Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
File: ec7e5637-f312-4c51-b644-29324b74734e.roa (raw, json)
Hash identifier: KtgcaPnueplJQB5daug1wVRy9JizMmLjsil5QSdZCig=
Subject key identifier: C7:65:A3:A3:0F:F0:45:49:64:65:4C:17:72:17:0D:6A:23:23:BA:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63A2ADE863D94647E48B2B057B80079D03EE7FE8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
Signing time: Mon 28 Jul 2025 16:10:38 +0000
ROA not before: Mon 28 Jul 2025 16:10:38 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:a2:ad:e8:63:d9:46:47:e4:8b:2b:05:7b:80:07:9d:03:ee:7f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:38 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=f1daf8e2254c9770a86b765ef07915d4bd0356bc215afd2c4e459b4e6d577759, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:49:75:1b:75:aa:f9:87:bf:a4:3a:af:d5:76:
f1:74:72:4d:95:86:b7:4e:5b:47:0c:27:98:70:46:
43:dc:dc:5f:90:84:73:4d:50:61:25:ba:db:f7:69:
f1:38:51:c5:0d:37:d6:43:00:12:bf:3c:3d:c5:02:
f0:31:0a:b9:a4:b7:ff:fe:20:69:21:a9:dc:ef:cd:
f3:70:73:79:47:30:33:e5:61:cc:a9:0a:ef:76:20:
43:c1:31:cf:53:25:4e:8c:85:8c:f2:c8:f1:57:4e:
4c:10:ae:26:6c:fc:89:17:37:cd:80:40:83:c0:a8:
05:85:26:41:f9:6d:6e:43:1d:a4:49:ea:13:c7:33:
30:07:de:40:e8:42:4b:85:0d:39:4e:1f:de:06:7e:
a2:0f:9a:07:20:c5:bb:5d:10:43:c9:cb:75:87:85:
4d:2f:b0:7c:77:79:7e:5d:2b:03:bd:29:96:7d:f7:
26:a4:89:33:95:2e:fa:50:6f:c3:fa:39:80:00:81:
95:4d:b9:cf:79:60:9e:9c:55:26:88:53:8d:0f:1a:
e0:69:b4:2d:d3:9d:40:8d:3d:8d:37:48:04:c2:88:
2a:7d:ac:d7:8b:69:c4:4d:f7:4c:30:c2:08:e4:e3:
aa:82:55:9f:e0:6c:1d:b2:bc:8e:97:e0:b3:40:3f:
0a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:65:A3:A3:0F:F0:45:49:64:65:4C:17:72:17:0D:6A:23:23:BA:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.224.0/19
Signature Algorithm: sha256WithRSAEncryption
44:e3:ce:8b:f9:c2:61:eb:ac:05:1b:39:a9:9c:75:8d:af:59:
54:f3:e6:90:ca:8d:d4:5d:fc:99:f9:f2:5a:b1:97:00:49:fd:
38:ea:8d:ad:1b:a7:0b:09:eb:3a:80:09:60:fe:75:92:49:0b:
71:40:02:e4:17:93:08:43:d5:0b:48:60:dc:6a:b4:cf:86:ad:
52:37:36:51:70:37:d0:d3:14:23:38:28:fa:d3:ea:e7:83:28:
23:a6:6c:66:56:2a:31:92:b3:a1:7a:b0:49:05:2b:68:15:10:
b1:ef:12:12:35:a7:95:3d:8c:1a:91:f5:66:e6:f8:35:04:f2:
6e:58:66:bf:68:cd:5b:73:e7:b1:3b:eb:0d:b2:9a:40:1f:9d:
ef:5a:67:2e:cd:07:0a:b7:5c:30:ed:a5:8f:29:0f:73:dd:81:
16:d6:37:92:da:f1:ee:f9:4d:84:5a:d7:ad:5d:03:7f:27:7b:
5b:88:18:9e:59:62:ba:f1:a4:e7:6a:77:6f:1c:54:46:29:4c:
ba:f3:2f:92:4e:5f:f4:32:de:b0:92:1a:aa:45:56:d1:c8:c4:
5e:07:45:cb:62:1a:c9:75:54:fa:fa:0a:a1:4b:6d:ac:e1:23:
a8:7e:d5:7b:90:fb:a5:2d:91:5c:1d:8f:39:75:bf:24:84:39:
20:6a:bf:d7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUY6Kt6GPZRkfkiysFe4AHnQPuf+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMzhaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxZGFmOGUyMjU0Yzk3NzBhODZiNzY1ZWYwNzkxNWQ0YmQwMzU2YmMyMTVh
ZmQyYzRlNDU5YjRlNmQ1Nzc3NTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJJdRt1qvmHv6Q6r9V28XRyTZWGt05bRwwnmHBGQ9zcX5CEc01QYSW62/dp
8ThRxQ031kMAEr88PcUC8DEKuaS3//4gaSGp3O/N83BzeUcwM+VhzKkK73YgQ8Ex
z1MlToyFjPLI8VdOTBCuJmz8iRc3zYBAg8CoBYUmQfltbkMdpEnqE8czMAfeQOhC
S4UNOU4f3gZ+og+aByDFu10QQ8nLdYeFTS+wfHd5fl0rA70pln33JqSJM5Uu+lBv
w/o5gACBlU25z3lgnpxVJohTjQ8a4Gm0LdOdQI09jTdIBMKIKn2s14tpxE33TDDC
COTjqoJVn+BsHbK8jpfgs0A/Cu0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTHZaOj
D/BFSWRlTBdyFw1qIyO6pDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM3ZTU2MzctZjMxMi00YzUxLWI2NDQtMjkzMjRiNzQ3MzRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAi4DAN
BgkqhkiG9w0BAQsFAAOCAQEAROPOi/nCYeusBRs5qZx1ja9ZVPPmkMqN1F38mfny
WrGXAEn9OOqNrRunCwnrOoAJYP51kkkLcUAC5BeTCEPVC0hg3Gq0z4atUjc2UXA3
0NMUIzgo+tPq54MoI6ZsZlYqMZKzoXqwSQUraBUQse8SEjWnlT2MGpH1Zub4NQTy
blhmv2jNW3PnsTvrDbKaQB+d71pnLs0HCrdcMO2ljykPc92BFtY3ktrx7vlNhFrX
rV0Dfyd7W4gYnlliuvGk52p3bxxURilMuvMvkk5f9DLesJIaqkVW0cjEXgdFy2Ia
yXVU+voKoUttrOEjqH7Ve5D7pS2RXB2POXW/JIQ5IGq/1w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:36 2025 by rpki-client