Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
File: 2780ebe2-8258-4510-a848-89116418e1c7.roa (raw, json)
Hash identifier: UFtynZnb1MXt4jOLuMaNTfsY32MbmUh1Ni4vyRRcPU8=
Subject key identifier: D5:79:E6:F0:D9:7D:21:47:10:44:49:3A:33:E8:2A:3A:8B:CE:49:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F7F6D0ABCCD59A69B22483F7DFC4D49357D69B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
Signing time: Fri 06 Jun 2025 15:00:56 +0000
ROA not before: Fri 06 Jun 2025 15:00:56 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:7f:6d:0a:bc:cd:59:a6:9b:22:48:3f:7d:fc:4d:49:35:7d:69:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:56 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=24d829b84974e64dd2a256cf0b35c21c6f423b2a82a9e6a393e0c2cd7b21375e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:32:6a:84:5c:06:ba:89:bc:9e:ab:29:b0:15:
1b:4b:b5:f7:2b:b9:df:92:d2:e3:fc:34:de:e3:41:
f3:8f:9d:09:63:4b:7c:da:a1:d6:7f:86:84:6b:b6:
84:df:74:36:c8:8c:7c:f9:f3:9f:99:00:a1:53:64:
a2:42:74:ae:76:da:0b:b1:93:5a:cc:a4:68:6e:32:
0e:48:24:ec:2d:c0:af:c8:ba:51:d5:f0:f7:c0:f3:
b4:f0:e1:d2:90:3c:db:f4:ce:1e:97:8e:02:07:a9:
eb:83:45:91:74:e0:75:40:ec:f8:78:b5:13:91:8e:
31:69:d7:f2:69:85:48:8b:42:e1:e1:07:c8:d4:59:
25:bb:ae:30:b7:ef:b0:c4:54:24:55:99:6e:84:00:
25:a1:3b:83:e8:74:42:10:df:e1:d1:33:93:5c:cb:
f3:16:fd:a9:c4:de:7f:32:dd:60:80:63:d4:60:c4:
51:11:a2:0f:1f:5b:92:11:a4:96:05:4c:38:89:89:
71:6d:d3:16:74:e2:70:73:82:de:0c:76:67:f4:fc:
c3:ed:3a:45:f0:a0:af:c0:04:4f:40:ab:1a:ec:74:
3a:db:df:9f:00:08:bf:44:9b:eb:76:c1:4f:33:69:
0d:99:8e:ed:d4:0f:a9:28:ec:bc:d9:5b:c6:bc:ed:
c8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:79:E6:F0:D9:7D:21:47:10:44:49:3A:33:E8:2A:3A:8B:CE:49:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/19
Signature Algorithm: sha256WithRSAEncryption
c2:3c:b5:3f:9f:f5:d6:8f:d3:d3:69:80:4d:a7:f1:1a:ae:fe:
ab:ae:c8:9e:7d:ff:5c:52:bd:66:44:bc:af:e8:0b:d5:87:d5:
c5:43:74:1a:8f:15:b8:8e:a0:21:49:ed:da:6e:f6:6e:23:19:
e9:89:1f:42:6d:45:6a:43:17:f7:98:29:d4:6e:9b:be:d2:44:
9b:91:03:ba:a2:ef:19:8f:08:30:55:c8:52:d6:7f:6b:55:2b:
71:95:19:0c:a8:f2:9e:eb:af:69:5d:c4:71:b4:85:6d:e2:c9:
45:a6:f5:7d:49:4e:a9:31:68:6b:2f:65:44:c2:8c:0b:a7:d2:
77:a6:2d:c0:10:56:64:11:39:2d:6e:d5:ec:cd:4e:af:66:c5:
a8:f3:f3:c1:02:43:6c:ff:c6:4e:d0:8c:67:49:34:a4:96:84:
e1:5c:f4:92:6c:1f:6c:6c:b9:3b:43:34:56:b9:84:90:0e:7c:
b0:12:2a:e2:8e:d4:a3:56:34:0a:ae:65:26:cb:95:70:ac:3f:
cd:ae:fc:ab:bd:f6:0b:a3:e3:a5:c2:82:5d:f6:0c:90:69:f1:
bf:7e:32:c8:ef:a5:e6:48:b3:c8:a9:59:eb:a9:fe:a6:a9:43:
94:42:6d:dc:fd:29:ff:d1:bd:9b:0a:76:11:2c:c7:91:5e:ad:
04:90:e0:fd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP39tCrzNWaabIkg/ffxNSTV9abYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwNTZaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0ZDgyOWI4NDk3NGU2NGRkMmEyNTZjZjBiMzVjMjFjNmY0MjNiMmE4MmE5
ZTZhMzkzZTBjMmNkN2IyMTM3NWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQyaoRcBrqJvJ6rKbAVG0u19yu535LS4/w03uNB84+dCWNLfNqh1n+GhGu2
hN90NsiMfPnzn5kAoVNkokJ0rnbaC7GTWsykaG4yDkgk7C3Ar8i6UdXw98DztPDh
0pA82/TOHpeOAgep64NFkXTgdUDs+Hi1E5GOMWnX8mmFSItC4eEHyNRZJbuuMLfv
sMRUJFWZboQAJaE7g+h0QhDf4dEzk1zL8xb9qcTefzLdYIBj1GDEURGiDx9bkhGk
lgVMOImJcW3TFnTicHOC3gx2Z/T8w+06RfCgr8AET0CrGux0OtvfnwAIv0Sb63bB
TzNpDZmO7dQPqSjsvNlbxrztyPsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTVeebw
2X0hRxBESToz6Co6i85JWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4MGViZTItODI1OC00NTEwLWE4NDgtODkxMTY0MThlMWM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEAwjy1P5/11o/T02mATafxGq7+q67Inn3/XFK9ZkS8
r+gL1YfVxUN0Go8VuI6gIUnt2m72biMZ6YkfQm1FakMX95gp1G6bvtJEm5EDuqLv
GY8IMFXIUtZ/a1UrcZUZDKjynuuvaV3EcbSFbeLJRab1fUlOqTFoay9lRMKMC6fS
d6YtwBBWZBE5LW7V7M1Or2bFqPPzwQJDbP/GTtCMZ0k0pJaE4Vz0kmwfbGy5O0M0
VrmEkA58sBIq4o7Uo1Y0Cq5lJsuVcKw/za78q732C6PjpcKCXfYMkGnxv34yyO+l
5kizyKlZ66n+pqlDlEJt3P0p/9G9mwp2ESzHkV6tBJDg/Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:36 2025 by rpki-client