Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa
File: aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa (raw, json)
Hash identifier: G4kHBn2JqsblWuOpi4lVA95oiAVd3d4h/Gr9aUTnIQ0=
Subject key identifier: 91:09:CF:75:84:26:65:8E:69:D7:9A:1E:09:C1:7E:B5:B1:4D:6D:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 414D8D7A9847BF393B98BA52FD6C4ABFBEE7C1EE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa
Signing time: Tue 01 Jul 2025 15:00:51 +0000
ROA not before: Tue 01 Jul 2025 15:00:51 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.144.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:4d:8d:7a:98:47:bf:39:3b:98:ba:52:fd:6c:4a:bf:be:e7:c1:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:51 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=cd0d5c6fb9da7c3295593440a644c1863578b6962ba7fdd8263c0f3ff038aeb6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5e:10:c0:da:55:39:cb:6a:ca:26:e5:83:3f:
cb:d3:ca:db:1f:f8:ec:43:87:b2:09:47:89:f4:d5:
23:39:2f:e5:bf:da:a4:97:bc:c1:3b:50:d0:68:60:
c6:cb:ba:88:da:2f:9d:23:e6:97:c1:00:61:3d:df:
69:15:41:86:1d:dd:96:50:25:68:8d:1d:df:e6:f1:
0e:b2:f9:94:b5:bd:00:88:43:fe:03:cb:4f:61:95:
7a:92:52:fe:c6:6b:61:a2:ea:93:c0:37:ed:23:26:
42:47:85:61:f9:65:68:6d:04:51:0c:a8:ca:28:fb:
10:1c:3a:9a:b1:97:8e:61:e5:83:c6:4f:35:94:7d:
e7:de:9f:3b:4c:2a:a7:0c:58:bb:45:62:e8:ba:a1:
42:1d:c2:56:21:80:76:7a:3c:a6:6a:30:f8:2e:0d:
2c:88:10:9e:03:07:4e:69:e4:56:68:b2:6f:37:e3:
26:ff:3d:1f:b9:44:09:4c:f8:2b:d3:21:56:2d:fa:
f8:95:15:1e:28:eb:6f:90:d8:c1:a7:52:6f:cb:e0:
08:55:2e:8e:02:4f:e9:36:4a:b0:dd:3a:69:84:4b:
57:0e:bb:8f:24:c4:a4:88:20:5e:66:95:66:50:c3:
86:be:08:84:73:4c:f3:bf:8c:d6:df:35:14:fa:b7:
3b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:09:CF:75:84:26:65:8E:69:D7:9A:1E:09:C1:7E:B5:B1:4D:6D:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.144.0/20
Signature Algorithm: sha256WithRSAEncryption
b8:d4:d0:71:67:bf:51:6b:c9:1a:e0:6e:6b:b6:eb:29:f0:b7:
9c:22:c5:5d:4f:58:d8:80:d7:d5:a7:11:5d:7f:09:6b:bd:4c:
c5:2b:bd:2e:33:5c:85:e9:66:97:b1:49:ba:8b:2a:df:2b:ed:
cd:22:04:01:b4:86:bf:e1:b3:56:55:0a:fd:78:45:74:ce:ce:
50:8a:1b:f8:e7:02:29:3e:7a:41:43:f3:01:2c:ee:af:63:ce:
9e:c7:00:00:b7:22:ef:bc:0f:6a:43:3b:fb:b3:a8:7c:dd:5d:
c5:64:20:97:84:51:cf:f0:bf:ec:02:7d:9d:86:23:a3:9a:30:
90:f5:8d:01:09:c3:40:c7:26:80:d0:86:2c:42:06:1c:92:c2:
f0:f3:7c:86:9a:fe:d8:17:6d:e2:cd:2f:5a:7e:5f:74:08:a0:
80:72:60:26:15:bb:95:f6:00:70:87:77:19:b8:89:d9:28:dc:
4d:42:bd:1c:92:1c:00:62:4f:f0:6f:2b:54:5d:e3:f9:45:c7:
6c:26:36:11:58:11:3d:ff:93:d0:51:ac:04:63:ec:1b:22:9a:
db:a8:b3:e7:90:7d:08:b4:e0:95:bd:4c:42:a5:c1:23:93:f6:
8f:ec:22:9c:1c:7f:af:9b:ba:0e:7f:4e:e7:d7:e1:59:eb:c2:
e0:54:c6:f4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQU2NephHvzk7mLpS/WxKv77nwe4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwNTFaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkMGQ1YzZmYjlkYTdjMzI5NTU5MzQ0MGE2NDRjMTg2MzU3OGI2OTYyYmE3
ZmRkODI2M2MwZjNmZjAzOGFlYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVeEMDaVTnLasom5YM/y9PK2x/47EOHsglHifTVIzkv5b/apJe8wTtQ0Ghg
xsu6iNovnSPml8EAYT3faRVBhh3dllAlaI0d3+bxDrL5lLW9AIhD/gPLT2GVepJS
/sZrYaLqk8A37SMmQkeFYfllaG0EUQyoyij7EBw6mrGXjmHlg8ZPNZR9596fO0wq
pwxYu0Vi6LqhQh3CViGAdno8pmow+C4NLIgQngMHTmnkVmiybzfjJv89H7lECUz4
K9MhVi36+JUVHijrb5DYwadSb8vgCFUujgJP6TZKsN06aYRLVw67jyTEpIggXmaV
ZlDDhr4IhHNM87+M1t81FPq3O4ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSRCc91
hCZljmnXmh4JwX61sU1tcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWE3OWJiMTgtYjc0ZC00Y2MzLWJhMDUtMjBhZjBmOTQzNWIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAikDAN
BgkqhkiG9w0BAQsFAAOCAQEAuNTQcWe/UWvJGuBua7brKfC3nCLFXU9Y2IDX1acR
XX8Ja71MxSu9LjNchelml7FJuosq3yvtzSIEAbSGv+GzVlUK/XhFdM7OUIob+OcC
KT56QUPzASzur2POnscAALci77wPakM7+7OofN1dxWQgl4RRz/C/7AJ9nYYjo5ow
kPWNAQnDQMcmgNCGLEIGHJLC8PN8hpr+2Bdt4s0vWn5fdAiggHJgJhW7lfYAcId3
GbiJ2SjcTUK9HJIcAGJP8G8rVF3j+UXHbCY2EVgRPf+T0FGsBGPsGyKa26iz55B9
CLTglb1MQqXBI5P2j+winBx/r5u6Dn9O59fhWevC4FTG9A==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:47 2025 by rpki-client