Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
File: e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa (raw, json)
Hash identifier: 4dWW+rIr2o5C0T/iIZHnqsiuRyLJKCyBuMwguZ1UqAw=
Subject key identifier: 71:CA:76:A9:84:9F:8E:E8:BA:86:88:7F:EC:28:C3:F0:21:00:98:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51EF752DAE1702D991888130A066672AE5787088
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
Signing time: Fri 06 Jun 2025 15:00:17 +0000
ROA not before: Fri 06 Jun 2025 15:00:17 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:ef:75:2d:ae:17:02:d9:91:88:81:30:a0:66:67:2a:e5:78:70:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:17 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=eb947f63804a5d8a25cf0b92de8e4c9592ead15e7f225f3a90e333af0fdd8902, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:06:23:d1:3a:8a:f9:6b:86:fc:7d:37:f4:de:
48:53:78:20:34:1f:f6:de:92:4a:c7:c6:c9:7a:01:
9b:70:6f:ed:32:58:e8:d2:fa:d4:fc:3c:84:f9:ea:
6a:ac:6d:c3:b0:e1:da:90:99:57:84:e3:b7:85:95:
72:8f:88:44:05:7d:53:4f:dc:68:66:d9:a9:83:69:
60:15:a2:1f:7b:0e:7e:ef:28:81:c3:83:c5:6e:11:
a3:4f:dd:0b:7b:a4:cd:75:5f:26:4f:65:fa:8e:2a:
88:57:3c:13:4c:cc:49:e0:e4:77:f3:fd:97:34:2d:
25:83:a2:31:86:36:e9:7d:34:a6:73:74:e1:34:74:
51:89:f7:01:2f:ba:00:d3:aa:ed:e7:ef:b4:51:0d:
af:a3:9d:1a:16:aa:20:66:42:a3:ea:2a:54:fa:30:
34:f5:4c:a4:7e:97:1a:e6:d0:bd:06:fe:d1:c6:2f:
f1:0b:91:f9:67:89:f0:ec:76:09:2a:e7:f9:cf:3b:
ea:f6:c6:71:36:08:a0:8a:b4:09:7d:3b:50:41:fb:
eb:53:c3:25:29:97:ad:15:12:b0:2b:e2:cb:46:21:
fe:c8:c4:74:e0:67:cd:d1:2f:de:ed:0f:ba:1e:31:
12:2a:95:aa:f7:60:ec:66:ba:ee:0f:8a:5a:be:7e:
96:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:CA:76:A9:84:9F:8E:E8:BA:86:88:7F:EC:28:C3:F0:21:00:98:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.40.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:95:21:36:d5:7c:9a:47:28:d0:02:08:c8:65:fd:f7:e1:9d:
4d:35:7e:36:25:26:70:09:0b:35:52:d6:ad:48:ea:62:5c:f4:
09:e4:4f:dc:48:37:c8:d9:4e:1c:32:af:42:6d:35:2b:29:af:
b0:b7:69:e6:b5:f4:fe:bc:e5:5c:0f:91:da:3e:42:2d:be:bb:
15:75:14:9b:4b:d4:49:49:3d:0f:73:0c:bf:f2:23:5a:0f:de:
8a:0e:11:84:a3:d3:a3:ef:db:bf:6e:f5:5d:0f:e8:44:5d:e6:
16:06:00:b6:46:8c:0b:4e:6c:73:5c:d0:6f:5d:5d:00:2e:3b:
8f:d7:ba:d7:a2:bc:62:72:20:6a:43:3a:5a:10:9b:dd:27:ab:
d3:52:62:64:21:fa:27:06:e7:b9:eb:5d:3e:01:b8:cc:d0:08:
3d:67:75:85:a8:b7:43:24:40:a0:27:1c:7d:74:64:b8:a3:16:
43:88:01:4b:7f:09:ac:37:9b:c5:b1:5c:25:40:b1:df:70:cd:
ea:08:8b:90:a7:70:9e:4f:88:b0:09:20:12:e7:e1:5b:b1:6b:
c6:4a:ba:e9:25:d3:5b:d4:1c:6c:41:a6:ee:ee:ad:ec:42:56:
e5:51:05:6b:d5:a9:aa:a3:2e:5f:97:5c:a5:aa:99:e0:be:03:
77:04:68:ce
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUe91La4XAtmRiIEwoGZnKuV4cIgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwMTdaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGViOTQ3ZjYzODA0YTVkOGEyNWNmMGI5MmRlOGU0Yzk1OTJlYWQxNWU3ZjIy
NWYzYTkwZTMzM2FmMGZkZDg5MDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcGI9E6ivlrhvx9N/TeSFN4IDQf9t6SSsfGyXoBm3Bv7TJY6NL61Pw8hPnq
aqxtw7Dh2pCZV4Tjt4WVco+IRAV9U0/caGbZqYNpYBWiH3sOfu8ogcODxW4Ro0/d
C3ukzXVfJk9l+o4qiFc8E0zMSeDkd/P9lzQtJYOiMYY26X00pnN04TR0UYn3AS+6
ANOq7efvtFENr6OdGhaqIGZCo+oqVPowNPVMpH6XGubQvQb+0cYv8QuR+WeJ8Ox2
CSrn+c876vbGcTYIoIq0CX07UEH761PDJSmXrRUSsCviy0Yh/sjEdOBnzdEv3u0P
uh4xEiqVqvdg7Ga67g+KWr5+lg0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRxynap
hJ+O6LqGiH/sKMPwIQCYTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUyZTlkYWQtY2JmMy00YWMwLWE1MmUtZGEyYmYwM2U5MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiKDAN
BgkqhkiG9w0BAQsFAAOCAQEATJUhNtV8mkco0AIIyGX99+GdTTV+NiUmcAkLNVLW
rUjqYlz0CeRP3Eg3yNlOHDKvQm01KymvsLdp5rX0/rzlXA+R2j5CLb67FXUUm0vU
SUk9D3MMv/IjWg/eig4RhKPTo+/bv271XQ/oRF3mFgYAtkaMC05sc1zQb11dAC47
j9e616K8YnIgakM6WhCb3Ser01JiZCH6JwbnuetdPgG4zNAIPWd1hai3QyRAoCcc
fXRkuKMWQ4gBS38JrDebxbFcJUCx33DN6giLkKdwnk+IsAkgEufhW7Frxkq66SXT
W9QcbEGm7u6t7EJW5VEFa9WpqqMuX5dcpaqZ4L4DdwRozg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:56 2025 by rpki-client