Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
File: 513c0075-edb1-461e-a07d-4eb5874bd9ce.roa (raw, json)
Hash identifier: cYSf3uWlobeCkAPxiAHczf+Otub3nmjo/sqX+XdjeXo=
Subject key identifier: E7:75:93:CB:00:3C:3E:6C:58:2A:BF:38:AA:95:F8:FF:A0:47:C1:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 769051A17B65C6A35E0F50604A3EEABA65815DDE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
Signing time: Fri 06 Jun 2025 15:00:47 +0000
ROA not before: Fri 06 Jun 2025 15:00:47 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.160.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:90:51:a1:7b:65:c6:a3:5e:0f:50:60:4a:3e:ea:ba:65:81:5d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:47 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=02078a2050d375f90441fbd57f10272d256ed8cf1ac471706ac60124d6fb10cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d9:79:ca:cc:17:a7:7d:52:35:b7:b3:7c:5f:
99:36:5c:f1:38:78:22:cf:99:2a:11:fb:d7:64:dd:
ed:10:1f:9b:b9:10:b1:c3:10:96:e3:66:63:46:47:
60:cc:0f:2d:7d:e8:b7:93:2e:a4:ff:10:d7:4f:1a:
0a:bf:d0:2c:b3:f7:f0:f8:de:13:80:d3:ad:3e:ce:
db:4f:e4:dd:59:c6:70:7c:dd:27:03:57:7c:f3:33:
76:c3:0e:9f:31:b9:cb:e8:b2:7d:91:61:b5:24:0e:
a3:b3:a6:b5:aa:29:80:0c:e7:82:17:76:51:13:37:
1c:7f:74:29:98:47:69:0a:9f:a8:b8:13:50:73:15:
3d:1d:8d:44:ad:e6:23:84:cf:09:8b:c3:ee:a9:15:
28:eb:97:07:39:9e:1c:44:e3:76:aa:cf:66:c7:c8:
0e:5d:f6:c2:80:53:a7:14:c4:d1:e7:35:7c:1d:51:
18:e0:83:6a:74:cc:ae:02:5b:7f:f5:1d:5c:5b:00:
13:f1:d3:3f:96:9f:fe:d4:32:00:66:52:ee:86:7f:
64:76:4e:03:0f:fc:8b:de:d7:8e:6e:c2:5a:63:20:
83:cd:b0:d7:95:7e:8e:c0:b7:85:0e:0c:43:ed:25:
00:83:db:2a:36:12:96:06:89:40:67:15:fd:b6:35:
c5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:75:93:CB:00:3C:3E:6C:58:2A:BF:38:AA:95:F8:FF:A0:47:C1:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.160.0/20
Signature Algorithm: sha256WithRSAEncryption
90:cc:2e:33:d6:12:26:e8:41:a2:f6:77:7b:fd:d7:40:d9:f6:
fe:f2:7e:2c:b3:23:92:4c:6c:bb:b7:79:3e:b8:0e:6f:2f:b9:
f4:1c:1f:be:d5:c4:60:5b:b3:90:c1:50:ad:b9:ae:be:67:e1:
95:28:e4:02:0c:29:4b:07:78:5f:03:73:ab:11:20:0f:1c:b9:
1c:63:41:7f:4b:c9:60:29:d8:b8:19:79:31:5a:de:d5:39:cd:
7f:07:02:c9:7d:8b:10:31:80:e4:78:bb:e5:91:ae:f1:48:0d:
d3:72:c5:72:dd:7d:88:a5:c2:ec:74:94:60:9d:58:7b:03:f0:
be:e9:32:1c:af:86:05:98:db:e9:b2:2a:d5:2a:bd:04:58:45:
7c:54:e3:20:b1:11:e5:ac:3a:47:44:f4:23:27:bd:2b:4c:72:
8a:c4:77:71:14:ad:67:b9:d4:a7:24:fb:91:e3:78:82:dc:38:
ed:07:62:1e:23:bc:39:19:04:12:f1:ea:2b:6d:f1:b8:00:cd:
d1:13:09:6b:3d:db:ce:a9:68:a3:4f:4f:be:24:6d:99:c9:6e:
39:30:f8:bb:16:dd:1b:ee:af:08:95:ec:dc:ae:17:a6:f0:e0:
10:95:58:6e:eb:38:b2:37:31:18:9d:54:af:12:04:f1:5f:1b:
ba:1e:c9:90
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdpBRoXtlxqNeD1BgSj7qumWBXd4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwNDdaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyMDc4YTIwNTBkMzc1ZjkwNDQxZmJkNTdmMTAyNzJkMjU2ZWQ4Y2YxYWM0
NzE3MDZhYzYwMTI0ZDZmYjEwY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOXZecrMF6d9UjW3s3xfmTZc8Th4Is+ZKhH712Td7RAfm7kQscMQluNmY0ZH
YMwPLX3ot5MupP8Q108aCr/QLLP38PjeE4DTrT7O20/k3VnGcHzdJwNXfPMzdsMO
nzG5y+iyfZFhtSQOo7OmtaopgAznghd2URM3HH90KZhHaQqfqLgTUHMVPR2NRK3m
I4TPCYvD7qkVKOuXBzmeHETjdqrPZsfIDl32woBTpxTE0ec1fB1RGOCDanTMrgJb
f/UdXFsAE/HTP5af/tQyAGZS7oZ/ZHZOAw/8i97Xjm7CWmMgg82w15V+jsC3hQ4M
Q+0lAIPbKjYSlgaJQGcV/bY1xYECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTndZPL
ADw+bFgqvziqlfj/oEfBfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTEzYzAwNzUtZWRiMS00NjFlLWEwN2QtNGViNTg3NGJkOWNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAioDAN
BgkqhkiG9w0BAQsFAAOCAQEAkMwuM9YSJuhBovZ3e/3XQNn2/vJ+LLMjkkxsu7d5
PrgOby+59BwfvtXEYFuzkMFQrbmuvmfhlSjkAgwpSwd4XwNzqxEgDxy5HGNBf0vJ
YCnYuBl5MVre1TnNfwcCyX2LEDGA5Hi75ZGu8UgN03LFct19iKXC7HSUYJ1YewPw
vukyHK+GBZjb6bIq1Sq9BFhFfFTjILER5aw6R0T0Iye9K0xyisR3cRStZ7nUpyT7
keN4gtw47QdiHiO8ORkEEvHqK23xuADN0RMJaz3bzqloo09PviRtmcluOTD4uxbd
G+6vCJXs3K4XpvDgEJVYbus4sjcxGJ1UrxIE8V8buh7JkA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:50 2025 by rpki-client