Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
File: 2780ebe2-8258-4510-a848-89116418e1c7.roa (raw, json)
Hash identifier: qN/4jMW2hKNs6/oJxlmOx5R6x9kon/64lPob+uqFAOY=
Subject key identifier: B9:6F:32:66:70:A2:67:40:87:65:56:2F:FD:78:D7:10:3C:92:9A:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42D6B39D8505072890F8067588EF8EA79B392ABC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
Signing time: Tue 01 Jul 2025 15:00:56 +0000
ROA not before: Tue 01 Jul 2025 15:00:56 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:d6:b3:9d:85:05:07:28:90:f8:06:75:88:ef:8e:a7:9b:39:2a:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:56 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=57c4f06ead2f159d6a078f63846c57445c7ca64455162e047d8eb507f293fd68, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:83:fe:62:1a:33:4a:9f:3b:35:89:e7:87:b1:
03:48:73:a2:e5:b4:ac:9b:3c:04:00:bf:96:de:1d:
22:75:65:2c:4b:5f:22:2d:8b:53:b9:79:50:6f:73:
3b:95:8b:ba:dc:2e:db:35:59:ba:41:ff:f4:88:64:
17:7a:13:02:ea:5e:09:a2:93:d3:5c:dc:96:82:09:
56:35:31:a5:b9:1f:e2:e1:d2:01:27:25:5b:88:5b:
0b:40:dd:5e:75:48:4b:0b:cd:91:89:61:49:a9:d0:
c2:7a:76:68:b6:ad:29:a6:56:c4:96:3a:db:dc:b5:
d4:9b:e1:0a:0f:80:53:31:b1:9f:ba:e0:5e:ff:7a:
37:2b:2d:b5:de:c0:f9:24:d5:14:86:6c:20:30:32:
9a:4e:94:b1:11:27:66:53:69:c8:78:68:f5:7e:b7:
11:c6:6c:46:62:40:29:fa:8c:df:b7:a1:20:93:66:
6d:3b:43:89:12:8a:f9:a7:fa:df:a7:51:92:32:3e:
6b:1c:fe:68:70:60:cd:22:ad:13:56:71:aa:6f:d1:
47:75:6c:c6:49:a3:af:28:df:5f:76:bc:e9:29:12:
db:5f:11:01:ff:ec:0b:02:65:4f:c9:92:62:96:6a:
ea:c3:3b:9d:9d:0a:8b:c6:43:33:db:bb:7c:56:a6:
19:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:6F:32:66:70:A2:67:40:87:65:56:2F:FD:78:D7:10:3C:92:9A:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/19
Signature Algorithm: sha256WithRSAEncryption
61:c7:5e:73:be:b1:f9:6c:f4:57:37:f5:ef:bc:a5:27:cd:95:
9d:09:e7:8f:5f:f3:76:8a:1c:af:f4:1f:3e:98:05:c3:db:1d:
5c:72:f5:7c:ab:63:a3:83:ae:76:b4:05:46:9b:1c:2e:a8:a7:
de:0a:27:c2:eb:91:08:65:98:7f:74:5e:c3:97:96:b6:c2:8a:
2a:46:ac:ec:e5:ea:5c:66:a6:d4:5b:b6:33:a3:79:e4:ee:ba:
ef:5f:b4:2f:8b:56:ce:1f:99:fa:c4:b5:67:44:90:78:6d:a2:
e2:41:10:f3:7b:2c:a5:42:ce:1d:43:57:e0:02:d8:cb:40:b6:
37:73:f6:08:ad:41:33:35:cd:8a:ed:c9:04:c9:30:9f:90:45:
65:27:7b:d7:8d:c8:90:59:a5:d7:24:b1:a4:c5:cc:d1:dc:48:
88:5b:a0:5c:4a:70:9c:0b:c0:55:66:3a:04:5b:ba:a3:70:a3:
ae:51:ba:af:6d:e6:ab:de:20:07:09:72:33:d5:06:d4:da:37:
ab:1a:e2:00:e3:fd:19:ad:e8:36:8e:ea:91:3a:97:2f:b6:10:
a3:9c:9e:67:65:9b:7d:3d:76:49:f7:4d:60:91:c0:fb:d2:4d:
b4:38:e9:24:60:5f:e7:9a:3a:c5:d8:4d:fb:fa:0d:73:d3:1a:
16:58:9c:61
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQtaznYUFByiQ+AZ1iO+Op5s5KrwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwNTZaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3YzRmMDZlYWQyZjE1OWQ2YTA3OGY2Mzg0NmM1NzQ0NWM3Y2E2NDQ1NTE2
MmUwNDdkOGViNTA3ZjI5M2ZkNjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2D/mIaM0qfOzWJ54exA0hzouW0rJs8BAC/lt4dInVlLEtfIi2LU7l5UG9z
O5WLutwu2zVZukH/9IhkF3oTAupeCaKT01zcloIJVjUxpbkf4uHSASclW4hbC0Dd
XnVISwvNkYlhSanQwnp2aLatKaZWxJY629y11JvhCg+AUzGxn7rgXv96Nysttd7A
+STVFIZsIDAymk6UsREnZlNpyHho9X63EcZsRmJAKfqM37ehIJNmbTtDiRKK+af6
36dRkjI+axz+aHBgzSKtE1Zxqm/RR3VsxkmjryjfX3a86SkS218RAf/sCwJlT8mS
YpZq6sM7nZ0Ki8ZDM9u7fFamGYsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS5bzJm
cKJnQIdlVi/9eNcQPJKahTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4MGViZTItODI1OC00NTEwLWE4NDgtODkxMTY0MThlMWM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEAYcdec76x+Wz0Vzf177ylJ82VnQnnj1/zdoocr/Qf
PpgFw9sdXHL1fKtjo4OudrQFRpscLqin3gonwuuRCGWYf3Rew5eWtsKKKkas7OXq
XGam1Fu2M6N55O6671+0L4tWzh+Z+sS1Z0SQeG2i4kEQ83sspULOHUNX4ALYy0C2
N3P2CK1BMzXNiu3JBMkwn5BFZSd7143IkFml1ySxpMXM0dxIiFugXEpwnAvAVWY6
BFu6o3CjrlG6r23mq94gBwlyM9UG1No3qxriAOP9Ga3oNo7qkTqXL7YQo5yeZ2Wb
fT12SfdNYJHA+9JNtDjpJGBf55o6xdhN+/oNc9MaFlicYQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:47 2025 by rpki-client