Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
File: eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa (raw, json)
Hash identifier: rwyM2wjfyqBndWDXWYyYHENfAyIizeLoajfjBli+lIk=
Subject key identifier: 82:79:C3:FF:0E:DB:06:7E:4D:7C:85:38:15:1F:5D:2E:7C:B3:39:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57D62C43B2722EED9B78EC0D35295FF924887D3F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
Signing time: Tue 01 Jul 2025 15:00:57 +0000
ROA not before: Tue 01 Jul 2025 15:00:57 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:d6:2c:43:b2:72:2e:ed:9b:78:ec:0d:35:29:5f:f9:24:88:7d:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:57 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=84ced379ffb7d2aa6950709ba4284d57443d84c895d2f09ef19b41f1a3009b88, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a2:a3:c4:86:4e:ea:e2:a7:8c:a8:3f:6e:64:
e2:cc:91:c6:87:77:bf:a4:a0:a8:c9:83:0a:36:8f:
a8:e8:0c:81:0f:a0:8c:bc:6b:84:8e:e3:76:ab:31:
1c:33:63:1f:70:5b:af:d8:c0:93:1b:fc:e6:33:45:
b2:87:87:12:d5:be:cd:7e:be:c9:e6:cc:66:14:b9:
e6:33:2e:b5:5e:2d:70:f7:a3:25:1e:ca:5f:64:21:
59:c3:28:10:ab:66:8b:3e:b9:e1:6d:dc:44:72:81:
f1:d1:d2:22:ea:13:72:a4:40:61:44:58:f7:0d:36:
08:e7:e1:e3:a4:ef:81:a0:1e:58:ce:f0:35:6f:3d:
46:4f:7e:0e:f8:92:7d:35:6f:39:e2:95:db:b2:e4:
01:85:d9:c5:43:8a:6f:eb:ab:5b:f7:cc:42:cb:90:
98:94:8c:ff:51:3f:4c:f0:e1:a9:18:8b:d9:08:1d:
47:75:ee:68:05:c4:b5:2c:ba:04:40:e9:8a:6b:7d:
ed:0c:ca:ac:9e:8f:1b:8d:8f:2d:bb:d2:d5:5b:cc:
c6:cd:cb:24:a5:dc:2c:2c:e9:b5:f4:2e:40:ec:82:
cf:42:dc:5c:a6:dc:da:2f:0f:d4:5b:be:03:69:e6:
05:fb:83:2c:dd:17:dc:88:80:1d:c5:0b:1e:fa:fd:
21:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:79:C3:FF:0E:DB:06:7E:4D:7C:85:38:15:1F:5D:2E:7C:B3:39:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ba:2b:6d:de:9f:26:a0:da:78:04:f6:97:0a:1e:56:d6:a1:d0:
de:70:34:2e:86:64:57:d8:61:49:4c:93:1e:a5:23:7e:a5:56:
95:3b:5b:e8:67:b8:68:70:95:bf:34:d4:a0:56:c9:a5:8c:fd:
72:ef:55:9c:28:23:e6:dd:a7:ad:a0:d3:15:a1:25:e8:5e:50:
a4:5d:16:bf:77:9e:00:f9:9c:d1:08:86:06:81:d0:fe:a2:71:
55:91:0b:f0:4d:01:ca:f3:8e:45:6b:a6:ab:01:20:b8:48:7a:
72:28:4e:ba:41:74:e4:0c:0e:03:1e:a2:3e:b7:a3:92:a6:bf:
59:6c:4e:72:a5:6f:24:f8:13:0c:ec:05:3d:15:99:2c:67:54:
6a:5e:55:8c:64:4e:31:d2:43:e5:27:f5:45:23:9d:c7:25:66:
7d:e5:d4:48:68:bf:dd:64:50:43:2f:1b:20:8a:f7:eb:c8:58:
59:df:19:5a:a8:25:82:35:08:57:6f:c8:49:e0:db:67:d3:93:
8f:61:ff:cd:04:d8:3f:e7:06:4f:a0:15:e5:8f:d0:e4:db:6a:
80:de:0c:ab:7a:e6:da:92:21:8c:ad:ee:fd:0f:6b:29:d5:6f:
51:f4:03:37:1a:89:a2:ae:1d:08:ca:28:d8:01:3b:6b:2f:f8:
e4:b2:49:c6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUV9YsQ7JyLu2beOwNNSlf+SSIfT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwNTdaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0Y2VkMzc5ZmZiN2QyYWE2OTUwNzA5YmE0Mjg0ZDU3NDQzZDg0Yzg5NWQy
ZjA5ZWYxOWI0MWYxYTMwMDliODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANKio8SGTurip4yoP25k4syRxod3v6SgqMmDCjaPqOgMgQ+gjLxrhI7jdqsx
HDNjH3Bbr9jAkxv85jNFsoeHEtW+zX6+yebMZhS55jMutV4tcPejJR7KX2QhWcMo
EKtmiz654W3cRHKB8dHSIuoTcqRAYURY9w02COfh46TvgaAeWM7wNW89Rk9+DviS
fTVvOeKV27LkAYXZxUOKb+urW/fMQsuQmJSM/1E/TPDhqRiL2QgdR3XuaAXEtSy6
BEDpimt97QzKrJ6PG42PLbvS1VvMxs3LJKXcLCzptfQuQOyCz0LcXKbc2i8P1Fu+
A2nmBfuDLN0X3IiAHcULHvr9IV8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSCecP/
DtsGfk18hTgVH10ufLM5zzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWFiOGJhNjItNTkzNC00YzliLTliZDktMTBmZGQyNDk0NjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAuitt3p8moNp4BPaXCh5W1qHQ3nA0LoZkV9hhSUyT
HqUjfqVWlTtb6Ge4aHCVvzTUoFbJpYz9cu9VnCgj5t2nraDTFaEl6F5QpF0Wv3ee
APmc0QiGBoHQ/qJxVZEL8E0ByvOORWumqwEguEh6cihOukF05AwOAx6iPrejkqa/
WWxOcqVvJPgTDOwFPRWZLGdUal5VjGROMdJD5Sf1RSOdxyVmfeXUSGi/3WRQQy8b
IIr368hYWd8ZWqglgjUIV2/ISeDbZ9OTj2H/zQTYP+cGT6AV5Y/Q5NtqgN4Mq3rm
2pIhjK3u/Q9rKdVvUfQDNxqJoq4dCMoo2AE7ay/45LJJxg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:49 2025 by rpki-client