Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
File: e00516db-a674-4a02-8de9-e0ad569ecc6f.roa (raw, json)
Hash identifier: svFHVnQrvJhDj5IA2MmwrGCDMp52ZGlqH9440uXTHLQ=
Subject key identifier: 57:7F:1A:9A:36:D9:D9:DD:ED:BD:19:FF:3B:39:75:DF:CF:CF:8C:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F652A3524FC540814B2947D17C77B5AB569B744
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
Signing time: Fri 06 Jun 2025 15:00:50 +0000
ROA not before: Fri 06 Jun 2025 15:00:50 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:65:2a:35:24:fc:54:08:14:b2:94:7d:17:c7:7b:5a:b5:69:b7:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:50 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=7213f79f78b85c4c99019000d8310a13ad9b05ecb4b4a89f85aacb6eb0a54744, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d2:8e:bb:b5:3d:d0:0c:98:10:4d:1a:b9:fe:
fd:36:8e:a6:98:b1:e9:85:ec:73:cd:79:70:d2:b8:
92:ba:56:15:4b:3e:4f:a9:5e:d1:2e:5f:02:f8:e2:
41:d2:ce:0c:0f:c2:7f:dd:d3:39:3d:d3:c7:4b:56:
63:60:50:8b:a4:a8:23:1f:fe:cb:c6:24:c4:6b:bf:
d9:f1:07:6c:c6:94:31:e1:97:e1:b6:ec:ad:bd:6e:
86:e1:3d:8f:99:ac:7f:38:14:5f:9f:26:58:47:a0:
30:b7:7a:9f:4a:81:9b:7e:06:a0:6d:f0:c6:ca:1d:
e0:c1:6e:c0:2f:61:db:35:44:fb:5a:a8:99:06:a8:
29:24:65:bf:8c:63:0c:3b:a1:17:bc:06:26:02:eb:
c5:24:0e:50:99:37:ac:80:a8:7f:de:26:e6:38:eb:
cc:4c:1a:fa:bd:04:01:14:b5:c4:6f:de:47:d8:2f:
15:65:e3:5c:41:8e:eb:5c:e2:a8:08:0d:99:c2:35:
29:87:8e:7d:9d:73:21:d3:7a:44:00:e8:97:77:ec:
ca:34:8b:d1:86:b5:ac:71:f6:76:38:0b:98:3b:1d:
2b:b5:ab:da:6f:b9:f0:13:d2:72:3d:3d:09:fd:02:
d7:35:37:42:28:f6:41:be:d6:b6:53:0d:a5:ad:52:
d1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:7F:1A:9A:36:D9:D9:DD:ED:BD:19:FF:3B:39:75:DF:CF:CF:8C:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.176.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:8c:e1:9d:46:e8:1d:14:a9:aa:db:32:84:15:77:b6:c4:2c:
d0:54:83:26:4f:83:24:95:75:d7:38:1f:e3:51:e6:45:b9:81:
dc:70:1a:80:62:c7:ff:0f:de:8c:f0:93:d8:5e:2f:4b:62:0d:
28:90:8d:38:b2:af:5e:7d:a5:32:23:1d:ee:0f:39:00:f5:0a:
7e:10:82:4f:a6:2d:4b:18:52:d9:d2:83:a0:d0:3b:a4:fc:44:
a2:0e:2b:45:5a:89:16:a7:74:25:4e:93:0b:47:82:41:9d:14:
6b:f4:08:90:a8:78:b4:51:0a:8e:e8:0a:56:c1:b8:6c:50:77:
d3:bd:5f:91:d3:b9:78:53:71:3e:64:3c:80:bf:a0:1c:83:68:
ec:20:09:e5:d2:a2:df:7c:4f:36:e5:cf:0f:4c:46:71:c1:72:
f5:42:8d:31:4d:3a:8e:b0:c4:54:82:8d:df:01:2f:70:dd:33:
70:3f:af:4c:cb:d3:53:5c:74:92:ac:a3:7b:b8:94:ae:9b:85:
f6:d8:19:56:5f:9b:1d:75:9e:45:51:7c:0c:6c:2c:0a:be:a3:
b4:d8:02:62:24:1f:8a:ec:12:94:ff:85:2d:4c:dd:6f:7d:be:
64:d4:bd:2c:5c:82:29:81:6e:88:f7:cc:48:fc:5d:dd:47:db:
13:95:97:0d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUX2UqNST8VAgUspR9F8d7WrVpt0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwNTBaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyMTNmNzlmNzhiODVjNGM5OTAxOTAwMGQ4MzEwYTEzYWQ5YjA1ZWNiNGI0
YTg5Zjg1YWFjYjZlYjBhNTQ3NDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPSjru1PdAMmBBNGrn+/TaOppix6YXsc815cNK4krpWFUs+T6le0S5fAvji
QdLODA/Cf93TOT3Tx0tWY2BQi6SoIx/+y8YkxGu/2fEHbMaUMeGX4bbsrb1uhuE9
j5msfzgUX58mWEegMLd6n0qBm34GoG3wxsod4MFuwC9h2zVE+1qomQaoKSRlv4xj
DDuhF7wGJgLrxSQOUJk3rICof94m5jjrzEwa+r0EARS1xG/eR9gvFWXjXEGO61zi
qAgNmcI1KYeOfZ1zIdN6RADol3fsyjSL0Ya1rHH2djgLmDsdK7Wr2m+58BPScj09
Cf0C1zU3Qij2Qb7WtlMNpa1S0SkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRXfxqa
NtnZ3e29Gf87OXXfz8+MxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTAwNTE2ZGItYTY3NC00YTAyLThkZTktZTBhZDU2OWVjYzZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAisDAN
BgkqhkiG9w0BAQsFAAOCAQEAPYzhnUboHRSpqtsyhBV3tsQs0FSDJk+DJJV11zgf
41HmRbmB3HAagGLH/w/ejPCT2F4vS2INKJCNOLKvXn2lMiMd7g85APUKfhCCT6Yt
SxhS2dKDoNA7pPxEog4rRVqJFqd0JU6TC0eCQZ0Ua/QIkKh4tFEKjugKVsG4bFB3
071fkdO5eFNxPmQ8gL+gHINo7CAJ5dKi33xPNuXPD0xGccFy9UKNMU06jrDEVIKN
3wEvcN0zcD+vTMvTU1x0kqyje7iUrpuF9tgZVl+bHXWeRVF8DGwsCr6jtNgCYiQf
iuwSlP+FLUzdb32+ZNS9LFyCKYFuiPfMSPxd3UfbE5WXDQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:31 2025 by rpki-client