Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
File: b2048b1c-363b-4b59-9d56-dc72187194a3.roa (raw, json)
Hash identifier: LrkcFCs6j1u5AhNHDfLy1HIvBXLFv0b9WfWAwqnqTs4=
Subject key identifier: 1A:B5:26:A9:65:BD:A6:3F:0F:D9:71:FF:CA:41:61:36:B4:95:BA:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D0CF8FB343CC244E48B77C738DE19AA84F1088D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
Signing time: Fri 06 Jun 2025 15:00:18 +0000
ROA not before: Fri 06 Jun 2025 15:00:18 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:0c:f8:fb:34:3c:c2:44:e4:8b:77:c7:38:de:19:aa:84:f1:08:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:18 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=38138ff1683f654c48ab6f2ec3c84e70aadcfaf9f905a55b77741dcdc6f2d922, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:56:55:d7:20:30:d1:1d:0b:db:c0:d9:d5:8d:
82:5c:85:38:b6:d4:d2:5b:02:8a:cc:cc:0a:29:d5:
fd:2a:40:16:3b:a1:e2:66:cc:56:73:4b:fd:07:ff:
af:ff:8d:97:e6:c8:92:f4:b5:f2:49:ee:10:75:32:
10:76:b4:1f:0f:7e:57:cc:b0:4e:39:4d:ff:49:aa:
fc:19:5c:8d:66:80:6d:62:9b:91:55:9e:69:d7:92:
fc:2e:26:cf:e0:e2:82:58:52:53:b5:c8:63:47:97:
ed:84:67:46:09:5e:a0:1a:00:21:82:d2:3d:b2:55:
90:ab:17:e7:81:3e:59:5a:52:13:0c:0a:28:57:dd:
8b:5a:03:5c:a0:3e:3b:0f:b3:b3:8c:99:d0:50:0a:
e2:3f:0c:dd:9a:1d:d0:96:11:89:5c:92:4e:65:f6:
68:0e:61:ec:41:c7:24:46:63:5b:b9:bb:d8:41:f3:
26:b2:62:df:64:dd:63:b6:d7:d6:fd:9b:04:fc:ed:
0c:f9:1a:06:7f:0d:9f:b4:36:70:9a:eb:35:e7:d0:
e1:4b:eb:b2:b3:db:dc:ff:78:eb:3b:b0:49:15:19:
da:0f:1f:90:cd:41:c9:c4:19:9e:00:a4:dc:37:a6:
06:d8:07:f4:38:95:d2:2d:63:2c:11:48:dc:d8:fe:
f1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B5:26:A9:65:BD:A6:3F:0F:D9:71:FF:CA:41:61:36:B4:95:BA:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.20.0/22
Signature Algorithm: sha256WithRSAEncryption
84:9e:e1:86:11:ee:3d:2e:d3:dc:1a:f9:d6:5d:b9:d8:a6:a9:
e4:5d:8d:b1:2f:ef:4f:87:4c:c3:4b:db:5a:f8:99:c0:e6:e4:
01:f9:0f:d6:15:32:90:98:69:fc:f6:b4:28:b5:ac:5d:ae:ca:
68:32:86:1d:ec:6a:86:e0:59:de:45:01:94:17:88:f5:55:90:
59:1c:80:92:c8:76:72:5f:3f:dd:15:45:88:65:0c:48:a6:23:
9a:81:f0:7b:20:4c:1e:94:67:3b:38:3b:d9:2b:44:1a:cf:da:
f6:77:4d:b4:cb:c0:37:ad:4a:96:de:41:83:db:41:28:61:a0:
c4:49:4d:7f:8b:17:b5:4c:56:3e:23:1d:9b:71:2d:ea:9b:b1:
59:25:54:e3:ed:36:b2:0f:64:92:0a:d1:ec:08:10:6c:c5:18:
0d:f8:96:90:00:eb:7e:8b:4c:80:83:c2:1c:a6:ba:cb:65:27:
ff:93:7c:52:ca:39:1f:a0:1b:6e:17:f9:b5:ac:a5:1d:5b:c2:
d0:25:83:ec:f1:4f:c2:e8:34:01:cb:1b:cc:20:c5:26:3f:57:
f3:7f:07:fb:11:96:12:58:e6:73:9b:8f:10:5c:0d:2f:9c:71:
9e:5b:0f:b9:0c:29:30:fc:91:ac:d2:38:27:43:fa:df:01:dd:
ec:1b:68:d6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHQz4+zQ8wkTki3fHON4ZqoTxCI0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwMThaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4MTM4ZmYxNjgzZjY1NGM0OGFiNmYyZWMzYzg0ZTcwYWFkY2ZhZjlmOTA1
YTU1Yjc3NzQxZGNkYzZmMmQ5MjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlWVdcgMNEdC9vA2dWNglyFOLbU0lsCiszMCinV/SpAFjuh4mbMVnNL/Qf/
r/+Nl+bIkvS18knuEHUyEHa0Hw9+V8ywTjlN/0mq/BlcjWaAbWKbkVWeadeS/C4m
z+DiglhSU7XIY0eX7YRnRgleoBoAIYLSPbJVkKsX54E+WVpSEwwKKFfdi1oDXKA+
Ow+zs4yZ0FAK4j8M3Zod0JYRiVySTmX2aA5h7EHHJEZjW7m72EHzJrJi32TdY7bX
1v2bBPztDPkaBn8Nn7Q2cJrrNefQ4UvrsrPb3P946zuwSRUZ2g8fkM1BycQZngCk
3DemBtgH9DiV0i1jLBFI3Nj+8d0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQatSap
Zb2mPw/Zcf/KQWE2tJW6fDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjIwNDhiMWMtMzYzYi00YjU5LTlkNTYtZGM3MjE4NzE5NGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiFDAN
BgkqhkiG9w0BAQsFAAOCAQEAhJ7hhhHuPS7T3Br51l252Kap5F2NsS/vT4dMw0vb
WviZwObkAfkP1hUykJhp/Pa0KLWsXa7KaDKGHexqhuBZ3kUBlBeI9VWQWRyAksh2
cl8/3RVFiGUMSKYjmoHweyBMHpRnOzg72StEGs/a9ndNtMvAN61Klt5Bg9tBKGGg
xElNf4sXtUxWPiMdm3Et6puxWSVU4+02sg9kkgrR7AgQbMUYDfiWkADrfotMgIPC
HKa6y2Un/5N8Uso5H6Abbhf5taylHVvC0CWD7PFPwug0AcsbzCDFJj9X838H+xGW
Eljmc5uPEFwNL5xxnlsPuQwpMPyRrNI4J0P63wHd7Bto1g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:14 2025 by rpki-client