Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
File: a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa (raw, json)
Hash identifier: Faoe2zzlLiLq6C4xN5Jl+Mk7u9lO1pW4GGAsJ4PjmNg=
Subject key identifier: C6:22:1A:F4:BE:49:1B:0B:EB:C3:B9:80:38:91:CF:F3:2E:80:AF:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5136CB5B38381D484D8A38130E34B47D0F80B6E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
Signing time: Tue 01 Jul 2025 15:00:20 +0000
ROA not before: Tue 01 Jul 2025 15:00:20 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:36:cb:5b:38:38:1d:48:4d:8a:38:13:0e:34:b4:7d:0f:80:b6:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:20 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=e68b802e5a7928ea8324418803412c356dc171b9f585b15c5dd905d55c8f8ba8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fe:6b:ab:a0:3e:69:c4:ef:d6:89:9b:34:c9:
f9:c4:90:ac:da:ac:fb:78:84:26:ec:e3:fd:f3:62:
d0:12:4a:30:14:c3:42:52:43:b8:a9:d6:8f:29:dc:
e0:ed:5c:93:91:36:1a:14:fc:0e:41:8b:51:a1:91:
a6:de:e5:5b:d5:ce:ab:24:5a:f1:42:49:3b:a0:87:
23:ec:02:04:49:fb:b4:09:7e:4c:94:47:6c:43:1a:
c7:b8:74:45:aa:6b:d2:f8:c6:56:aa:b3:5c:bd:25:
77:3e:a2:fa:f6:5e:43:3d:21:60:65:eb:ba:b2:a2:
75:b9:d8:ac:97:d6:fe:8c:66:3c:b4:10:b1:bf:c3:
ac:30:1a:d0:18:95:2b:97:67:e0:43:db:cd:30:f5:
d7:fb:4f:85:dc:04:74:fd:4a:54:f4:e9:90:d6:b5:
a7:93:b6:1f:86:3c:cb:c0:6e:87:45:a5:7b:28:c7:
42:d5:21:65:e2:52:4a:6e:2d:4d:b3:15:1e:f8:67:
76:46:29:a1:ab:a0:0d:24:c4:d4:de:42:19:f1:77:
bb:3e:e3:24:46:08:0f:aa:33:bb:41:84:53:f2:3f:
2f:4d:39:5c:e4:11:b9:76:d1:f4:3a:85:a7:ae:91:
6c:f3:a9:bd:86:d3:86:9c:6d:53:ec:05:06:8a:a9:
3a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:22:1A:F4:BE:49:1B:0B:EB:C3:B9:80:38:91:CF:F3:2E:80:AF:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/20
Signature Algorithm: sha256WithRSAEncryption
79:f2:23:e5:23:cc:51:d2:91:aa:71:ba:c5:28:18:e8:26:c2:
16:6d:6a:bb:c1:c2:c1:98:2f:c4:4d:e7:ea:7d:81:2d:a5:9d:
ff:b6:75:eb:3f:19:9b:53:38:58:d7:db:69:0d:e8:1f:2d:b4:
cc:e0:7b:ad:24:9a:e6:dc:c9:1a:71:61:59:dc:c9:1d:31:41:
d4:71:e9:3c:7d:4a:a9:dd:25:8e:ac:2e:f0:e2:53:94:3d:c3:
fb:ea:25:bd:7b:76:69:cd:4f:2d:59:84:de:a3:0d:90:82:98:
62:3a:47:ef:86:84:88:16:36:9e:12:f1:df:c2:01:95:2c:8c:
ef:f2:50:8d:23:9a:31:eb:a5:d2:9c:48:68:3d:99:d3:1b:1d:
14:96:c0:08:54:cb:77:88:1f:34:f1:93:72:e4:2f:bb:81:73:
cd:dd:a2:ee:b9:31:85:9d:68:34:fd:cf:27:f1:82:9a:b9:43:
bd:e5:b0:e1:43:53:ea:16:c5:f7:ea:4b:b3:08:5d:c0:4a:fe:
27:ed:16:7b:d6:d6:e0:bb:93:e7:97:b7:1a:7f:20:49:22:ad:
da:1c:0d:52:07:82:15:7d:de:3c:33:5a:a2:ca:5e:6f:29:7b:
51:84:4c:65:b5:90:55:f0:3c:f1:87:c6:5e:18:de:87:16:30:
1a:5f:d1:57
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUTbLWzg4HUhNijgTDjS0fQ+AtuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwMjBaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2OGI4MDJlNWE3OTI4ZWE4MzI0NDE4ODAzNDEyYzM1NmRjMTcxYjlmNTg1
YjE1YzVkZDkwNWQ1NWM4ZjhiYTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMn+a6ugPmnE79aJmzTJ+cSQrNqs+3iEJuzj/fNi0BJKMBTDQlJDuKnWjync
4O1ck5E2GhT8DkGLUaGRpt7lW9XOqyRa8UJJO6CHI+wCBEn7tAl+TJRHbEMax7h0
Rapr0vjGVqqzXL0ldz6i+vZeQz0hYGXrurKidbnYrJfW/oxmPLQQsb/DrDAa0BiV
K5dn4EPbzTD11/tPhdwEdP1KVPTpkNa1p5O2H4Y8y8Buh0WleyjHQtUhZeJSSm4t
TbMVHvhndkYpoaugDSTE1N5CGfF3uz7jJEYID6ozu0GEU/I/L005XOQRuXbR9DqF
p66RbPOpvYbThpxtU+wFBoqpOgECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTGIhr0
vkkbC+vDuYA4kc/zLoCvhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTI2MGZlM2MtYTkwMS00ZjVhLWI1MGEtNzliOWExZTFmOGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAefIj5SPMUdKRqnG6xSgY6CbCFm1qu8HCwZgvxE3n
6n2BLaWd/7Z16z8Zm1M4WNfbaQ3oHy20zOB7rSSa5tzJGnFhWdzJHTFB1HHpPH1K
qd0ljqwu8OJTlD3D++olvXt2ac1PLVmE3qMNkIKYYjpH74aEiBY2nhLx38IBlSyM
7/JQjSOaMeul0pxIaD2Z0xsdFJbACFTLd4gfNPGTcuQvu4Fzzd2i7rkxhZ1oNP3P
J/GCmrlDveWw4UNT6hbF9+pLswhdwEr+J+0We9bW4LuT55e3Gn8gSSKt2hwNUgeC
FX3ePDNaospebyl7UYRMZbWQVfA88YfGXhjehxYwGl/RVw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:41:37 2025 by rpki-client