Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa
File: 2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa (raw, json)
Hash identifier: cRVjrjzZHXtRPxm0cwl4JFv++Ii67betXVnuh6AgOno=
Subject key identifier: 1E:43:6C:6C:58:9E:62:66:67:3B:98:9B:AD:4C:C7:90:68:AB:C8:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0949136E6B322AF398385AE162FA38576107E0C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa
Signing time: Tue 01 Jul 2025 15:00:54 +0000
ROA not before: Tue 01 Jul 2025 15:00:54 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.96.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:49:13:6e:6b:32:2a:f3:98:38:5a:e1:62:fa:38:57:61:07:e0:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:54 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=c13e9c9ddda0a7d23b78ce23814bcf4b63c8a818df63144a53cc398f69a4dc45, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5c:a3:1d:23:1b:b1:0d:0e:c4:4a:17:63:c8:
60:ef:a5:51:c0:b9:95:c6:49:2b:12:18:2e:bb:ab:
ea:8d:30:bc:03:29:9b:18:5d:3d:c1:a6:37:99:6c:
f1:b2:2e:02:63:7d:54:10:0e:58:4e:1b:84:2d:e8:
eb:e9:e7:05:00:00:ad:af:a5:0e:65:d2:57:97:77:
1b:da:eb:b1:1d:a2:d8:a0:bd:e3:3d:df:89:c3:f7:
f6:99:7c:9a:40:dd:3a:ba:ba:fe:a4:59:bf:46:13:
99:2c:56:ad:5e:79:19:14:77:e1:f7:9d:75:12:76:
f1:19:61:2d:0c:98:61:0b:16:91:9f:1a:96:08:ed:
04:6e:f9:8b:1e:e1:95:1f:20:12:f6:2d:8d:9f:03:
23:b9:ea:cd:cf:c2:4c:15:4e:6b:6a:32:81:94:11:
2e:0c:02:59:68:d4:13:ff:5f:48:09:b4:01:49:fb:
63:e1:fc:89:65:f7:bf:69:4f:35:de:f7:30:83:20:
b3:16:a2:e0:a8:52:8a:f2:27:db:58:a6:14:28:fd:
54:ae:0c:1b:f1:39:f8:25:f3:20:bb:a6:33:d9:c5:
f6:d2:94:31:6a:f4:8c:00:07:46:0a:d1:69:f9:07:
93:e7:89:4c:1f:17:ce:e6:d8:bf:d9:48:c3:0d:a2:
a3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:43:6C:6C:58:9E:62:66:67:3B:98:9B:AD:4C:C7:90:68:AB:C8:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.96.0/19
Signature Algorithm: sha256WithRSAEncryption
b3:0d:4f:34:dc:1f:db:f0:af:1e:87:b4:9d:af:e2:b5:66:7a:
6d:ea:9f:da:a4:f2:1f:cd:c8:d0:e5:d5:db:a4:81:eb:1d:1f:
cc:0b:e2:92:62:c1:3b:23:28:49:d3:94:95:31:c3:99:89:bb:
b9:9e:23:40:23:ac:84:95:ee:49:1d:eb:bf:b4:b1:eb:af:8b:
b5:73:0a:a7:7d:16:02:43:73:c5:9b:b0:b0:18:c1:11:e4:a7:
63:a9:d3:f7:48:37:8f:1d:71:0a:f6:01:ac:14:75:78:5e:bc:
e8:1b:f9:23:46:65:e7:44:b7:7a:ca:ee:ca:31:82:c7:f2:7e:
f7:09:8a:25:8b:07:3c:fe:8a:d3:81:b2:1f:54:75:65:2e:88:
66:63:67:59:48:a5:ef:a9:cc:92:9a:fa:98:de:a3:20:e7:69:
aa:c7:c1:d0:c7:ad:1b:78:0f:7e:27:7a:4b:6d:35:0f:53:ed:
94:97:4b:df:75:87:00:f8:19:fc:e8:d3:59:ef:c6:86:fc:93:
e7:87:5c:32:b7:80:63:a3:97:f6:fc:90:a9:6f:79:76:e7:f2:
98:d8:6a:fb:6e:31:10:4d:d5:70:8f:2b:48:e7:cc:49:ca:ac:
ea:f6:7a:f8:f4:aa:a0:ea:9d:bb:39:8e:01:17:bb:99:df:86:
b3:47:89:90
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCUkTbmsyKvOYOFrhYvo4V2EH4MkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwNTRaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxM2U5YzlkZGRhMGE3ZDIzYjc4Y2UyMzgxNGJjZjRiNjNjOGE4MThkZjYz
MTQ0YTUzY2MzOThmNjlhNGRjNDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdcox0jG7ENDsRKF2PIYO+lUcC5lcZJKxIYLrur6o0wvAMpmxhdPcGmN5ls
8bIuAmN9VBAOWE4bhC3o6+nnBQAAra+lDmXSV5d3G9rrsR2i2KC94z3ficP39pl8
mkDdOrq6/qRZv0YTmSxWrV55GRR34feddRJ28RlhLQyYYQsWkZ8algjtBG75ix7h
lR8gEvYtjZ8DI7nqzc/CTBVOa2oygZQRLgwCWWjUE/9fSAm0AUn7Y+H8iWX3v2lP
Nd73MIMgsxai4KhSivIn21imFCj9VK4MG/E5+CXzILumM9nF9tKUMWr0jAAHRgrR
afkHk+eJTB8XzubYv9lIww2io1ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQeQ2xs
WJ5iZmc7mJutTMeQaKvIwTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmZkODAzN2QtMDUzNi00MmJjLWFmNWMtNGQwZWQ0ZjhkZTc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiYDAN
BgkqhkiG9w0BAQsFAAOCAQEAsw1PNNwf2/CvHoe0na/itWZ6beqf2qTyH83I0OXV
26SB6x0fzAvikmLBOyMoSdOUlTHDmYm7uZ4jQCOshJXuSR3rv7Sx66+LtXMKp30W
AkNzxZuwsBjBEeSnY6nT90g3jx1xCvYBrBR1eF686Bv5I0Zl50S3esruyjGCx/J+
9wmKJYsHPP6K04GyH1R1ZS6IZmNnWUil76nMkpr6mN6jIOdpqsfB0MetG3gPfid6
S201D1PtlJdL33WHAPgZ/OjTWe/GhvyT54dcMreAY6OX9vyQqW95dufymNhq+24x
EE3VcI8rSOfMScqs6vZ6+PSqoOqduzmOARe7md+Gs0eJkA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:14 2025 by rpki-client