Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
File: 049fd671-de95-4496-9712-c56affcb2b27.roa (raw, json)
Hash identifier: M88g02ScEd96JV2jkg0fSq/tLcwhIxUvRf5XSy52JqI=
Subject key identifier: 8E:B8:80:A5:EC:2E:18:37:9E:6D:43:7A:4C:67:6D:FA:1E:E6:31:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5CDC3F4F0AD8C980B4B731A1CBC7418431F1A58E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
Signing time: Mon 12 May 2025 16:10:16 +0000
ROA not before: Mon 12 May 2025 16:10:16 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.24.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:dc:3f:4f:0a:d8:c9:80:b4:b7:31:a1:cb:c7:41:84:31:f1:a5:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:10:16 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=24d17a03ad2e7ea26ca4063b5dc66c2f9934d78da8c723c00a258eb95202661f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:82:5d:15:b6:ce:41:a7:3e:00:4b:f9:bc:48:
e4:21:82:eb:51:c5:8f:5e:a3:d4:22:03:f2:a6:42:
de:f2:dc:4f:bb:c6:3f:88:e6:6a:0e:25:12:94:0f:
bb:2e:e0:f4:7e:d5:de:7c:00:79:42:9c:a4:83:dd:
72:65:84:6a:e5:0e:1a:b1:cc:1c:5c:10:d9:f1:6f:
d1:cf:ae:e0:97:90:de:ae:e0:2a:26:f1:b2:b0:25:
00:e6:f3:75:fe:e1:b2:6a:89:9e:43:9e:c9:78:f0:
c2:d9:10:d7:9d:4c:13:1e:f4:87:ec:aa:26:9e:6b:
95:1a:71:d6:f8:f3:af:c1:28:f0:44:b3:60:51:e7:
a4:b6:e8:79:4b:73:19:39:92:8d:d3:72:de:3a:61:
d1:51:f8:6b:8d:78:a5:fe:6a:87:5e:77:e1:67:74:
ef:5e:71:72:5f:54:75:fd:ef:88:ef:9c:19:f9:02:
7a:26:5d:25:b7:f5:14:33:cd:e2:65:d6:fd:97:61:
b7:5a:58:8a:a6:26:27:3b:0a:35:31:86:3c:22:09:
97:44:27:7c:21:bf:44:25:b8:6e:a7:7e:70:12:3c:
35:4d:73:d0:32:2b:65:2d:0d:d8:a7:74:1b:16:de:
31:71:42:52:ea:74:55:c5:63:cb:61:8b:72:c5:56:
18:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B8:80:A5:EC:2E:18:37:9E:6D:43:7A:4C:67:6D:FA:1E:E6:31:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.24.0/21
Signature Algorithm: sha256WithRSAEncryption
c5:56:74:fd:5e:4f:29:bf:a6:8d:e1:14:11:ec:e0:ed:2c:d8:
a8:84:d4:78:8a:b6:eb:03:e5:b2:2c:05:f2:df:b0:31:68:52:
6c:62:42:f4:0a:cd:ee:7a:96:f4:fe:d7:11:dc:75:16:20:3d:
f8:ab:73:fe:98:2b:72:f3:56:e9:97:56:d9:64:8a:23:52:7a:
64:b4:af:fe:b2:2b:d4:68:04:38:98:e6:71:0d:bb:65:c5:6c:
ad:42:8f:b6:b1:8c:c7:e1:ec:36:b8:52:34:2e:c6:3b:42:74:
b2:8d:82:04:71:0f:28:ed:35:c2:0a:9d:a6:a9:44:41:6a:01:
2d:15:8e:8a:05:60:38:52:5b:01:a3:e0:c7:50:a3:fb:f2:58:
a4:d7:ed:c0:57:f7:1a:62:d0:87:d4:7f:c9:d8:0d:59:82:6b:
12:32:d8:0d:ab:77:00:76:c9:6e:d3:1e:3b:56:d0:55:dc:6c:
eb:2c:43:ab:38:95:76:52:24:55:d0:9e:c8:fc:55:25:72:9e:
ca:90:24:bf:6e:45:10:a8:a8:a2:3e:73:eb:42:d8:2c:b0:bd:
9a:db:81:4b:79:29:e1:e9:95:3e:65:19:7e:af:28:c3:56:c1:
1e:f9:1e:7b:23:d3:3a:fa:07:df:11:45:d5:c7:9c:03:02:89:
41:40:b8:3f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXNw/TwrYyYC0tzGhy8dBhDHxpY4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjEwMTZaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0ZDE3YTAzYWQyZTdlYTI2Y2E0MDYzYjVkYzY2YzJmOTkzNGQ3OGRhOGM3
MjNjMDBhMjU4ZWI5NTIwMjY2MWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKeCXRW2zkGnPgBL+bxI5CGC61HFj16j1CID8qZC3vLcT7vGP4jmag4lEpQP
uy7g9H7V3nwAeUKcpIPdcmWEauUOGrHMHFwQ2fFv0c+u4JeQ3q7gKibxsrAlAObz
df7hsmqJnkOeyXjwwtkQ151MEx70h+yqJp5rlRpx1vjzr8Eo8ESzYFHnpLboeUtz
GTmSjdNy3jph0VH4a414pf5qh1534Wd0715xcl9Udf3viO+cGfkCeiZdJbf1FDPN
4mXW/Zdht1pYiqYmJzsKNTGGPCIJl0QnfCG/RCW4bqd+cBI8NU1z0DIrZS0N2Kd0
GxbeMXFCUup0VcVjy2GLcsVWGEkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSOuICl
7C4YN55tQ3pMZ236HuYxzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ5ZmQ2NzEtZGU5NS00NDk2LTk3MTItYzU2YWZmY2IyYjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AiGDAN
BgkqhkiG9w0BAQsFAAOCAQEAxVZ0/V5PKb+mjeEUEezg7SzYqITUeIq26wPlsiwF
8t+wMWhSbGJC9ArN7nqW9P7XEdx1FiA9+Ktz/pgrcvNW6ZdW2WSKI1J6ZLSv/rIr
1GgEOJjmcQ27ZcVsrUKPtrGMx+HsNrhSNC7GO0J0so2CBHEPKO01wgqdpqlEQWoB
LRWOigVgOFJbAaPgx1Cj+/JYpNftwFf3GmLQh9R/ydgNWYJrEjLYDat3AHbJbtMe
O1bQVdxs6yxDqziVdlIkVdCeyPxVJXKeypAkv25FEKiooj5z60LYLLC9mtuBS3kp
4emVPmUZfq8ow1bBHvkeeyPTOvoH3xFF1cecAwKJQUC4Pw==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:40 2025 by rpki-client