Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
File: b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa (raw, json)
Hash identifier: 18K5wgqxZJSH1Tv5MTqVHTVtSa3z5dppS/w05YtroNo=
Subject key identifier: 84:79:79:9A:D7:AC:2C:D0:8D:E5:C7:4E:5F:89:36:AA:7D:76:B1:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57F687429B5F101BB77C24B753C002934546F737
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
Signing time: Fri 06 Jun 2025 15:00:13 +0000
ROA not before: Fri 06 Jun 2025 15:00:13 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:f6:87:42:9b:5f:10:1b:b7:7c:24:b7:53:c0:02:93:45:46:f7:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:13 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=d3f223ea0e2112e508f3be23ff0ed15f7f0d75942e32c21bdbd022be098c66e2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e7:2e:7a:34:6f:3a:ef:54:ae:87:3b:49:d5:
60:93:1a:3a:3d:09:a4:97:69:0e:26:01:d8:97:9d:
64:12:9e:ea:17:4c:c5:15:ad:19:df:5f:fa:1d:cc:
6e:a7:08:b1:9f:a3:bf:53:34:2e:e1:50:ba:00:c4:
53:b2:ca:e3:02:fc:47:10:6c:dc:50:b4:e3:2b:05:
0b:64:8d:8e:3c:db:be:ce:04:2f:4b:84:0f:42:07:
3c:51:b5:e8:e0:70:98:9b:26:e4:19:f6:a4:83:53:
b4:59:d7:60:c3:d8:44:02:55:6f:24:58:e4:c2:3d:
7c:35:a3:ea:64:82:6e:a9:d8:fd:54:1e:2e:bd:01:
4f:12:c1:d0:72:c4:2c:79:a2:76:6c:75:5f:2c:70:
2e:c6:cf:1d:fa:8d:aa:f6:93:f4:92:bc:9d:d3:8f:
96:f6:ee:a2:91:ea:bd:0f:fa:e1:c7:f9:23:e3:43:
ce:89:a2:92:9d:36:b2:3e:db:af:61:43:9c:76:bf:
13:f0:fc:bb:1b:33:4a:b2:97:f2:9c:c8:14:e5:5d:
ea:75:f8:c1:25:e5:75:fb:71:15:2e:68:0d:6d:72:
ba:b2:ee:2d:03:2c:b0:74:0f:7e:05:4d:36:ff:4f:
db:8f:28:01:77:eb:16:1a:1d:f8:70:60:de:28:d3:
6e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:79:79:9A:D7:AC:2C:D0:8D:E5:C7:4E:5F:89:36:AA:7D:76:B1:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.44.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:0a:91:a4:5a:0e:ed:91:a0:4c:8a:56:81:49:02:c7:f8:d7:
80:89:79:dc:2f:c2:83:66:85:1c:38:8d:ff:e1:8d:d3:99:1f:
00:fd:93:7a:57:d6:7a:a1:e1:cd:e3:9f:ab:c4:69:ec:51:f9:
fd:08:8b:f2:65:f1:50:e2:60:de:4e:27:c7:c1:3b:a3:b3:bf:
bf:e9:30:b2:f2:e9:54:9a:c2:d9:f6:6e:6f:12:70:b9:73:43:
9e:32:e0:75:5a:e7:d6:60:f7:09:ef:db:76:ad:76:51:f7:6f:
45:49:12:22:dc:2e:90:b1:16:0d:d9:b5:05:84:0c:ab:ce:a5:
53:5d:78:63:3a:db:8f:1c:8c:1b:70:b0:cc:12:55:1d:8c:75:
46:c2:51:b5:2e:b1:6b:d0:fa:72:bf:32:05:cc:bc:95:c6:c3:
9f:6a:42:5f:0d:67:d4:28:8b:4e:89:cb:59:29:a2:d7:bf:b7:
c4:f2:de:27:8a:f2:d6:a8:19:fb:cb:17:77:6a:cc:fa:bd:8c:
dc:1e:f2:dd:1a:48:7d:26:25:87:2a:25:14:bf:08:f1:6a:09:
a9:46:ee:a6:7d:ad:83:91:3a:c6:a0:d8:ed:8a:09:82:04:a5:
09:a5:b7:46:39:c9:4f:09:a9:91:c2:75:ca:dc:44:dd:56:ed:
a4:e8:18:dc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUV/aHQptfEBu3fCS3U8ACk0VG9zcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwMTNaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzZjIyM2VhMGUyMTEyZTUwOGYzYmUyM2ZmMGVkMTVmN2YwZDc1OTQyZTMy
YzIxYmRiZDAyMmJlMDk4YzY2ZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvnLno0bzrvVK6HO0nVYJMaOj0JpJdpDiYB2JedZBKe6hdMxRWtGd9f+h3M
bqcIsZ+jv1M0LuFQugDEU7LK4wL8RxBs3FC04ysFC2SNjjzbvs4EL0uED0IHPFG1
6OBwmJsm5Bn2pINTtFnXYMPYRAJVbyRY5MI9fDWj6mSCbqnY/VQeLr0BTxLB0HLE
LHmidmx1XyxwLsbPHfqNqvaT9JK8ndOPlvbuopHqvQ/64cf5I+NDzomikp02sj7b
r2FDnHa/E/D8uxszSrKX8pzIFOVd6nX4wSXldftxFS5oDW1yurLuLQMssHQPfgVN
Nv9P248oAXfrFhod+HBg3ijTbu0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSEeXma
16ws0I3lx05fiTaqfXaxIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjhkNTVlOWQtMjczMC00ZWMyLTkxZDUtYWY5OGE1YTUxMzQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiLDAN
BgkqhkiG9w0BAQsFAAOCAQEAOgqRpFoO7ZGgTIpWgUkCx/jXgIl53C/Cg2aFHDiN
/+GN05kfAP2TelfWeqHhzeOfq8Rp7FH5/QiL8mXxUOJg3k4nx8E7o7O/v+kwsvLp
VJrC2fZubxJwuXNDnjLgdVrn1mD3Ce/bdq12UfdvRUkSItwukLEWDdm1BYQMq86l
U114YzrbjxyMG3CwzBJVHYx1RsJRtS6xa9D6cr8yBcy8lcbDn2pCXw1n1CiLTonL
WSmi17+3xPLeJ4ry1qgZ+8sXd2rM+r2M3B7y3RpIfSYlhyolFL8I8WoJqUbupn2t
g5E6xqDY7YoJggSlCaW3RjnJTwmpkcJ1ytxE3VbtpOgY3A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:18 2025 by rpki-client