Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
File: ca3047ed-6074-479d-9d85-26334085e41c.roa (raw, json)
Hash identifier: nVsnx9Yavxs/0mHH/PALHIzruXxgKLBJanVTKThPS5s=
Subject key identifier: FA:D0:B4:63:5C:F2:AA:35:7E:5A:EC:2B:01:82:E3:E7:A0:74:2B:05
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DC7D3DAC456FA91AF089C5B490371657DF802CC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
Signing time: Fri 06 Jun 2025 15:00:54 +0000
ROA not before: Fri 06 Jun 2025 15:00:54 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:c7:d3:da:c4:56:fa:91:af:08:9c:5b:49:03:71:65:7d:f8:02:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:54 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=e26eca7a07d44c54c81654055340ccab97f6c7c42970babaaea52c8381671fe3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:66:09:02:25:02:0a:6e:05:69:bd:02:68:df:
9e:e2:be:a9:a9:d0:1c:40:6f:df:d7:3b:20:ad:ad:
15:e2:0e:80:a1:ce:0b:73:58:b5:31:92:67:b6:9c:
6b:bd:23:9d:52:c1:cc:bd:9b:9a:37:23:c5:41:ba:
8c:aa:2d:96:73:95:b6:be:9c:11:eb:fe:39:23:96:
76:18:92:75:1e:25:32:32:27:df:12:e2:55:c0:ce:
9b:a6:4c:20:81:b0:29:a7:5c:24:20:fe:7f:b7:5e:
ae:a4:d3:5f:fe:d9:42:34:1f:c3:88:88:32:52:f0:
e5:3c:8e:52:40:7c:b8:0b:ae:5c:06:ff:16:de:72:
bc:80:a6:b4:ed:25:9d:9c:d7:33:d7:5b:2b:3e:a7:
28:e6:6a:2d:3d:0b:9e:a8:fa:9d:44:1c:81:68:00:
de:4a:50:e3:03:87:69:3f:3f:09:4f:04:eb:0c:0b:
e4:50:3b:89:d8:c5:69:f5:c1:dc:25:23:39:fa:0f:
2b:5f:00:d5:8d:e4:04:f9:5f:af:a0:e9:02:97:29:
7e:47:e2:2f:8c:62:b9:33:f7:f4:91:b2:d3:1f:0c:
ac:22:27:a3:97:af:71:c8:31:ae:9d:af:e9:56:b2:
e1:c2:04:4c:6f:38:5a:ca:ff:33:16:14:2d:d1:85:
9a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D0:B4:63:5C:F2:AA:35:7E:5A:EC:2B:01:82:E3:E7:A0:74:2B:05
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/18
Signature Algorithm: sha256WithRSAEncryption
20:34:dc:5c:1c:7e:b1:a6:3d:e6:56:c6:24:5b:5b:76:c6:4a:
e1:78:68:30:62:ac:04:68:4c:78:4a:13:a4:5a:56:41:8d:4c:
63:6c:58:34:b3:13:81:ed:07:22:de:df:15:f1:d2:b7:e7:a5:
bc:55:05:91:ce:3c:c7:d2:42:5e:e3:eb:df:44:96:71:e4:67:
d0:31:f4:cc:6a:86:2a:66:87:be:12:5a:f7:c4:56:c0:42:ce:
32:76:fe:f9:72:22:93:33:2d:99:3b:5b:f1:ad:2b:e7:4d:b8:
94:31:8d:65:d2:b6:88:04:3c:02:95:18:37:77:7c:b3:00:97:
63:40:8b:a0:43:dc:73:98:25:31:16:72:3c:6f:6f:f6:9d:d1:
8b:4d:7d:c9:ce:ad:aa:1b:16:05:3e:bb:69:7e:77:18:05:7f:
dd:30:8a:8a:15:88:8d:ab:5a:10:ea:d8:a4:2c:a8:e4:9a:ac:
67:0f:32:1c:ae:30:a5:06:c7:1a:1e:7c:5a:15:74:97:fe:9e:
75:d0:14:10:d7:d5:f5:bc:80:6d:d1:ba:be:a1:f8:2c:24:29:
f8:58:90:29:50:a8:7e:55:0a:6f:17:7d:a9:de:8e:2c:5b:e8:
87:3b:fa:4e:5b:44:ce:44:69:63:d2:0b:7d:45:4c:ad:1f:b0:
19:2e:1a:5b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbcfT2sRW+pGvCJxbSQNxZX34AswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwNTRaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyNmVjYTdhMDdkNDRjNTRjODE2NTQwNTUzNDBjY2FiOTdmNmM3YzQyOTcw
YmFiYWFlYTUyYzgzODE2NzFmZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI5mCQIlAgpuBWm9AmjfnuK+qanQHEBv39c7IK2tFeIOgKHOC3NYtTGSZ7ac
a70jnVLBzL2bmjcjxUG6jKotlnOVtr6cEev+OSOWdhiSdR4lMjIn3xLiVcDOm6ZM
IIGwKadcJCD+f7derqTTX/7ZQjQfw4iIMlLw5TyOUkB8uAuuXAb/Ft5yvICmtO0l
nZzXM9dbKz6nKOZqLT0Lnqj6nUQcgWgA3kpQ4wOHaT8/CU8E6wwL5FA7idjFafXB
3CUjOfoPK18A1Y3kBPlfr6DpApcpfkfiL4xiuTP39JGy0x8MrCIno5evccgxrp2v
6Vay4cIETG84Wsr/MxYULdGFmmUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT60LRj
XPKqNX5a7CsBguPnoHQrBTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2EzMDQ3ZWQtNjA3NC00NzlkLTlkODUtMjYzMzQwODVlNDFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEAIDTcXBx+saY95lbGJFtbdsZK4XhoMGKsBGhMeEoT
pFpWQY1MY2xYNLMTge0HIt7fFfHSt+elvFUFkc48x9JCXuPr30SWceRn0DH0zGqG
KmaHvhJa98RWwELOMnb++XIikzMtmTtb8a0r5024lDGNZdK2iAQ8ApUYN3d8swCX
Y0CLoEPcc5glMRZyPG9v9p3Ri019yc6tqhsWBT67aX53GAV/3TCKihWIjataEOrY
pCyo5JqsZw8yHK4wpQbHGh58WhV0l/6eddAUENfV9byAbdG6vqH4LCQp+FiQKVCo
flUKbxd9qd6OLFvohzv6TltEzkRpY9ILfUVMrR+wGS4aWw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:36 2025 by rpki-client