Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
File: a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa (raw, json)
Hash identifier: x2KsOgjFeOjz0ZceZxuzzp2nuaGDzaJS2n1XO0fez4o=
Subject key identifier: CC:B4:2F:33:69:45:34:45:8D:81:42:8A:C7:58:87:56:8F:03:87:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A2A28F4067B9C007AC6FAE549A6781AAF942FB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
Signing time: Fri 06 Jun 2025 15:00:23 +0000
ROA not before: Fri 06 Jun 2025 15:00:23 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:2a:28:f4:06:7b:9c:00:7a:c6:fa:e5:49:a6:78:1a:af:94:2f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:23 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=8a8e27f0f7832184d7d47bf00d76b783126cbccf10765a6a55c6be7e9afb2a17, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:75:ea:06:3f:ce:50:31:3b:f2:a1:08:73:c2:
8f:03:3e:2e:8b:dc:ed:d8:28:67:77:9b:53:22:e1:
8d:32:fd:ef:5c:8b:01:9c:5b:bf:31:fc:3d:3d:d5:
be:65:1d:81:58:f4:ae:ad:dc:2f:e2:1d:2f:18:41:
f9:bf:b6:3e:57:34:7d:a2:cd:5d:06:06:cf:39:76:
c4:9d:1e:9f:52:ef:6c:44:36:e2:4a:34:32:88:11:
b1:06:cc:94:67:2b:ec:e0:0a:e7:b4:bd:17:00:67:
1f:87:86:19:7c:17:f4:66:09:28:7a:b0:a1:20:02:
1e:76:61:92:0b:1a:d0:45:71:99:5d:b0:e5:ef:93:
aa:3e:b5:1b:35:0f:d4:42:a4:d9:e5:0f:90:ff:63:
59:ea:cc:99:b7:26:f9:76:96:37:dc:48:4a:e8:ec:
4f:10:3f:7a:6d:75:a4:b0:05:d6:bf:ca:35:c7:31:
ad:0c:74:4a:82:05:5c:43:f6:1e:70:aa:4d:87:bb:
31:d1:ea:6f:76:22:14:df:2a:7e:95:56:00:2f:72:
2c:89:4d:40:16:98:c7:96:d4:b3:95:a9:05:6f:c7:
f6:f3:76:6f:6e:24:b5:b3:ec:e6:ac:df:24:e2:7b:
39:bd:d0:59:63:b3:82:d6:95:73:07:8f:4c:dc:28:
f2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B4:2F:33:69:45:34:45:8D:81:42:8A:C7:58:87:56:8F:03:87:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:be:e4:9e:e0:a1:cd:9f:17:ef:91:d8:17:c2:f8:77:1f:f9:
1c:b1:e9:74:bb:18:c4:ec:85:54:48:c1:30:df:d4:15:9c:fc:
c2:15:f9:75:df:49:7f:98:16:5a:67:84:32:64:24:db:dd:fc:
ed:0f:a5:be:78:37:d9:6f:9c:12:8a:e7:5d:fa:67:be:18:3a:
02:8f:45:87:a9:a7:a7:0e:5a:fd:c3:cc:c3:0d:ed:11:a1:ac:
a7:4e:6e:89:11:cf:03:de:ba:67:e0:b7:c5:df:75:83:64:74:
21:8c:19:dd:9f:55:a8:c7:b5:cf:8c:bc:4c:31:c6:9d:70:76:
22:e3:52:94:b7:18:38:bc:56:03:2d:44:5d:32:6b:b8:2d:19:
e2:b8:7e:13:ab:6d:fe:c9:63:35:98:07:9a:19:84:bc:71:1c:
05:a6:81:9c:0f:28:e4:ef:9d:e6:e1:6c:2b:a4:f9:9d:58:f0:
a0:bb:9c:11:68:68:03:9f:af:7f:1d:f2:e9:d5:46:4b:c9:3b:
55:fc:88:a2:f1:a6:77:cf:d0:18:6c:8c:a4:85:c9:a3:4d:84:
92:3f:69:b3:c3:b8:c4:8b:02:e0:f0:5d:8f:0f:00:12:f1:1e:
89:d7:8b:38:37:70:dd:d5:8c:a0:2d:ee:23:e6:0f:41:76:43:
fc:55:f1:d2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWioo9AZ7nAB6xvrlSaZ4Gq+UL7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwMjNaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhOGUyN2YwZjc4MzIxODRkN2Q0N2JmMDBkNzZiNzgzMTI2Y2JjY2YxMDc2
NWE2YTU1YzZiZTdlOWFmYjJhMTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALV16gY/zlAxO/KhCHPCjwM+Lovc7dgoZ3ebUyLhjTL971yLAZxbvzH8PT3V
vmUdgVj0rq3cL+IdLxhB+b+2Plc0faLNXQYGzzl2xJ0en1LvbEQ24ko0MogRsQbM
lGcr7OAK57S9FwBnH4eGGXwX9GYJKHqwoSACHnZhkgsa0EVxmV2w5e+Tqj61GzUP
1EKk2eUPkP9jWerMmbcm+XaWN9xISujsTxA/em11pLAF1r/KNccxrQx0SoIFXEP2
HnCqTYe7MdHqb3YiFN8qfpVWAC9yLIlNQBaYx5bUs5WpBW/H9vN2b24ktbPs5qzf
JOJ7Ob3QWWOzgtaVcwePTNwo8iECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTMtC8z
aUU0RY2BQorHWIdWjwOHgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTI2MGZlM2MtYTkwMS00ZjVhLWI1MGEtNzliOWExZTFmOGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAPb7knuChzZ8X75HYF8L4dx/5HLHpdLsYxOyFVEjB
MN/UFZz8whX5dd9Jf5gWWmeEMmQk29387Q+lvng32W+cEornXfpnvhg6Ao9Fh6mn
pw5a/cPMww3tEaGsp05uiRHPA966Z+C3xd91g2R0IYwZ3Z9VqMe1z4y8TDHGnXB2
IuNSlLcYOLxWAy1EXTJruC0Z4rh+E6tt/sljNZgHmhmEvHEcBaaBnA8o5O+d5uFs
K6T5nVjwoLucEWhoA5+vfx3y6dVGS8k7VfyIovGmd8/QGGyMpIXJo02Ekj9ps8O4
xIsC4PBdjw8AEvEeideLODdw3dWMoC3uI+YPQXZD/FXx0g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:17 2025 by rpki-client