Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
File: 54957543-b22c-43fb-b523-8f40c64fe15d.roa (raw, json)
Hash identifier: CG58q61o1aN6GpTZ/nJY+IWIFOUxN4oxPMBXku+ExKs=
Subject key identifier: 85:9F:82:9B:1E:F3:E4:9C:1E:52:2F:28:51:CF:36:EB:A7:89:15:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50E24CFD2C0E66864AE58BD4D5CCA08E893417C3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
Signing time: Fri 06 Jun 2025 15:01:00 +0000
ROA not before: Fri 06 Jun 2025 15:01:00 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:e2:4c:fd:2c:0e:66:86:4a:e5:8b:d4:d5:cc:a0:8e:89:34:17:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:01:00 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=48b0b4f1dabdfb7d397405f7c95f9629f2254d3f12f9eba71b11bfe9eaba7558, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:dc:08:20:ab:14:4a:43:2c:c4:f5:60:7f:03:
91:65:f7:a9:c1:f7:83:1a:1d:a5:43:8d:ce:4d:d1:
fa:9c:39:2c:c0:ab:1d:66:ce:ac:e5:8b:5d:4c:b2:
36:6c:f9:df:c6:51:1d:69:20:99:e9:23:cc:d4:88:
09:c8:5d:c5:66:de:34:00:e0:25:6f:3a:f4:7d:bb:
8b:39:aa:85:41:5e:19:3b:2a:49:b1:f3:09:83:34:
73:91:89:fb:bb:59:95:38:4e:4c:76:8e:b6:ad:30:
5d:2a:e3:1d:67:4a:77:dc:76:d3:16:a4:77:6a:fa:
6f:cc:11:04:8f:39:0e:05:6e:9c:f3:ee:47:aa:71:
f6:e7:23:20:17:9e:6f:21:c0:a8:46:50:82:dc:8e:
4c:a4:cf:a9:e3:f6:05:28:dc:01:bd:b3:54:d1:87:
41:58:2a:51:7a:25:3c:0f:63:c9:e9:3e:1f:ce:d7:
5f:88:0d:d7:ef:84:9f:9c:6d:82:9c:43:f3:f2:6c:
2d:61:12:dd:81:47:7c:cc:81:87:19:81:07:61:af:
08:09:2f:c1:d4:b1:33:e8:e6:dd:05:8b:c7:c5:23:
35:af:6e:3b:bb:fe:a2:02:36:e7:9b:c6:56:be:dc:
0e:02:e4:0a:cd:30:b1:b1:77:15:08:52:84:c2:3b:
6a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9F:82:9B:1E:F3:E4:9C:1E:52:2F:28:51:CF:36:EB:A7:89:15:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.192.0/19
Signature Algorithm: sha256WithRSAEncryption
60:d1:b4:fd:4c:86:ec:92:7e:f7:3c:e9:a6:5d:b6:1d:b1:b5:
75:76:60:94:b8:e5:31:8e:2f:f7:55:33:c5:d2:52:ad:f9:a6:
8d:cd:ac:77:09:a5:82:f7:bf:50:a5:39:b0:40:bb:02:c9:26:
8e:4e:1f:51:93:77:9c:a3:2b:6c:6a:94:db:fa:07:aa:d2:62:
89:4b:5e:d8:3b:b2:96:d0:66:4b:d5:c0:57:51:0a:e3:2f:4b:
e2:e1:11:2f:af:ef:cd:fc:a7:48:47:c2:6e:ea:06:7e:5f:f9:
cd:e3:4e:d4:c2:b4:2b:66:50:aa:7b:cc:f5:39:7a:10:4a:ee:
bb:3b:25:65:c8:83:a4:76:da:90:45:1e:64:16:38:48:4b:be:
c1:59:8c:37:f1:0c:9f:c9:ae:23:00:e4:dc:78:b8:ae:42:cb:
32:45:49:df:74:5e:6d:e5:d1:1a:04:b9:26:1b:21:9b:bc:8a:
22:e7:1d:9a:52:37:ea:9c:ad:a6:32:74:21:44:a4:9d:07:04:
02:6f:1c:46:74:9c:4e:e1:25:f3:c4:a2:ab:fd:70:0f:1b:58:
e1:5d:fc:ea:42:50:a8:f7:d1:34:36:fd:f3:90:69:11:ef:b4:
61:21:33:d2:b2:cb:b0:60:69:50:d1:9a:b5:07:e4:c2:65:21:
5b:ab:fc:f8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUOJM/SwOZoZK5YvU1cygjok0F8MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAxMDBaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4YjBiNGYxZGFiZGZiN2QzOTc0MDVmN2M5NWY5NjI5ZjIyNTRkM2YxMmY5
ZWJhNzFiMTFiZmU5ZWFiYTc1NTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIzcCCCrFEpDLMT1YH8DkWX3qcH3gxodpUONzk3R+pw5LMCrHWbOrOWLXUyy
Nmz538ZRHWkgmekjzNSICchdxWbeNADgJW869H27izmqhUFeGTsqSbHzCYM0c5GJ
+7tZlThOTHaOtq0wXSrjHWdKd9x20xakd2r6b8wRBI85DgVunPPuR6px9ucjIBee
byHAqEZQgtyOTKTPqeP2BSjcAb2zVNGHQVgqUXolPA9jyek+H87XX4gN1++En5xt
gpxD8/JsLWES3YFHfMyBhxmBB2GvCAkvwdSxM+jm3QWLx8UjNa9uO7v+ogI255vG
Vr7cDgLkCs0wsbF3FQhShMI7atkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSFn4Kb
HvPknB5SLyhRzzbrp4kVAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQ5NTc1NDMtYjIyYy00M2ZiLWI1MjMtOGY0MGM2NGZlMTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAYNG0/UyG7JJ+9zzppl22HbG1dXZglLjlMY4v91Uz
xdJSrfmmjc2sdwmlgve/UKU5sEC7Askmjk4fUZN3nKMrbGqU2/oHqtJiiUte2Duy
ltBmS9XAV1EK4y9L4uERL6/vzfynSEfCbuoGfl/5zeNO1MK0K2ZQqnvM9Tl6EEru
uzslZciDpHbakEUeZBY4SEu+wVmMN/EMn8muIwDk3Hi4rkLLMkVJ33RebeXRGgS5
Jhshm7yKIucdmlI36pytpjJ0IUSknQcEAm8cRnScTuEl88Siq/1wDxtY4V386kJQ
qPfRNDb985BpEe+0YSEz0rLLsGBpUNGatQfkwmUhW6v8+A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:27 2025 by rpki-client