Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
File: a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa (raw, json)
Hash identifier: koc4qd48sAO5hiYQGXE/j7/JSb694nwq2Hu6AohP2OA=
Subject key identifier: 54:84:3F:C3:8E:62:F2:A6:5A:0B:64:DA:41:7C:4A:78:12:4A:3A:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A45372E73BC4994B8544C8E7E9CA3A056DF9F66
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
Signing time: Mon 12 May 2025 16:10:19 +0000
ROA not before: Mon 12 May 2025 16:10:19 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:45:37:2e:73:bc:49:94:b8:54:4c:8e:7e:9c:a3:a0:56:df:9f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:10:19 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=c6c8e4887bf211aa7fd334fdacabed6311fdf139f60caab942448e89ca892462, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3d:0b:39:79:b8:ac:bc:4e:e7:75:43:93:10:
a2:f4:25:2f:a6:84:7c:05:ea:9b:fb:25:1f:71:be:
6b:48:2b:36:03:99:00:d1:e0:2f:b9:af:26:77:5e:
25:69:df:17:94:64:51:6b:fb:72:d1:cc:62:fe:8d:
aa:37:1c:0a:88:18:ac:ec:aa:5d:b0:3f:01:11:f0:
01:ca:3f:22:39:c3:60:f4:f8:fb:7c:92:a8:ff:c4:
94:91:84:fc:ba:17:26:ea:a5:59:29:03:2a:45:a6:
d9:59:c7:3d:b3:cd:fd:3e:e3:0e:a9:5b:9d:44:d9:
c8:b4:1e:cc:ff:9a:86:fe:7a:22:9b:98:60:b0:a8:
53:bf:d0:31:64:71:f9:ed:74:ec:36:e7:d2:90:77:
b6:00:4e:c5:d6:a5:cf:35:35:a2:84:b7:ab:64:ac:
02:48:a8:94:25:88:37:52:b6:d1:51:c5:09:ac:65:
0c:9f:ab:51:7b:7f:0a:b1:26:d9:2e:0d:ff:fb:98:
a1:33:e1:77:f9:91:78:ea:f3:de:50:a4:19:af:cd:
68:97:f9:76:8a:fd:31:01:f2:c7:e0:15:98:d4:e6:
25:b1:06:6a:5f:e6:d5:44:0d:d3:14:a8:63:b6:6d:
37:7b:ca:81:1c:a6:da:bf:8d:83:4c:1c:40:ee:ba:
8f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:84:3F:C3:8E:62:F2:A6:5A:0B:64:DA:41:7C:4A:78:12:4A:3A:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/20
Signature Algorithm: sha256WithRSAEncryption
13:fe:e5:b4:f4:b5:48:1e:4f:dc:fe:73:2e:1f:e9:9c:d9:70:
a1:74:8c:74:af:d8:f1:b8:4b:bc:2e:4f:5e:62:77:21:cd:ce:
9b:49:48:75:a0:29:cd:0c:58:38:46:cd:9a:26:b8:9a:aa:c0:
46:ee:5c:fb:55:cc:e4:a7:5b:0f:d3:62:c3:8c:5d:54:19:4f:
6a:05:a5:61:c3:08:95:18:6f:ff:d1:09:7e:b1:bd:07:26:da:
3f:3c:17:d8:f4:d9:9f:3b:dd:77:4f:90:21:ed:76:2e:69:99:
2b:13:75:47:4a:b9:eb:64:30:26:4f:57:15:75:a8:9a:03:f0:
f8:60:aa:e2:aa:e8:42:55:fb:13:22:46:3f:14:51:0b:b5:30:
f9:3c:28:19:ef:a2:70:02:3d:33:23:18:1d:0a:8d:bf:96:57:
54:aa:2d:62:ed:54:70:ad:67:b7:c8:c0:67:6b:c4:c2:29:5c:
91:62:46:da:44:64:4d:d2:07:99:58:2b:7e:7a:3a:44:c3:a6:
6c:6b:99:0c:a1:2a:f7:98:c9:5c:7e:76:75:8b:e5:11:fa:02:
5d:80:99:1b:a9:8e:7e:c9:18:f3:fb:3b:81:07:7a:99:b8:e9:
98:b4:88:c5:79:8e:6e:55:40:40:08:c9:f3:e6:da:fd:76:fe:
ab:97:db:11
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOkU3LnO8SZS4VEyOfpyjoFbfn2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjEwMTlaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2YzhlNDg4N2JmMjExYWE3ZmQzMzRmZGFjYWJlZDYzMTFmZGYxMzlmNjBj
YWFiOTQyNDQ4ZTg5Y2E4OTI0NjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMA9Czl5uKy8Tud1Q5MQovQlL6aEfAXqm/slH3G+a0grNgOZANHgL7mvJnde
JWnfF5RkUWv7ctHMYv6NqjccCogYrOyqXbA/ARHwAco/IjnDYPT4+3ySqP/ElJGE
/LoXJuqlWSkDKkWm2VnHPbPN/T7jDqlbnUTZyLQezP+ahv56IpuYYLCoU7/QMWRx
+e107Dbn0pB3tgBOxdalzzU1ooS3q2SsAkiolCWIN1K20VHFCaxlDJ+rUXt/CrEm
2S4N//uYoTPhd/mReOrz3lCkGa/NaJf5dor9MQHyx+AVmNTmJbEGal/m1UQN0xSo
Y7ZtN3vKgRym2r+Ng0wcQO66jycCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRUhD/D
jmLyploLZNpBfEp4Eko6FTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTI2MGZlM2MtYTkwMS00ZjVhLWI1MGEtNzliOWExZTFmOGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAE/7ltPS1SB5P3P5zLh/pnNlwoXSMdK/Y8bhLvC5P
XmJ3Ic3Om0lIdaApzQxYOEbNmia4mqrARu5c+1XM5KdbD9Niw4xdVBlPagWlYcMI
lRhv/9EJfrG9BybaPzwX2PTZnzvdd0+QIe12LmmZKxN1R0q562QwJk9XFXWomgPw
+GCq4qroQlX7EyJGPxRRC7Uw+TwoGe+icAI9MyMYHQqNv5ZXVKotYu1UcK1nt8jA
Z2vEwilckWJG2kRkTdIHmVgrfno6RMOmbGuZDKEq95jJXH52dYvlEfoCXYCZG6mO
fskY8/s7gQd6mbjpmLSIxXmOblVAQAjJ8+ba/Xb+q5fbEQ==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:52 2025 by rpki-client