Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
File: 3c89eb14-e34b-4729-9b6f-b536e1e06692.roa (raw, json)
Hash identifier: wW8fOtAaGWb1XMbwTotN/hXF1IGN8KqKoYKWyaTjNpw=
Subject key identifier: 07:F0:EA:E0:18:0B:50:F6:67:9C:C1:28:38:73:FE:7A:16:19:8D:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 327B555D987B2D18F9FB61AD6021DB82A73E0C84
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
Signing time: Tue 01 Jul 2025 15:00:19 +0000
ROA not before: Tue 01 Jul 2025 15:00:19 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.32.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:7b:55:5d:98:7b:2d:18:f9:fb:61:ad:60:21:db:82:a7:3e:0c:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:19 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=6b7c56f84f6a1fdd3515a07d3349eb871c243ea08312ab5db07dccac6834282a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ac:9c:73:41:24:a0:35:00:f0:52:64:82:ad:
b2:d2:17:97:52:ab:34:99:57:c8:45:89:ce:78:d1:
e7:7e:c0:a9:8c:8e:34:b4:50:db:a2:d2:70:17:aa:
01:a6:ae:07:ed:4e:1b:38:24:90:e0:88:66:7c:25:
7c:ca:97:88:64:4e:21:fd:79:e3:ce:bf:f7:92:7f:
17:9a:66:67:34:f9:29:80:97:59:20:d2:91:de:78:
c3:f6:9b:bc:0f:a8:79:d3:29:ec:09:af:fb:7a:b3:
92:de:cc:61:21:6c:e2:2b:dd:a5:d0:96:67:d6:17:
d3:49:d3:5e:6e:ec:c1:87:ee:0f:24:a6:f7:5d:93:
88:c0:f0:00:de:eb:81:f8:da:f3:cc:4c:69:18:76:
f6:08:40:cd:91:c5:1c:31:91:88:a9:b4:11:37:9e:
8a:4a:95:bc:81:c2:7c:74:75:14:ec:5d:95:cc:0d:
9d:8e:83:df:f0:47:e3:ba:b8:42:36:8c:a8:fe:ab:
e1:f4:64:3c:79:38:e6:40:82:e5:88:7e:0a:ca:d2:
35:0c:f7:b8:43:53:f3:21:9f:2a:d0:5f:3c:d7:13:
d9:99:db:41:ec:6b:99:4e:39:74:96:a4:6a:0d:9c:
90:be:99:c8:95:a9:2c:c8:f3:0d:de:4b:c9:a6:70:
16:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:F0:EA:E0:18:0B:50:F6:67:9C:C1:28:38:73:FE:7A:16:19:8D:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.32.0/21
Signature Algorithm: sha256WithRSAEncryption
ad:6d:f5:f0:73:cc:13:8c:47:31:4a:ab:a6:f0:4e:15:fd:6a:
88:bc:b3:9c:a5:97:88:34:09:5d:90:4d:1f:b6:68:bd:d6:b1:
b5:b3:41:5e:d9:7a:41:e7:09:43:9b:37:48:08:ad:3b:60:c0:
93:13:62:d4:13:96:9c:c2:f3:3d:b9:4b:fa:c4:e6:1d:c5:45:
36:92:73:f3:b8:20:95:ec:a5:4b:05:1d:2b:a9:45:62:28:dd:
12:af:8f:b0:3e:a1:71:1a:3c:41:7b:f7:c9:0c:47:20:71:c8:
0b:fd:c4:b2:8f:9e:84:6b:dc:b3:fc:d8:e0:76:55:3a:c5:7e:
0e:c6:80:d0:97:80:48:80:4d:e8:95:e7:07:96:4a:2a:79:95:
e6:fb:20:1b:0a:f4:c6:ae:d9:05:30:97:5a:4c:f8:93:82:04:
3c:3f:97:77:46:7d:b3:90:6f:d8:03:65:a4:51:e9:12:1b:7f:
11:27:12:bb:65:b7:7f:4f:96:ca:87:1f:65:61:fc:c5:01:5e:
5e:d2:99:67:42:5c:8c:41:64:cd:32:6c:e4:fb:0f:e3:43:ab:
54:5c:3c:6b:80:45:90:ba:bc:22:0b:36:7f:8c:1a:3b:5e:18:
c2:cf:d6:62:fb:6f:8a:5f:b1:5c:52:50:ce:71:52:63:c0:a9:
d1:e0:04:87
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMntVXZh7LRj5+2GtYCHbgqc+DIQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwMTlaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiN2M1NmY4NGY2YTFmZGQzNTE1YTA3ZDMzNDllYjg3MWMyNDNlYTA4MzEy
YWI1ZGIwN2RjY2FjNjgzNDI4MmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPSsnHNBJKA1APBSZIKtstIXl1KrNJlXyEWJznjR537AqYyONLRQ26LScBeq
AaauB+1OGzgkkOCIZnwlfMqXiGROIf15486/95J/F5pmZzT5KYCXWSDSkd54w/ab
vA+oedMp7Amv+3qzkt7MYSFs4ivdpdCWZ9YX00nTXm7swYfuDySm912TiMDwAN7r
gfja88xMaRh29ghAzZHFHDGRiKm0ETeeikqVvIHCfHR1FOxdlcwNnY6D3/BH47q4
QjaMqP6r4fRkPHk45kCC5Yh+CsrSNQz3uENT8yGfKtBfPNcT2ZnbQexrmU45dJak
ag2ckL6ZyJWpLMjzDd5LyaZwFhMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQH8Org
GAtQ9mecwSg4c/56FhmN9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2M4OWViMTQtZTM0Yi00NzI5LTliNmYtYjUzNmUxZTA2NjkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AiIDAN
BgkqhkiG9w0BAQsFAAOCAQEArW318HPME4xHMUqrpvBOFf1qiLyznKWXiDQJXZBN
H7ZovdaxtbNBXtl6QecJQ5s3SAitO2DAkxNi1BOWnMLzPblL+sTmHcVFNpJz87gg
leylSwUdK6lFYijdEq+PsD6hcRo8QXv3yQxHIHHIC/3Eso+ehGvcs/zY4HZVOsV+
DsaA0JeASIBN6JXnB5ZKKnmV5vsgGwr0xq7ZBTCXWkz4k4IEPD+Xd0Z9s5Bv2ANl
pFHpEht/EScSu2W3f0+WyocfZWH8xQFeXtKZZ0JcjEFkzTJs5PsP40OrVFw8a4BF
kLq8Igs2f4waO14Yws/WYvtvil+xXFJQznFSY8Cp0eAEhw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:16 2025 by rpki-client