Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
File: 995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa (raw, json)
Hash identifier: 4a8HjhpEzTBVesEcwL/R/vDTVfRMFX9oGh0Zi81twXI=
Subject key identifier: 9E:3B:6F:D5:A3:7C:48:EE:12:67:48:FF:EE:BD:55:F9:02:0A:ED:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FB7A18F5D07674C38CD82C2C6FC9D381B67E1A8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
Signing time: Tue 01 Jul 2025 15:00:15 +0000
ROA not before: Tue 01 Jul 2025 15:00:15 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.16.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:b7:a1:8f:5d:07:67:4c:38:cd:82:c2:c6:fc:9d:38:1b:67:e1:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:15 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=7a0fd7615c986580871ffd9f514a4f5ddbb26548be01f8d2a8f95077f9a11ff6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8d:dd:67:95:f3:cf:97:a3:02:2f:c6:83:b5:
39:49:75:11:f1:d3:d4:2e:4e:fc:a3:be:19:61:bf:
7a:a7:51:d2:b7:7d:ab:30:17:de:08:73:2b:d6:8d:
06:9e:d3:96:17:0f:97:84:7d:39:0f:56:9d:5d:72:
33:2d:20:db:0b:47:dd:c9:18:91:dc:21:0c:1c:8a:
01:d3:49:ed:b7:83:dc:ec:ec:ca:ac:3d:5b:a4:f7:
51:40:85:5a:b4:d4:04:6a:5d:1b:e6:20:83:6a:a9:
3e:03:94:37:16:49:ea:69:e2:50:df:30:25:61:53:
90:14:cd:2a:51:02:6c:b6:c0:7f:e3:09:f3:67:10:
5e:5e:66:89:7c:d4:15:f0:9f:c5:5c:a3:08:b7:31:
14:1b:bd:f9:fa:bc:85:d2:89:00:2e:a7:56:1f:f7:
a2:64:38:69:86:d1:b6:69:6f:23:02:0b:8c:50:db:
fe:44:06:54:72:1a:8e:6a:86:6a:ab:0c:5c:12:3b:
a8:0e:ed:33:11:13:51:55:9e:12:66:33:ac:f7:9f:
7d:f3:b5:56:a7:25:ab:30:bb:88:c9:7b:b7:9b:a9:
1b:02:b8:ab:ad:dc:82:60:8d:19:b2:a7:71:ae:11:
48:05:c1:2a:8f:96:51:6e:a0:be:db:12:46:29:18:
73:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:3B:6F:D5:A3:7C:48:EE:12:67:48:FF:EE:BD:55:F9:02:0A:ED:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.16.0/22
Signature Algorithm: sha256WithRSAEncryption
95:63:45:ee:53:94:2f:66:e7:ee:f0:32:77:92:a0:fa:00:64:
e4:16:a9:75:7e:bf:fb:24:27:c6:7e:5d:43:b8:f4:0c:be:b5:
77:f4:3a:a5:33:f7:bf:46:9d:f4:cb:1a:74:11:b9:3f:79:3c:
93:61:ba:1a:d5:65:c1:f5:39:dc:f8:bd:82:c3:73:e7:91:69:
c5:4e:7a:61:e3:d5:a0:3b:1a:a5:f6:6e:ca:61:25:6d:bf:a2:
8f:f9:bc:76:8c:2b:4e:52:e2:68:57:46:fe:92:1b:04:55:96:
dd:f5:c0:e9:96:af:26:e3:06:ca:1b:cb:66:12:29:df:8c:51:
05:90:bc:94:4e:ff:9c:4d:4d:c2:56:a1:1a:08:d8:26:a9:54:
76:92:53:80:16:92:31:dd:c6:e1:53:c3:7a:44:5b:1f:ed:7d:
e7:22:fb:6a:02:8c:28:ea:29:09:a1:eb:1d:b4:36:11:6d:25:
83:82:a9:ba:c7:94:e1:54:5d:f1:0f:27:50:83:c8:0e:db:04:
41:9f:73:f1:26:c8:f7:18:f7:41:e5:73:af:49:fb:e1:cb:79:
e1:65:ec:d6:4b:55:3a:38:30:a7:39:cc:0c:ae:b1:38:a1:e1:
62:76:de:7d:6d:65:37:66:09:e3:1f:b4:7b:f0:a5:5f:73:0b:
6b:51:1c:e2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUX7ehj10HZ0w4zYLCxvydOBtn4agwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwMTVaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhMGZkNzYxNWM5ODY1ODA4NzFmZmQ5ZjUxNGE0ZjVkZGJiMjY1NDhiZTAx
ZjhkMmE4Zjk1MDc3ZjlhMTFmZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6N3WeV88+XowIvxoO1OUl1EfHT1C5O/KO+GWG/eqdR0rd9qzAX3ghzK9aN
Bp7TlhcPl4R9OQ9WnV1yMy0g2wtH3ckYkdwhDByKAdNJ7beD3Ozsyqw9W6T3UUCF
WrTUBGpdG+Ygg2qpPgOUNxZJ6mniUN8wJWFTkBTNKlECbLbAf+MJ82cQXl5miXzU
FfCfxVyjCLcxFBu9+fq8hdKJAC6nVh/3omQ4aYbRtmlvIwILjFDb/kQGVHIajmqG
aqsMXBI7qA7tMxETUVWeEmYzrPefffO1VqclqzC7iMl7t5upGwK4q63cgmCNGbKn
ca4RSAXBKo+WUW6gvtsSRikYc2cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSeO2/V
o3xI7hJnSP/uvVX5AgrtbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk1ZDRmOGQtMGJjZC00YjMwLTlkYmUtNDJiY2RiZWIwNDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiEDAN
BgkqhkiG9w0BAQsFAAOCAQEAlWNF7lOUL2bn7vAyd5Kg+gBk5BapdX6/+yQnxn5d
Q7j0DL61d/Q6pTP3v0ad9MsadBG5P3k8k2G6GtVlwfU53Pi9gsNz55FpxU56YePV
oDsapfZuymElbb+ij/m8dowrTlLiaFdG/pIbBFWW3fXA6ZavJuMGyhvLZhIp34xR
BZC8lE7/nE1NwlahGgjYJqlUdpJTgBaSMd3G4VPDekRbH+195yL7agKMKOopCaHr
HbQ2EW0lg4KpuseU4VRd8Q8nUIPIDtsEQZ9z8SbI9xj3QeVzr0n74ct54WXs1ktV
OjgwpznMDK6xOKHhYnbefW1lN2YJ4x+0e/ClX3MLa1Ec4g==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:50 2025 by rpki-client