Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
File: b2048b1c-363b-4b59-9d56-dc72187194a3.roa (raw, json)
Hash identifier: AJcI4rdXtAwMYFdLftAw/AyciM010/LzbykioVNJqW8=
Subject key identifier: CF:44:6F:A3:72:C3:2D:45:B1:62:C2:62:4F:B2:2C:C0:68:89:20:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74289FB0D577ACD944340F81897177B2662B94A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
Signing time: Tue 01 Jul 2025 15:00:17 +0000
ROA not before: Tue 01 Jul 2025 15:00:17 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:28:9f:b0:d5:77:ac:d9:44:34:0f:81:89:71:77:b2:66:2b:94:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:17 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=3e4d6764cc996f84d0106e2e0cdf93786c67a714f6a9baa9f978266a2596217d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:79:94:8e:9c:d9:b5:2a:c1:8e:cc:8c:aa:cf:
33:e5:a2:b2:98:89:df:69:a2:23:c5:5c:81:fd:fb:
59:42:09:79:f4:58:74:22:56:6d:9f:fa:57:e5:db:
8b:b5:ca:94:b9:ba:24:43:80:b2:7b:cb:af:7e:52:
30:2f:49:ab:9e:9d:fd:10:c0:b2:96:f0:7d:c8:79:
3a:c1:e7:16:85:a2:8d:f0:60:1b:70:a4:01:f0:8f:
1e:55:24:75:05:62:01:ae:22:e3:e8:e5:48:e1:db:
2c:e2:7f:9d:d8:68:82:89:11:0e:71:fa:8f:5b:51:
27:6d:ff:1d:df:0d:4b:24:ab:8f:60:a6:5c:aa:66:
14:d6:0d:34:cf:5b:5f:32:c7:52:6d:20:4d:cc:eb:
ec:3c:dc:59:92:b8:e5:fa:a0:74:6e:9b:cc:37:c0:
3c:ab:7e:19:97:07:2f:93:0d:eb:19:ea:f0:7e:5f:
6e:fb:2e:14:09:79:d1:4a:2a:b8:c0:34:35:60:80:
54:d3:df:f5:6d:a7:27:23:84:e3:96:e7:ff:1b:68:
c8:9e:04:be:43:89:7c:b9:4b:39:90:e2:41:31:14:
1c:1c:b4:31:69:65:3d:1b:9c:65:4a:b9:35:d2:56:
f5:9b:c3:6a:76:70:9e:79:19:16:8b:a5:a2:f6:b9:
9d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:44:6F:A3:72:C3:2D:45:B1:62:C2:62:4F:B2:2C:C0:68:89:20:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.20.0/22
Signature Algorithm: sha256WithRSAEncryption
66:31:17:39:b6:b3:91:6c:a1:a1:d7:c5:38:49:b3:69:2e:4f:
f5:1e:04:38:6e:86:31:56:0b:ce:90:3f:f7:9c:bb:85:dd:e5:
8b:f2:0f:9c:80:c2:1c:ca:98:23:28:fc:3c:1e:c0:fe:1e:27:
98:14:87:d8:9d:6e:21:41:d5:c4:e7:52:ab:73:e8:24:39:60:
11:a4:94:ce:2b:d6:59:d2:25:9b:8b:dd:9a:3f:f3:79:81:e2:
60:f4:0e:49:8b:2e:56:df:a4:26:40:1f:d5:bb:1b:57:c2:bc:
de:73:99:34:c7:8a:22:1a:ba:a6:8c:1b:4e:d7:6a:0f:9d:0f:
6b:c3:77:bd:cc:a0:b5:76:00:eb:8c:45:3c:7c:5e:c4:5e:11:
e2:4f:99:d2:f0:e3:8d:31:12:8b:ca:a8:c2:9d:ed:67:cc:07:
50:71:e9:30:2b:19:87:9f:d3:4e:c0:1b:60:af:35:f5:50:93:
8f:44:62:61:3b:2c:67:4b:33:2d:ba:e6:29:03:88:47:4c:9a:
09:c3:2f:68:88:b4:48:09:a6:cb:d3:21:2f:dd:b2:d0:12:39:
ad:9e:6d:71:88:09:1c:bf:0a:dd:b8:8e:e3:40:55:37:bb:ae:
0e:a7:1b:30:9d:93:fc:1c:2a:b6:13:03:b8:2f:38:26:10:10:
9b:4e:37:2c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdCifsNV3rNlENA+BiXF3smYrlKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwMTdaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlNGQ2NzY0Y2M5OTZmODRkMDEwNmUyZTBjZGY5Mzc4NmM2N2E3MTRmNmE5
YmFhOWY5NzgyNjZhMjU5NjIxN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANF5lI6c2bUqwY7MjKrPM+WispiJ32miI8Vcgf37WUIJefRYdCJWbZ/6V+Xb
i7XKlLm6JEOAsnvLr35SMC9Jq56d/RDAspbwfch5OsHnFoWijfBgG3CkAfCPHlUk
dQViAa4i4+jlSOHbLOJ/ndhogokRDnH6j1tRJ23/Hd8NSySrj2CmXKpmFNYNNM9b
XzLHUm0gTczr7DzcWZK45fqgdG6bzDfAPKt+GZcHL5MN6xnq8H5fbvsuFAl50Uoq
uMA0NWCAVNPf9W2nJyOE45bn/xtoyJ4EvkOJfLlLOZDiQTEUHBy0MWllPRucZUq5
NdJW9ZvDanZwnnkZFoulova5nccCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTPRG+j
csMtRbFiwmJPsizAaIkgljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjIwNDhiMWMtMzYzYi00YjU5LTlkNTYtZGM3MjE4NzE5NGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiFDAN
BgkqhkiG9w0BAQsFAAOCAQEAZjEXObazkWyhodfFOEmzaS5P9R4EOG6GMVYLzpA/
95y7hd3li/IPnIDCHMqYIyj8PB7A/h4nmBSH2J1uIUHVxOdSq3PoJDlgEaSUzivW
WdIlm4vdmj/zeYHiYPQOSYsuVt+kJkAf1bsbV8K83nOZNMeKIhq6powbTtdqD50P
a8N3vcygtXYA64xFPHxexF4R4k+Z0vDjjTESi8qowp3tZ8wHUHHpMCsZh5/TTsAb
YK819VCTj0RiYTssZ0szLbrmKQOIR0yaCcMvaIi0SAmmy9MhL92y0BI5rZ5tcYgJ
HL8K3biO40BVN7uuDqcbMJ2T/BwqthMDuC84JhAQm043LA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:48:05 2025 by rpki-client