Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
File: eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa (raw, json)
Hash identifier: abBQ97QQAYfOai8OaySrv5jjGHF7lvv4hQCPQUKBTrc=
Subject key identifier: 59:32:1C:BF:CA:E6:CF:FE:80:DE:3C:56:63:73:77:E0:50:E8:EB:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3067A5A74B774200D314C44C8E2CADB42B1A3D67
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
Signing time: Fri 22 Aug 2025 15:00:22 +0000
ROA not before: Fri 22 Aug 2025 15:00:22 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:67:a5:a7:4b:77:42:00:d3:14:c4:4c:8e:2c:ad:b4:2b:1a:3d:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:00:22 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=9be87521f42ca234b0043a943a04bc2e4872be1f00e120a76bcc2594600bcc25, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e7:b8:3c:9b:93:90:5b:e4:ea:ef:11:58:87:
f4:4a:95:4b:30:6d:a1:8c:1b:eb:31:ee:b8:0f:c1:
66:f4:de:34:63:49:4b:6b:7d:d3:83:20:be:ac:63:
64:47:1f:9f:82:1d:02:99:84:b4:51:8c:78:49:01:
50:ea:c9:fd:bd:32:16:1d:c6:41:87:15:71:00:d7:
94:82:e7:ca:10:a0:2a:86:f2:9d:07:a3:da:9f:58:
c4:25:75:69:61:5c:4a:6b:e9:9a:f8:b3:93:ff:4b:
59:01:92:1d:7a:54:43:16:9a:fb:b2:58:ca:32:b3:
51:b6:34:34:8e:bf:68:dc:99:de:a9:98:7d:f4:43:
a5:49:5c:ec:9d:46:c4:db:f1:23:88:a8:91:0f:95:
ae:91:28:67:eb:b3:72:ad:8e:c1:c5:a3:76:bb:a0:
60:93:bc:bb:84:f3:00:aa:d4:ee:f3:4b:38:3b:48:
f8:db:ef:99:28:09:c0:af:e3:df:73:b4:a6:f2:fb:
e1:e1:ac:22:39:6a:01:ea:7a:4d:fc:b6:18:ae:39:
70:c9:a9:e2:d0:8e:fc:f9:bb:ea:10:f7:76:34:ee:
8b:16:e7:5f:9a:22:df:e4:ca:29:90:de:9e:95:25:
60:d5:79:eb:52:a8:9b:08:f4:94:19:37:9f:89:87:
d9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:32:1C:BF:CA:E6:CF:FE:80:DE:3C:56:63:73:77:E0:50:E8:EB:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b0:c5:f2:73:ce:ab:73:d3:b6:77:49:82:0f:38:07:2c:7b:92:
7b:47:0e:6e:cc:d1:01:cf:1f:ff:c7:0a:72:12:89:ad:e7:67:
56:65:ca:39:e4:72:a1:ad:6c:b0:d6:b5:a0:95:7f:c6:6b:40:
4f:aa:87:a6:de:7e:45:ac:1c:fe:d7:0e:a3:d8:fe:89:d8:32:
7d:8b:55:2d:30:df:c7:61:61:71:ba:8b:a3:22:f4:4d:8f:5d:
09:0c:b3:c5:3c:16:0b:87:47:01:bf:e7:84:7a:da:9e:65:97:
99:0c:28:27:59:59:ce:7b:84:43:6e:e3:dd:35:ee:b8:35:95:
df:83:fe:ef:0b:6e:f0:77:4c:d6:ee:94:a4:bb:39:b5:86:52:
0b:be:91:e8:41:66:c7:d1:98:fd:ce:21:11:8b:96:91:ee:98:
15:19:e9:bf:eb:9b:5a:f6:84:80:82:16:b1:42:92:1c:b2:97:
93:fc:3e:6d:72:73:21:d6:44:f3:7d:3f:2a:fa:8f:61:43:04:
3f:78:12:76:7e:8f:1c:13:42:f0:ff:a9:1e:4d:14:cd:17:48:
03:ac:a8:c8:3f:51:e5:98:43:fe:e0:d9:47:3f:9a:4c:1e:c6:
a6:0e:17:6c:15:e7:82:9a:14:57:4a:f1:35:90:bb:7a:b3:39:
87:b8:cc:fa
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMGelp0t3QgDTFMRMjiyttCsaPWcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTAwMjJaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDliZTg3NTIxZjQyY2EyMzRiMDA0M2E5NDNhMDRiYzJlNDg3MmJlMWYwMGUx
MjBhNzZiY2MyNTk0NjAwYmNjMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3nuDybk5Bb5OrvEViH9EqVSzBtoYwb6zHuuA/BZvTeNGNJS2t904Mgvqxj
ZEcfn4IdApmEtFGMeEkBUOrJ/b0yFh3GQYcVcQDXlILnyhCgKobynQej2p9YxCV1
aWFcSmvpmvizk/9LWQGSHXpUQxaa+7JYyjKzUbY0NI6/aNyZ3qmYffRDpUlc7J1G
xNvxI4iokQ+VrpEoZ+uzcq2OwcWjdrugYJO8u4TzAKrU7vNLODtI+NvvmSgJwK/j
33O0pvL74eGsIjlqAep6Tfy2GK45cMmp4tCO/Pm76hD3djTuixbnX5oi3+TKKZDe
npUlYNV561Komwj0lBk3n4mH2RcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRZMhy/
yubP/oDePFZjc3fgUOjrIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWFiOGJhNjItNTkzNC00YzliLTliZDktMTBmZGQyNDk0NjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAsMXyc86rc9O2d0mCDzgHLHuSe0cObszRAc8f/8cK
chKJrednVmXKOeRyoa1ssNa1oJV/xmtAT6qHpt5+Rawc/tcOo9j+idgyfYtVLTDf
x2FhcbqLoyL0TY9dCQyzxTwWC4dHAb/nhHranmWXmQwoJ1lZznuEQ27j3TXuuDWV
34P+7wtu8HdM1u6UpLs5tYZSC76R6EFmx9GY/c4hEYuWke6YFRnpv+ubWvaEgIIW
sUKSHLKXk/w+bXJzIdZE830/KvqPYUMEP3gSdn6PHBNC8P+pHk0UzRdIA6yoyD9R
5ZhD/uDZRz+aTB7Gpg4XbBXngpoUV0rxNZC7erM5h7jM+g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:00:03 2025 by rpki-client