6:f5:
8d:43:93:d6:41:59:03:2b:80:f2:b7:10:0e:f6:a8:7a:c3:f3:
c9:49:ff:a8:e1:72:b6:e7:83:81:75:0e:57:b0:86:49:7f:fe:
b5:04:20:fd:14:e9:21:64:52:c9:e5:9e:36:2d:2d:ca:30:0b:
f3:5d:f0:3c:af:2c:ae:66:46:bd:ca:82:51:2f:3c:7f:1d:fb:
02:f0:6d:f0:6b:9a:d2:48:94:ab:ad:8c:d4:20:6a:76:67:9b:
a7:95:38:d3:99:b2:70:e1:e4:85:19:db:94:9a:3d:f3:87:de:
ca:a9:57:cc:88:85:a8:ba:87:ca:3d:62:27:e9:51:8a:95:96:
7f:0e:52:25:b7:7a:7a:f7:7a:7c:cb:36:5f:0e:ac:45:f9:25:
53:bd:60:97
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTP9SK1ZRGRwVYzfuF55gFX1PGmowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTAwMjhaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzZWYyMzgxNWFhZjRiYzdiMzdmZWEwMTlmYTMxMDhmOTk5ODZjYjdlZWVi
YjA5YzIwN2VjMWIzYzI2ODI4NzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANyP5lSIVD0SnG1JfEpQZ0oUH5Nzl0ueDxjDLYD+jsW94Ir9rAgYMkQ680Wb
hWHNQJU2hg8Tmktoaw++Yv/xS6+5foXx3YbIiLsxN7edR+6mnIndIr9cqm/MO0ss
4feYiKjQs+MZtG/u0XFHcoDGBOw7hPq0Hskfrwepc5DC+I8cTtYHFAW1aI9U4TlN
C74z6NNa1CC4YW0fm+noAe7dRNN23UZ2+1LySaAkKQgCNaaSEdZeY5d9g9tIQSa9
06S895DnsmenQevyIvVHevHI/SbGpuGqmGs8hZPwHSpqNQ+eEx4li0viBkxwEhit
7XcWjmwk2zTSfHZh25VTV9+U628CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQt/v5g
xKc7Hllt4gexCQQ+G0Mr3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzJjZDRkZGYtOWEzOC00MjVhLTgwMjEtYzQ1ZWQ5NmM1MGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAigDAN
BgkqhkiG9w0BAQsFAAOCAQEAT1tZguE3AxohFyMi9oEtPDJ14pGkSj+CIzy1qR2B
Pi1YGYHp9cjo9R/Qe5W0cH+x7ckAQNp3ibj91YelZjbG4Hwf/aw0oRRHIiwqxm93
Wxl+33S24qnma8lNeIcQdQpkSqTf/RKCH0ZhwPb1jUOT1kFZAyuA8rcQDvaoesPz
yUn/qOFytueDgXUOV7CGSX/+tQQg/RTpIWRSyeWeNi0tyjAL813wPK8srmZGvcqC
US88fx37AvBt8Gua0kiUq62M1CBqdmebp5U405mycOHkhRnblJo984feyqlXzIiF
qLqHyj1iJ+lRipWWfw5SJbd6evd6fMs2Xw6sRfklU71glw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:22 2025 by rpki-client