Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
File: 049fd671-de95-4496-9712-c56affcb2b27.roa (raw, json)
Hash identifier: 5kFbqmCpJ0Wjj4YZP0xxFSk2JC+7y1pQZfFe72fgq0w=
Subject key identifier: 2A:CE:56:E1:0E:18:B2:22:34:5A:B9:54:47:78:15:C6:87:89:B9:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A486BD4D022E78BEABDC38A43BA99BAB83724E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
Signing time: Tue 01 Jul 2025 15:00:18 +0000
ROA not before: Tue 01 Jul 2025 15:00:18 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.24.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:48:6b:d4:d0:22:e7:8b:ea:bd:c3:8a:43:ba:99:ba:b8:37:24:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:18 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=5448634615cb73061406a81e8110d1e0cda438d308e2df3bbb1476693dd1cc88, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:05:cf:66:80:dd:fe:7a:fb:64:82:16:02:96:
bc:0b:21:1f:a5:df:e7:1a:cb:4b:0b:c3:2c:e7:3e:
6c:77:6f:88:a5:a8:a7:de:c5:be:90:38:a6:ad:03:
e0:4f:10:fa:0b:77:c9:dc:fc:d2:52:f6:75:af:2e:
12:36:ea:fe:bb:fe:75:4f:5a:44:d3:a6:5d:87:34:
70:49:35:0f:c6:6c:a3:33:87:91:5f:9f:92:a3:24:
45:2c:5b:39:9e:e9:0d:0d:46:1e:f0:04:5e:80:f7:
09:79:69:e9:2a:cc:ce:47:f6:1d:60:bc:68:58:97:
c9:5e:67:d7:4c:27:a6:77:ab:dc:be:28:67:05:69:
c6:a0:da:e9:c4:69:4e:c4:19:3b:8d:fe:d5:92:a0:
bd:87:36:a2:1f:0e:b0:97:03:e4:29:96:7d:5e:01:
80:30:52:58:f7:dd:2d:14:ff:fc:8e:59:4b:6f:2d:
a1:d0:1e:ab:fc:d2:ba:72:06:be:8b:05:0e:38:7b:
49:70:e0:ad:bc:73:1a:82:8b:b6:f3:5b:b0:42:e2:
d4:4a:5d:f4:b8:ff:82:b6:4c:49:79:ce:cd:17:20:
6f:58:87:dd:d5:44:76:15:9a:57:b2:ab:27:b0:25:
bc:fa:06:d9:a2:78:c9:fc:1a:6a:b0:e4:9b:d6:2c:
f7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CE:56:E1:0E:18:B2:22:34:5A:B9:54:47:78:15:C6:87:89:B9:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.24.0/21
Signature Algorithm: sha256WithRSAEncryption
46:19:1d:be:1c:ee:00:f0:72:e4:85:ef:ce:2a:c0:71:4a:ef:
28:6c:30:7a:09:06:76:61:3c:8b:ab:46:43:22:6f:4a:83:4b:
a9:55:41:a2:f7:54:81:1c:46:b8:32:fc:b0:45:46:45:65:7e:
e3:a8:bf:b6:78:2b:36:1d:18:99:78:bb:dd:d3:53:f6:b5:a9:
6b:f6:ee:7b:35:1a:94:cc:ba:a4:0c:9c:7f:33:b5:6d:2e:50:
e4:57:0d:2d:f4:ea:db:2c:68:bc:53:17:0d:48:24:2e:67:52:
f5:19:ab:f0:d1:12:0c:bc:37:65:e5:93:46:0f:40:e6:50:c1:
b7:fb:ab:21:8f:1a:34:73:7a:1a:56:2c:ac:e4:3c:cf:be:20:
6d:df:69:98:d1:4d:41:c7:75:9f:bf:f8:ab:e7:42:c5:ad:ac:
2a:3e:9e:ee:d3:8b:b9:6b:6f:b4:eb:5a:a5:74:29:19:98:23:
d1:f2:1a:9d:7a:93:b1:0b:5a:63:7e:62:52:09:60:5c:23:86:
a8:d3:2c:bb:63:4c:f7:85:d5:f0:ed:79:8d:87:f4:39:7f:8b:
70:56:b8:6a:be:ec:b9:34:3d:46:c1:f6:fd:aa:7c:9c:95:73:
76:76:fd:ce:52:29:25:16:4a:10:c1:4f:c5:d8:8c:2e:53:09:
1d:78:de:1f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUakhr1NAi54vqvcOKQ7qZurg3JOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwMThaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0NDg2MzQ2MTVjYjczMDYxNDA2YTgxZTgxMTBkMWUwY2RhNDM4ZDMwOGUy
ZGYzYmJiMTQ3NjY5M2RkMWNjODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwFz2aA3f56+2SCFgKWvAshH6Xf5xrLSwvDLOc+bHdviKWop97FvpA4pq0D
4E8Q+gt3ydz80lL2da8uEjbq/rv+dU9aRNOmXYc0cEk1D8ZsozOHkV+fkqMkRSxb
OZ7pDQ1GHvAEXoD3CXlp6SrMzkf2HWC8aFiXyV5n10wnpner3L4oZwVpxqDa6cRp
TsQZO43+1ZKgvYc2oh8OsJcD5CmWfV4BgDBSWPfdLRT//I5ZS28todAeq/zSunIG
vosFDjh7SXDgrbxzGoKLtvNbsELi1Epd9Lj/grZMSXnOzRcgb1iH3dVEdhWaV7Kr
J7AlvPoG2aJ4yfwaarDkm9Ys9wkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQqzlbh
DhiyIjRauVRHeBXGh4m51DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ5ZmQ2NzEtZGU5NS00NDk2LTk3MTItYzU2YWZmY2IyYjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AiGDAN
BgkqhkiG9w0BAQsFAAOCAQEARhkdvhzuAPBy5IXvzirAcUrvKGwwegkGdmE8i6tG
QyJvSoNLqVVBovdUgRxGuDL8sEVGRWV+46i/tngrNh0YmXi73dNT9rWpa/buezUa
lMy6pAycfzO1bS5Q5FcNLfTq2yxovFMXDUgkLmdS9Rmr8NESDLw3ZeWTRg9A5lDB
t/urIY8aNHN6GlYsrOQ8z74gbd9pmNFNQcd1n7/4q+dCxa2sKj6e7tOLuWtvtOta
pXQpGZgj0fIanXqTsQtaY35iUglgXCOGqNMsu2NM94XV8O15jYf0OX+LcFa4ar7s
uTQ9RsH2/ap8nJVzdnb9zlIpJRZKEMFPxdiMLlMJHXjeHw==
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:55:49 2025 by rpki-client