Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
File: db2d9177-e3d4-459e-980d-b68f027facc9.roa (raw, json)
Hash identifier: D6TZqitcD5F4f4O2ET6T0GiK7pQvmP2yNmOf7CrXl7Q=
Subject key identifier: 9C:E0:32:B4:12:49:12:E2:C9:83:06:9F:D7:E9:AE:AA:12:51:41:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1338070A84CA9013117CD08855E09120D86CD85E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
Signing time: Mon 31 Mar 2025 19:01:24 +0000
ROA not before: Mon 31 Mar 2025 19:01:24 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:38:07:0a:84:ca:90:13:11:7c:d0:88:55:e0:91:20:d8:6c:d8:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:01:24 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=989a9578719ca423d51d54ddf76b468bcc4c19ca2be1a2b0755bf0e064881c0e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9b:50:f2:7e:db:48:b5:3e:5b:83:15:05:c5:
46:f4:45:a7:a9:24:99:78:bd:13:71:ba:cc:73:1c:
09:ca:65:1c:3f:ff:cf:57:64:a9:4d:6c:d2:e8:0e:
d7:dc:6a:b7:bd:1f:01:ec:7c:e3:df:f4:e5:8a:69:
01:57:4b:e8:5f:f4:35:d1:79:3e:9a:89:9e:93:02:
7e:36:1c:89:36:69:e6:46:21:a4:1f:d6:4c:b6:62:
74:10:72:90:f8:e2:4b:be:7e:be:ef:e7:66:66:26:
fe:39:64:17:03:8d:c0:51:bc:e2:17:5d:3b:23:7d:
bc:74:68:f3:12:3a:c9:52:bd:6b:b9:73:c9:6c:72:
42:13:a8:40:9a:9e:02:4e:82:b1:b6:45:33:dc:49:
24:e4:f5:8f:cc:56:4b:6d:95:78:ec:f3:3b:10:f6:
75:20:04:e6:d3:3d:dd:e7:49:91:aa:07:aa:4b:9f:
0b:43:ff:b5:9e:1d:0c:23:14:d6:82:7b:a2:ba:4f:
10:92:8d:da:15:38:51:ef:99:4d:e8:27:3c:80:f1:
1e:f1:39:69:eb:81:cd:bd:27:b5:b1:00:cc:a4:e0:
26:74:11:31:67:06:68:07:5a:23:1e:3f:2b:ce:f2:
51:08:b1:76:1c:a2:a0:86:cf:70:fd:85:2c:47:8e:
6c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E0:32:B4:12:49:12:E2:C9:83:06:9F:D7:E9:AE:AA:12:51:41:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
9d:b2:af:db:ae:ed:0e:4f:d4:33:73:94:06:73:4c:30:4f:95:
f2:6f:62:49:92:2d:e4:5a:ca:64:56:10:20:70:e4:0f:c6:22:
31:26:b2:42:f1:c7:1f:26:ce:08:92:6b:d9:31:85:4e:0b:fe:
29:31:ec:23:bb:8c:9e:57:4d:53:ef:6c:8d:9f:01:89:17:26:
4e:9c:89:85:53:8d:98:81:ed:c4:31:73:89:02:cc:90:f8:d8:
90:8f:f9:c4:c5:f8:a7:f3:0e:1b:c6:8f:ee:01:fb:3c:d2:d7:
16:c6:2c:4b:47:b0:00:47:3d:94:2a:19:d4:69:7f:47:c3:43:
4f:77:95:b6:3b:bc:40:19:8e:92:f9:9a:c2:a0:f5:70:5a:5f:
ee:ff:58:47:bc:1b:8a:e4:0d:94:d5:05:38:ce:e7:3d:1c:28:
68:ee:dd:78:0b:34:19:50:60:62:e6:51:fa:48:fe:94:2d:a2:
fc:40:82:90:d3:e3:1d:3f:ed:4f:02:44:5d:7a:f8:3b:a9:83:
5b:47:4e:6f:d0:5a:08:2f:22:6b:b2:98:9c:56:b0:cc:4b:e6:
0d:6a:42:db:cb:e7:8c:8b:49:4f:9f:26:47:6a:09:ac:30:75:
b4:db:93:4b:11:2f:19:f9:29:0b:fa:ce:7b:08:d5:f5:82:fc:
1e:09:8b:60
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEzgHCoTKkBMRfNCIVeCRINhs2F4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTAxMjRaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4OWE5NTc4NzE5Y2E0MjNkNTFkNTRkZGY3NmI0NjhiY2M0YzE5Y2EyYmUx
YTJiMDc1NWJmMGUwNjQ4ODFjMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIybUPJ+20i1PluDFQXFRvRFp6kkmXi9E3G6zHMcCcplHD//z1dkqU1s0ugO
19xqt70fAex849/05YppAVdL6F/0NdF5PpqJnpMCfjYciTZp5kYhpB/WTLZidBBy
kPjiS75+vu/nZmYm/jlkFwONwFG84hddOyN9vHRo8xI6yVK9a7lzyWxyQhOoQJqe
Ak6CsbZFM9xJJOT1j8xWS22VeOzzOxD2dSAE5tM93edJkaoHqkufC0P/tZ4dDCMU
1oJ7orpPEJKN2hU4Ue+ZTegnPIDxHvE5aeuBzb0ntbEAzKTgJnQRMWcGaAdaIx4/
K87yUQixdhyioIbPcP2FLEeObHsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSc4DK0
EkkS4smDBp/X6a6qElFBejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGIyZDkxNzctZTNkNC00NTllLTk4MGQtYjY4ZjAyN2ZhY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAnbKv267tDk/UM3OUBnNMME+V8m9iSZIt5FrKZFYQ
IHDkD8YiMSayQvHHHybOCJJr2TGFTgv+KTHsI7uMnldNU+9sjZ8BiRcmTpyJhVON
mIHtxDFziQLMkPjYkI/5xMX4p/MOG8aP7gH7PNLXFsYsS0ewAEc9lCoZ1Gl/R8ND
T3eVtju8QBmOkvmawqD1cFpf7v9YR7wbiuQNlNUFOM7nPRwoaO7deAs0GVBgYuZR
+kj+lC2i/ECCkNPjHT/tTwJEXXr4O6mDW0dOb9BaCC8ia7KYnFawzEvmDWpC28vn
jItJT58mR2oJrDB1tNuTSxEvGfkpC/rOewjV9YL8HgmLYA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:08:18 2025 by rpki-client