Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c4d2d14-aa0a-456e-90f4-bdfa21e668f8.roa
File: 1c4d2d14-aa0a-456e-90f4-bdfa21e668f8.roa (raw, json)
Hash identifier: PFVX+ZqlP+AppAqgpRm7seB+TAQnDiwLCu2tWie4oy8=
Subject key identifier: 6A:D2:B9:90:91:61:B9:47:5B:B0:33:03:C5:58:78:0E:BE:72:04:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D4A1381399F02315F05A0A732E7611728E03CA7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c4d2d14-aa0a-456e-90f4-bdfa21e668f8.roa
Signing time: Fri 06 Jun 2025 15:00:48 +0000
ROA not before: Fri 06 Jun 2025 15:00:48 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:4a:13:81:39:9f:02:31:5f:05:a0:a7:32:e7:61:17:28:e0:3c:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:48 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=f8ba62f0499d161bf2c78761d0c2d4a9159c1076963d5f9a5b2770ccbd737592, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:99:27:a0:0d:24:b2:7e:e3:3d:28:64:45:97:
91:a1:00:8b:98:14:56:91:58:e0:34:40:50:9b:dd:
5d:b4:b4:c4:aa:35:09:9e:0a:e6:98:81:fe:0b:f3:
67:85:51:71:99:56:1e:fe:3d:5f:ad:eb:26:a5:bc:
3e:e3:43:0e:fe:51:a2:31:73:ed:c3:b0:fa:01:25:
1b:57:cd:60:ce:15:2a:30:02:ff:d1:7b:25:8d:f7:
db:bd:cb:a3:16:6c:74:80:84:fc:77:13:7c:1c:a6:
76:c1:bf:1f:10:f8:a3:e0:50:c0:5b:d0:d8:92:eb:
8d:dc:61:68:ab:e4:11:b6:89:3f:6d:0b:99:89:cf:
06:62:22:dd:aa:06:b0:52:41:79:00:38:fc:a0:bc:
09:1f:2b:3e:db:1c:c1:f3:da:5c:ad:87:94:66:97:
86:d3:41:a2:99:0f:23:33:69:30:a0:52:b6:c4:a0:
7b:d4:ef:b8:af:8d:37:2a:5a:fe:f3:58:30:ab:1c:
7f:50:38:af:c2:5a:f9:ee:58:d5:d7:88:4e:d2:4a:
29:de:a0:12:9d:c7:1e:8f:26:27:69:d8:3a:11:21:
c1:ec:2f:9e:14:a9:fb:c3:fe:9b:85:14:e3:42:22:
18:5e:50:3b:f8:08:6d:e4:31:6e:76:b8:0f:e5:01:
1d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D2:B9:90:91:61:B9:47:5B:B0:33:03:C5:58:78:0E:BE:72:04:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c4d2d14-aa0a-456e-90f4-bdfa21e668f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/17
Signature Algorithm: sha256WithRSAEncryption
b4:9f:a5:5e:2c:cd:44:9a:42:d0:73:ac:a3:80:fa:e8:dc:8e:
c7:66:51:be:7f:5a:a0:00:2b:d6:5b:ea:fc:dc:84:6d:1b:fe:
32:27:8e:7e:8c:2d:a3:6e:b5:72:01:a7:a3:c9:db:c4:42:40:
45:26:b5:e9:11:4e:2e:33:8d:20:0b:37:eb:53:b4:4e:6f:34:
49:a4:ac:39:ec:18:2f:ba:e0:6e:e8:7c:ae:2d:db:b5:fb:7b:
0a:8b:07:a9:9e:2a:13:b8:d4:a7:16:44:93:21:64:fc:a0:5f:
3b:c4:c8:ea:97:15:0f:fd:f4:e1:48:1a:fc:e8:40:2b:5b:94:
09:b6:91:45:b3:4d:7c:39:8a:47:af:5f:c3:f5:9c:35:38:a4:
b9:df:19:f0:7f:6d:05:da:c2:34:fa:26:e0:c4:0c:d6:a1:e9:
37:bc:c8:b9:74:d0:51:59:4c:d7:02:2d:d7:14:9f:51:12:9c:
e4:97:98:8b:c9:c9:a6:5b:ff:d7:4f:1c:0e:75:71:f7:8f:b5:
40:21:28:98:0c:c0:eb:b6:8a:7a:2f:6d:6e:a3:d7:7c:76:9a:
00:14:08:1d:2a:d1:49:66:b8:3b:9c:93:80:06:37:ae:e2:45:
81:83:5b:d3:12:f7:68:16:52:a1:2a:ba:06:6c:3e:73:b9:44:
de:12:3e:fe
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPUoTgTmfAjFfBaCnMudhFyjgPKcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwNDhaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4YmE2MmYwNDk5ZDE2MWJmMmM3ODc2MWQwYzJkNGE5MTU5YzEwNzY5NjNk
NWY5YTViMjc3MGNjYmQ3Mzc1OTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO2ZJ6ANJLJ+4z0oZEWXkaEAi5gUVpFY4DRAUJvdXbS0xKo1CZ4K5piB/gvz
Z4VRcZlWHv49X63rJqW8PuNDDv5RojFz7cOw+gElG1fNYM4VKjAC/9F7JY33273L
oxZsdICE/HcTfBymdsG/HxD4o+BQwFvQ2JLrjdxhaKvkEbaJP20LmYnPBmIi3aoG
sFJBeQA4/KC8CR8rPtscwfPaXK2HlGaXhtNBopkPIzNpMKBStsSge9TvuK+NNypa
/vNYMKscf1A4r8Ja+e5Y1deITtJKKd6gEp3HHo8mJ2nYOhEhwewvnhSp+8P+m4UU
40IiGF5QO/gIbeQxbna4D+UBHWsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRq0rmQ
kWG5R1uwMwPFWHgOvnIElDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWM0ZDJkMTQtYWEwYS00NTZlLTkwZjQtYmRmYTIxZTY2OGY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB7AigDAN
BgkqhkiG9w0BAQsFAAOCAQEAtJ+lXizNRJpC0HOso4D66NyOx2ZRvn9aoAAr1lvq
/NyEbRv+MieOfowto261cgGno8nbxEJARSa16RFOLjONIAs361O0Tm80SaSsOewY
L7rgbuh8ri3btft7CosHqZ4qE7jUpxZEkyFk/KBfO8TI6pcVD/304Uga/OhAK1uU
CbaRRbNNfDmKR69fw/WcNTikud8Z8H9tBdrCNPom4MQM1qHpN7zIuXTQUVlM1wIt
1xSfURKc5JeYi8nJplv/108cDnVx94+1QCEomAzA67aKei9tbqPXfHaaABQIHSrR
SWa4O5yTgAY3ruJFgYNb0xL3aBZSoSq6Bmw+c7lE3hI+/g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:15 2025 by rpki-client