Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
File: e00516db-a674-4a02-8de9-e0ad569ecc6f.roa (raw, json)
Hash identifier: hdKEmT8ML+4+enLz8vsuMLimJzydsthTNm9ey7BZWhU=
Subject key identifier: 0D:B4:19:4A:41:8B:2B:0D:B4:BB:B9:2E:C5:5C:E9:F5:0D:1B:F5:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05020EB10FC410772718A26D36B96D99E844A492
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
Signing time: Fri 22 Aug 2025 15:10:35 +0000
ROA not before: Fri 22 Aug 2025 15:10:35 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:02:0e:b1:0f:c4:10:77:27:18:a2:6d:36:b9:6d:99:e8:44:a4:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:35 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=33a1f506eca91b01f3695315c0888fec47a6a2e55055d769b4a26dcd50e0098a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2f:aa:26:d7:f6:73:01:c2:8f:4d:ff:57:eb:
57:a4:18:1a:84:1f:31:05:20:25:02:94:80:78:d6:
11:15:79:c8:11:8e:f5:c5:48:8b:8d:f0:7b:0d:cb:
0d:2d:4d:0e:94:eb:ab:61:58:fc:d1:dd:59:92:d9:
69:65:22:54:00:98:35:b3:e6:8d:7f:f3:11:ca:a7:
5f:54:08:43:f9:c5:f3:7d:b1:cb:99:df:42:c6:0d:
14:cf:95:2f:12:5e:4e:6f:0a:c9:16:d5:bb:22:7c:
ab:fa:fc:b9:23:be:a9:13:ed:28:74:01:b1:65:31:
86:fd:61:e4:23:00:3d:30:18:fa:40:bb:c1:5d:9c:
1e:b2:50:be:cc:37:73:45:88:38:4b:b7:cd:8a:df:
b7:d3:e9:06:50:22:02:f5:27:33:52:8a:41:14:c4:
64:25:1c:0e:43:41:2f:6c:68:a4:71:12:a7:ae:32:
fe:8c:8a:7a:87:e2:95:f5:1d:11:41:62:39:3d:09:
5b:52:fa:23:1f:4b:62:53:27:f9:e7:a5:0d:a2:43:
b7:d1:29:01:1f:60:b3:1f:7f:26:1f:dc:3d:52:69:
71:44:18:cf:74:04:2c:bd:89:79:b7:57:a8:0a:a5:
cb:10:1d:bb:88:ed:4d:17:ec:2f:07:dc:87:9a:0a:
73:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B4:19:4A:41:8B:2B:0D:B4:BB:B9:2E:C5:5C:E9:F5:0D:1B:F5:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.176.0/20
Signature Algorithm: sha256WithRSAEncryption
7f:ba:f5:6a:a3:c6:c5:06:f1:0d:b6:53:50:91:ec:18:c0:57:
9d:3d:70:d2:43:ba:b6:f7:55:28:dd:11:50:1a:ef:b5:b0:2f:
3a:12:da:9a:58:bd:f8:fc:eb:c6:04:cd:e3:b1:d7:07:ee:1d:
e3:1d:53:cb:d7:83:da:35:05:ca:2f:dd:ec:c6:1b:39:c6:ae:
3a:9c:2f:c9:de:3a:67:62:e2:a4:0d:b9:1b:bc:27:e1:83:c4:
f7:09:fc:66:0c:95:2c:6c:6d:c4:ae:58:3a:e6:7d:1d:87:4b:
b4:5a:45:f7:e5:04:59:3c:57:29:5f:25:64:4c:35:e7:5a:43:
8b:9f:13:4b:c7:c3:d4:5c:bb:ce:e6:07:4b:c0:1d:c6:8e:5c:
57:44:36:94:07:5d:2f:31:b3:a0:0e:e5:da:d0:a2:eb:75:e9:
c7:1d:26:54:30:74:8f:45:9a:f9:b1:74:35:a9:3a:ee:fd:1e:
e2:24:e9:9c:51:21:e8:72:a1:6e:13:af:1f:1a:f3:6c:ab:3c:
d3:ff:8d:75:99:21:05:86:05:c1:02:b3:eb:2c:5a:d5:4d:be:
40:74:c5:86:b3:7d:a8:a7:09:90:9d:53:10:97:95:f7:36:c6:
be:4a:a2:a0:9b:e8:95:e8:d8:4a:ea:23:f7:f3:19:04:b3:c9:
e7:ad:e6:b0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBQIOsQ/EEHcnGKJtNrltmehEpJIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMzVaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzYTFmNTA2ZWNhOTFiMDFmMzY5NTMxNWMwODg4ZmVjNDdhNmEyZTU1MDU1
ZDc2OWI0YTI2ZGNkNTBlMDA5OGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4vqibX9nMBwo9N/1frV6QYGoQfMQUgJQKUgHjWERV5yBGO9cVIi43wew3L
DS1NDpTrq2FY/NHdWZLZaWUiVACYNbPmjX/zEcqnX1QIQ/nF832xy5nfQsYNFM+V
LxJeTm8KyRbVuyJ8q/r8uSO+qRPtKHQBsWUxhv1h5CMAPTAY+kC7wV2cHrJQvsw3
c0WIOEu3zYrft9PpBlAiAvUnM1KKQRTEZCUcDkNBL2xopHESp64y/oyKeofilfUd
EUFiOT0JW1L6Ix9LYlMn+eelDaJDt9EpAR9gsx9/Jh/cPVJpcUQYz3QELL2JebdX
qAqlyxAdu4jtTRfsLwfch5oKc4UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQNtBlK
QYsrDbS7uS7FXOn1DRv19jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTAwNTE2ZGItYTY3NC00YTAyLThkZTktZTBhZDU2OWVjYzZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAisDAN
BgkqhkiG9w0BAQsFAAOCAQEAf7r1aqPGxQbxDbZTUJHsGMBXnT1w0kO6tvdVKN0R
UBrvtbAvOhLamli9+PzrxgTN47HXB+4d4x1Ty9eD2jUFyi/d7MYbOcauOpwvyd46
Z2LipA25G7wn4YPE9wn8ZgyVLGxtxK5YOuZ9HYdLtFpF9+UEWTxXKV8lZEw151pD
i58TS8fD1Fy7zuYHS8Adxo5cV0Q2lAddLzGzoA7l2tCi63Xpxx0mVDB0j0Wa+bF0
Nak67v0e4iTpnFEh6HKhbhOvHxrzbKs80/+NdZkhBYYFwQKz6yxa1U2+QHTFhrN9
qKcJkJ1TEJeV9zbGvkqioJvolejYSuoj9/MZBLPJ563msA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:09 2025 by rpki-client