Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
File: 513c0075-edb1-461e-a07d-4eb5874bd9ce.roa (raw, json)
Hash identifier: ZDA0H5bxUgfeydJZka+cfpY2nAgtgiktMXQzJgCgePY=
Subject key identifier: 00:E2:01:2E:61:A9:E2:23:A9:70:B0:7F:2A:8F:19:51:B5:0C:5F:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45583FDDE37A5ADDB0CBEC6B124D33A6E4BBB79C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
Signing time: Tue 01 Jul 2025 15:00:48 +0000
ROA not before: Tue 01 Jul 2025 15:00:48 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.160.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:58:3f:dd:e3:7a:5a:dd:b0:cb:ec:6b:12:4d:33:a6:e4:bb:b7:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:48 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=aa5cfd30452b445ab2b49463bb4266079c1a26084c66f3741a1692349a506a0a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:30:2e:56:6d:d9:32:15:10:10:8a:af:54:c4:
9d:ad:bd:5b:2f:3b:90:a2:b7:15:ed:66:55:ee:0f:
60:7c:cc:78:5b:87:35:ad:11:57:bc:8a:eb:22:86:
78:5b:96:2a:2b:c2:da:16:47:c5:74:c1:8d:8d:e7:
26:ef:cb:59:ca:08:ef:86:98:84:db:ce:ac:63:52:
64:1a:8c:df:e5:91:2e:a8:0a:1a:7b:dc:d6:93:ce:
f7:68:5e:a3:f7:42:55:b1:a2:82:99:71:70:7a:56:
46:e0:23:3a:ce:28:d8:78:4a:ae:f4:85:40:f0:96:
7e:d7:d3:7f:39:dd:5e:18:a8:b9:12:b6:d9:da:37:
fb:01:ee:17:04:93:82:74:51:4c:1b:a1:a5:15:32:
52:76:47:bc:a1:01:d1:a6:90:63:8b:3e:c0:cd:8a:
78:b2:68:59:32:91:4d:a1:72:74:18:83:1f:12:84:
59:db:5e:4b:ac:66:5e:7b:40:4b:0b:5f:d3:ed:18:
41:ce:0c:11:42:fc:4f:ce:fd:20:1c:69:e6:0e:de:
8c:9e:62:40:67:1b:99:fa:ae:80:e5:43:89:d0:af:
70:cf:88:ee:f0:ac:19:89:5a:0b:67:d1:85:36:d4:
ff:26:ba:25:2c:8f:40:83:79:86:c5:d9:29:96:44:
fc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E2:01:2E:61:A9:E2:23:A9:70:B0:7F:2A:8F:19:51:B5:0C:5F:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.160.0/20
Signature Algorithm: sha256WithRSAEncryption
bb:64:da:01:3c:4b:97:89:39:7f:97:e9:ba:2e:b0:ef:c3:45:
46:5c:89:a7:d2:7c:a7:28:78:a0:5e:83:e9:af:63:a1:dc:70:
b1:cb:4d:15:26:b9:dc:99:72:03:8c:3d:7a:a6:8c:d7:4a:8a:
fa:8a:dd:11:9a:ce:dc:12:f4:0c:23:4a:e2:6b:89:a7:b0:a2:
b4:c5:63:30:98:df:54:af:63:79:d1:7f:3d:21:a5:81:3f:e7:
bf:bd:d0:10:15:81:55:bf:86:b6:4c:ec:5f:9d:b3:40:85:98:
7a:a7:a7:82:10:d0:dc:c8:55:58:c6:08:11:be:ba:05:ee:e5:
c1:06:2d:e2:a0:15:99:ee:51:b5:88:44:ee:14:b4:09:02:86:
5c:5e:85:ed:9d:af:a2:6b:1f:6e:77:41:a2:4e:c6:8a:a3:87:
ff:db:26:8a:de:d7:cc:0d:09:cf:69:7a:d7:2d:d7:55:ba:cc:
b1:d2:fb:dc:8a:a9:d9:f8:0c:cb:82:d5:5b:40:5c:ef:93:8e:
9e:5f:b2:8e:60:c5:e0:73:71:05:ca:f0:b4:14:be:35:92:f1:
b9:8d:ca:f9:f5:b9:47:8b:23:53:fc:95:05:21:7d:34:8f:85:
08:9d:aa:04:53:21:ad:bf:bb:c1:8e:aa:15:30:5c:50:d2:45:
3a:7a:bf:9c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURVg/3eN6Wt2wy+xrEk0zpuS7t5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwNDhaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhNWNmZDMwNDUyYjQ0NWFiMmI0OTQ2M2JiNDI2NjA3OWMxYTI2MDg0YzY2
ZjM3NDFhMTY5MjM0OWE1MDZhMGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0wLlZt2TIVEBCKr1TEna29Wy87kKK3Fe1mVe4PYHzMeFuHNa0RV7yK6yKG
eFuWKivC2hZHxXTBjY3nJu/LWcoI74aYhNvOrGNSZBqM3+WRLqgKGnvc1pPO92he
o/dCVbGigplxcHpWRuAjOs4o2HhKrvSFQPCWftfTfzndXhiouRK22do3+wHuFwST
gnRRTBuhpRUyUnZHvKEB0aaQY4s+wM2KeLJoWTKRTaFydBiDHxKEWdteS6xmXntA
Swtf0+0YQc4MEUL8T879IBxp5g7ejJ5iQGcbmfqugOVDidCvcM+I7vCsGYlaC2fR
hTbU/ya6JSyPQIN5hsXZKZZE/JkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQA4gEu
YaniI6lwsH8qjxlRtQxf7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTEzYzAwNzUtZWRiMS00NjFlLWEwN2QtNGViNTg3NGJkOWNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAioDAN
BgkqhkiG9w0BAQsFAAOCAQEAu2TaATxLl4k5f5fpui6w78NFRlyJp9J8pyh4oF6D
6a9jodxwsctNFSa53JlyA4w9eqaM10qK+ordEZrO3BL0DCNK4muJp7CitMVjMJjf
VK9jedF/PSGlgT/nv73QEBWBVb+GtkzsX52zQIWYeqenghDQ3MhVWMYIEb66Be7l
wQYt4qAVme5RtYhE7hS0CQKGXF6F7Z2vomsfbndBok7GiqOH/9smit7XzA0Jz2l6
1y3XVbrMsdL73Iqp2fgMy4LVW0Bc75OOnl+yjmDF4HNxBcrwtBS+NZLxuY3K+fW5
R4sjU/yVBSF9NI+FCJ2qBFMhrb+7wY6qFTBcUNJFOnq/nA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:13 2025 by rpki-client