Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
File: 8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa (raw, json)
Hash identifier: aXa+l1hHfUIpuIraPo4ndjXu5HZGiP4quBWOrVFVTfU=
Subject key identifier: AF:AA:8C:EE:D8:75:67:1E:CA:39:44:20:67:58:8C:C5:50:CE:AA:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E057F04A67C2F84E16579C672C08A4568CE64ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
Signing time: Fri 06 Jun 2025 15:00:52 +0000
ROA not before: Fri 06 Jun 2025 15:00:52 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:05:7f:04:a6:7c:2f:84:e1:65:79:c6:72:c0:8a:45:68:ce:64:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:52 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=5019dc7fefbc67113b928022215463f98b8724a76c8e0c4ae84b0dcd87610f9a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:05:13:d8:6b:02:7e:fe:48:1b:dd:32:30:1a:
88:92:2f:53:67:12:c7:91:90:a8:82:c3:73:9c:6b:
7d:f3:cb:b6:73:4b:52:62:b8:7a:72:37:a6:95:22:
02:af:81:bb:63:a6:dc:f6:1f:3d:ec:71:72:3f:db:
12:1f:c6:ee:4d:5d:bd:79:d6:39:3d:5f:42:1c:a7:
29:6d:c5:c8:9a:13:81:9e:ad:8a:bd:49:26:47:39:
8a:16:61:1d:1e:05:02:76:07:fe:fa:80:63:75:0b:
12:ff:5b:af:41:6b:f1:79:78:52:ae:ef:b5:e1:98:
55:28:3a:ec:9c:a0:19:dc:ff:0a:26:eb:f0:e5:ce:
af:7a:ec:9a:55:90:7b:32:e6:1b:01:27:ef:cf:76:
44:81:47:f4:e9:0d:6e:1e:d2:4e:91:0b:35:3f:a4:
1b:a4:aa:88:fb:d0:f8:7b:c1:2b:38:3b:13:db:3d:
72:23:f0:5f:56:5a:ea:61:7a:e9:d7:5a:e0:04:72:
cc:1f:9b:ba:bc:41:a7:26:3c:62:e1:4b:7d:b0:97:
4a:06:2f:8c:d5:ec:20:d7:5d:72:45:0f:61:39:0f:
dc:98:39:db:e5:8c:6a:fc:12:ec:d4:3f:04:39:bd:
17:2b:bc:66:93:08:e5:2b:80:6f:61:21:3c:b4:79:
bf:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:AA:8C:EE:D8:75:67:1E:CA:39:44:20:67:58:8C:C5:50:CE:AA:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/19
Signature Algorithm: sha256WithRSAEncryption
86:07:14:ce:eb:08:e0:cb:8e:c0:f9:4c:cf:f7:02:3c:ab:c4:
50:36:b2:57:e5:cf:c9:08:fe:e0:7e:9c:c9:5e:8f:5a:e0:07:
2b:4e:cc:11:93:9f:be:61:f0:78:6d:5f:b8:50:50:d4:10:49:
c6:b9:be:0a:e5:76:75:9c:1b:50:b8:a5:d7:d0:a9:f6:3a:7a:
82:3d:72:e9:c7:4f:78:71:a4:22:8c:95:3b:4e:ee:db:07:3f:
5d:a2:e1:36:51:85:78:9e:e4:20:15:8c:59:ca:b2:e4:d4:21:
e2:4e:e9:6c:25:d2:18:86:cf:17:a5:b6:8e:b1:1d:a3:22:a1:
48:11:0d:42:dd:dd:c5:a7:b9:7e:cd:ed:09:4d:04:70:ab:84:
26:c2:52:95:6e:da:de:ca:46:e2:c6:de:f6:6f:f3:42:d5:cb:
62:c5:0a:4d:3f:c1:d4:c2:d9:2a:f0:85:cd:1d:f0:4e:70:a6:
c2:e5:91:40:e8:44:04:89:83:ed:7d:14:d1:6f:7e:5e:a4:42:
ab:f2:6f:99:38:c5:9a:7a:53:0f:4d:11:43:da:24:2a:05:7c:
f6:f6:db:d8:b2:a7:1c:df:9f:4d:ce:db:c0:58:d5:ef:a2:46:
b7:e9:d0:e0:52:b4:61:27:7e:33:66:19:66:7f:eb:8b:d0:9d:
d0:f3:ad:47
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTgV/BKZ8L4ThZXnGcsCKRWjOZO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwNTJaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwMTlkYzdmZWZiYzY3MTEzYjkyODAyMjIxNTQ2M2Y5OGI4NzI0YTc2Yzhl
MGM0YWU4NGIwZGNkODc2MTBmOWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwFE9hrAn7+SBvdMjAaiJIvU2cSx5GQqILDc5xrffPLtnNLUmK4enI3ppUi
Aq+Bu2Om3PYfPexxcj/bEh/G7k1dvXnWOT1fQhynKW3FyJoTgZ6tir1JJkc5ihZh
HR4FAnYH/vqAY3ULEv9br0Fr8Xl4Uq7vteGYVSg67JygGdz/Cibr8OXOr3rsmlWQ
ezLmGwEn7892RIFH9OkNbh7STpELNT+kG6SqiPvQ+HvBKzg7E9s9ciPwX1Za6mF6
6dda4ARyzB+burxBpyY8YuFLfbCXSgYvjNXsINddckUPYTkP3Jg52+WMavwS7NQ/
BDm9Fyu8ZpMI5SuAb2EhPLR5v08CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSvqozu
2HVnHso5RCBnWIzFUM6qvjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGVlNmE0M2ItYjRlNC00ODlhLTljZDItMjFhNzJmMWNmNmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAigDAN
BgkqhkiG9w0BAQsFAAOCAQEAhgcUzusI4MuOwPlMz/cCPKvEUDayV+XPyQj+4H6c
yV6PWuAHK07MEZOfvmHweG1fuFBQ1BBJxrm+CuV2dZwbULil19Cp9jp6gj1y6cdP
eHGkIoyVO07u2wc/XaLhNlGFeJ7kIBWMWcqy5NQh4k7pbCXSGIbPF6W2jrEdoyKh
SBENQt3dxae5fs3tCU0EcKuEJsJSlW7a3spG4sbe9m/zQtXLYsUKTT/B1MLZKvCF
zR3wTnCmwuWRQOhEBImD7X0U0W9+XqRCq/JvmTjFmnpTD00RQ9okKgV89vbb2LKn
HN+fTc7bwFjV76JGt+nQ4FK0YSd+M2YZZn/ri9Cd0POtRw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:53 2025 by rpki-client