Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
File: ec7e5637-f312-4c51-b644-29324b74734e.roa (raw, json)
Hash identifier: fiUBa0XyI04lhfVUG18s9vVopZbMayVVQXm8WBDXM+E=
Subject key identifier: CA:D1:8C:D5:08:A8:72:3C:7E:AD:3E:61:F0:6C:F7:C2:C0:96:C9:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E97E49863A6E1ED535C82FAF0C137DF0B78273E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
Signing time: Fri 22 Aug 2025 15:10:42 +0000
ROA not before: Fri 22 Aug 2025 15:10:42 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:97:e4:98:63:a6:e1:ed:53:5c:82:fa:f0:c1:37:df:0b:78:27:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:42 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=51be6afbb2d1082bb37a46c694fbfb4358fd074d5bd4d5c6797cf8267900e615, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:95:5e:37:01:cd:84:8e:86:99:70:bf:47:63:
b9:8b:7a:0a:a3:b8:7d:96:e8:06:4a:d6:a5:e2:d5:
35:eb:02:c2:fc:83:2e:b4:c4:06:a2:ca:0d:44:28:
dd:47:8a:5f:00:4c:c6:49:d1:7e:d1:b7:64:a5:ed:
f8:8d:4b:93:66:50:95:3b:a8:11:30:32:a7:92:6c:
0e:70:9d:2f:ea:f2:ee:55:51:a0:8b:09:e9:05:bc:
0a:91:dc:b4:0d:e3:c8:13:a6:d7:4b:d1:97:5b:e4:
f0:02:0a:33:0c:c2:90:4d:7f:2f:a6:42:a3:67:98:
6b:fc:5d:ba:b5:c9:22:36:e2:66:7e:32:91:87:0f:
84:c3:3e:a8:80:ac:96:d7:60:35:04:bd:72:ce:ba:
23:fd:5a:52:cc:2b:14:61:5e:61:bd:54:cf:e8:37:
bd:ba:b7:52:4f:91:81:03:bd:05:bb:af:57:92:22:
ec:76:26:af:be:3d:fc:56:64:84:c8:ac:57:95:55:
79:56:ae:3d:bf:38:3e:d5:c5:5b:ae:c9:41:12:9d:
ca:83:51:45:66:34:e4:34:1e:a2:e5:2a:4f:9e:1e:
b8:44:0b:07:49:be:91:f2:c9:4b:41:26:b2:77:12:
d1:49:32:f0:69:51:8b:70:11:d9:df:dc:8d:ef:d5:
ad:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D1:8C:D5:08:A8:72:3C:7E:AD:3E:61:F0:6C:F7:C2:C0:96:C9:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.224.0/19
Signature Algorithm: sha256WithRSAEncryption
a4:bb:ef:89:24:eb:d6:8d:a2:0a:0f:b3:cb:e8:fe:38:d1:5f:
55:0e:b5:0e:60:e9:06:ed:a3:a1:bf:1a:31:77:d8:c5:85:5b:
dd:af:46:96:49:55:36:f5:2e:39:09:f8:ca:4d:39:98:00:80:
90:8b:dd:22:43:65:43:0d:4d:59:e1:0a:79:f9:37:ba:9a:c6:
cf:63:d9:1f:ed:82:a3:61:68:8c:a6:42:c1:47:b9:7d:09:99:
75:3d:13:ed:94:36:24:10:bf:95:54:51:4d:4a:53:f4:b0:10:
b7:7b:7e:87:33:89:4c:8a:78:17:03:99:b2:11:e9:d6:90:f8:
87:0b:60:c2:d5:f4:aa:99:a6:b9:fb:53:74:79:b4:27:ed:18:
00:df:5a:bd:2b:05:24:44:0f:ac:90:ea:39:b2:d2:20:c1:7d:
18:be:ec:d0:c9:dc:62:3a:29:46:15:c7:2c:c5:4c:71:cf:16:
e2:1c:79:9d:e3:f9:9d:1e:51:51:ec:cd:71:67:0d:86:f4:57:
bd:e0:6f:6b:1f:cd:d6:53:2d:f7:5e:33:d3:81:41:ee:fb:9c:
12:98:44:28:23:7b:74:69:f4:98:23:da:a4:2e:0e:05:0f:7d:
ff:b4:41:b0:17:7d:20:3b:ab:fa:62:a7:73:62:87:59:ec:35:
60:db:da:84
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfpfkmGOm4e1TXIL68ME33wt4Jz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwNDJaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxYmU2YWZiYjJkMTA4MmJiMzdhNDZjNjk0ZmJmYjQzNThmZDA3NGQ1YmQ0
ZDVjNjc5N2NmODI2NzkwMGU2MTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJeVXjcBzYSOhplwv0djuYt6CqO4fZboBkrWpeLVNesCwvyDLrTEBqLKDUQo
3UeKXwBMxknRftG3ZKXt+I1Lk2ZQlTuoETAyp5JsDnCdL+ry7lVRoIsJ6QW8CpHc
tA3jyBOm10vRl1vk8AIKMwzCkE1/L6ZCo2eYa/xdurXJIjbiZn4ykYcPhMM+qICs
ltdgNQS9cs66I/1aUswrFGFeYb1Uz+g3vbq3Uk+RgQO9BbuvV5Ii7HYmr749/FZk
hMisV5VVeVauPb84PtXFW67JQRKdyoNRRWY05DQeouUqT54euEQLB0m+kfLJS0Em
sncS0Uky8GlRi3AR2d/cje/VrZMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTK0YzV
CKhyPH6tPmHwbPfCwJbJwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM3ZTU2MzctZjMxMi00YzUxLWI2NDQtMjkzMjRiNzQ3MzRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAi4DAN
BgkqhkiG9w0BAQsFAAOCAQEApLvviSTr1o2iCg+zy+j+ONFfVQ61DmDpBu2job8a
MXfYxYVb3a9GlklVNvUuOQn4yk05mACAkIvdIkNlQw1NWeEKefk3uprGz2PZH+2C
o2FojKZCwUe5fQmZdT0T7ZQ2JBC/lVRRTUpT9LAQt3t+hzOJTIp4FwOZshHp1pD4
hwtgwtX0qpmmuftTdHm0J+0YAN9avSsFJEQPrJDqObLSIMF9GL7s0MncYjopRhXH
LMVMcc8W4hx5neP5nR5RUezNcWcNhvRXveBvax/N1lMt914z04FB7vucEphEKCN7
dGn0mCPapC4OBQ99/7RBsBd9IDur+mKnc2KHWew1YNvahA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:34:15 2025 by rpki-client