Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa
File: 296e983c-f59b-4a15-a74d-56b2bff88779.roa (raw, json)
Hash identifier: ujRy+sQPwJTo8KLbcxe9rNFHaf37uuaA3K6jHNx2Mvc=
Subject key identifier: 03:6C:F4:BF:2A:1A:EC:D7:B8:C2:F3:7B:4C:28:86:4B:D7:29:DF:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AB53E6DBF67E854A5584613B7DD985D1F5E1CA2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa
Signing time: Mon 12 May 2025 16:11:22 +0000
ROA not before: Mon 12 May 2025 16:11:22 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.48.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:b5:3e:6d:bf:67:e8:54:a5:58:46:13:b7:dd:98:5d:1f:5e:1c:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:11:22 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=b02e582c9fcc9470af997d9d19a32c9d2cf21ca11c7d1b45c3198d8e101ea249, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3d:8f:32:fc:9f:50:c5:f9:07:9a:f9:b4:73:
9f:33:9d:f6:b7:06:d0:e0:fe:4e:bf:3c:7a:c3:c9:
db:5b:28:50:fd:60:d0:65:36:46:58:a3:8e:de:0c:
7a:2b:1c:8f:26:e0:34:7a:dd:eb:ca:6a:e0:e6:6d:
86:47:ca:20:3f:06:2e:93:cf:74:d7:09:6c:1f:3f:
9f:45:96:95:ba:04:c1:b1:e9:15:a8:b0:fa:b9:23:
38:2e:d4:d1:8b:5e:10:15:db:2d:d2:ff:ea:33:b1:
d4:ca:15:cb:5f:fa:23:77:3a:79:f8:a4:f7:96:39:
d5:6d:3f:18:16:02:69:9d:2a:08:17:fa:7f:93:36:
c8:71:7e:f9:e5:33:66:5e:b4:05:12:4a:61:f4:07:
54:07:b2:00:80:7a:12:df:6a:5d:66:e3:ce:27:76:
d6:27:e1:d4:20:d0:49:75:6c:a1:57:33:99:3a:ae:
7a:89:2b:36:59:9f:9b:bb:de:a5:f8:b9:02:06:ce:
bb:d3:df:eb:3e:a7:82:ec:fb:38:db:ab:18:24:87:
92:e0:ca:64:4d:0d:55:7a:3b:fa:7a:6e:98:fd:be:
b9:73:da:dd:ba:bf:75:f1:06:21:cd:b3:bc:63:2e:
89:f6:22:16:4d:5f:31:c9:dd:43:d3:33:23:ba:2c:
f2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:6C:F4:BF:2A:1A:EC:D7:B8:C2:F3:7B:4C:28:86:4B:D7:29:DF:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.48.0/20
Signature Algorithm: sha256WithRSAEncryption
8a:ad:20:55:eb:ee:d4:ed:6d:cc:90:bb:28:ed:34:b2:ed:89:
46:24:ac:a8:de:0b:96:dc:6a:09:52:10:a5:0d:32:e5:44:d4:
95:43:d7:b0:83:31:71:91:95:91:a9:39:a3:f1:a5:a9:de:83:
23:b1:18:19:09:9a:44:cb:3c:cf:1a:92:e8:b5:5b:01:8f:5a:
19:6b:97:b9:53:4a:1f:94:b2:57:5c:17:14:4f:61:ca:33:9c:
d4:20:86:a1:28:38:38:44:ab:f8:c4:8c:49:fd:84:6c:bf:0a:
7b:ea:ef:af:74:4c:42:9d:18:c6:67:06:29:8f:b6:50:ba:fd:
ce:84:39:34:63:d1:e8:15:48:5f:65:91:2b:10:72:0b:ec:21:
85:cd:18:de:a9:ab:32:2f:b2:95:da:d8:1d:1e:4d:26:b1:ee:
dd:d4:2a:24:31:54:a0:81:a3:24:a1:a6:8f:8a:6a:e8:8f:c1:
0d:45:ef:bb:18:4c:3d:4b:e2:fa:6f:5c:ed:be:42:ec:0f:ab:
39:f8:cf:48:61:c5:14:2b:53:99:8b:66:78:d1:47:6b:88:25:
8d:8f:2c:b2:25:68:4e:0a:07:a3:03:31:8b:60:06:27:ef:e0:
3c:b5:e7:45:54:a6:c7:39:57:a8:d8:33:35:18:3b:1e:90:35:
a6:01:43:28
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOrU+bb9n6FSlWEYTt92YXR9eHKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjExMjJaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwMmU1ODJjOWZjYzk0NzBhZjk5N2Q5ZDE5YTMyYzlkMmNmMjFjYTExYzdk
MWI0NWMzMTk4ZDhlMTAxZWEyNDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANg9jzL8n1DF+Qea+bRznzOd9rcG0OD+Tr88esPJ21soUP1g0GU2Rlijjt4M
eiscjybgNHrd68pq4OZthkfKID8GLpPPdNcJbB8/n0WWlboEwbHpFaiw+rkjOC7U
0YteEBXbLdL/6jOx1MoVy1/6I3c6efik95Y51W0/GBYCaZ0qCBf6f5M2yHF++eUz
Zl60BRJKYfQHVAeyAIB6Et9qXWbjzid21ifh1CDQSXVsoVczmTqueokrNlmfm7ve
pfi5AgbOu9Pf6z6nguz7ONurGCSHkuDKZE0NVXo7+npumP2+uXPa3bq/dfEGIc2z
vGMuifYiFk1fMcndQ9MzI7os8vECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQDbPS/
Khrs17jC83tMKIZL1ynfWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjk2ZTk4M2MtZjU5Yi00YTE1LWE3NGQtNTZiMmJmZjg4Nzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiMDAN
BgkqhkiG9w0BAQsFAAOCAQEAiq0gVevu1O1tzJC7KO00su2JRiSsqN4LltxqCVIQ
pQ0y5UTUlUPXsIMxcZGVkak5o/Glqd6DI7EYGQmaRMs8zxqS6LVbAY9aGWuXuVNK
H5SyV1wXFE9hyjOc1CCGoSg4OESr+MSMSf2EbL8Ke+rvr3RMQp0YxmcGKY+2ULr9
zoQ5NGPR6BVIX2WRKxByC+whhc0Y3qmrMi+yldrYHR5NJrHu3dQqJDFUoIGjJKGm
j4pq6I/BDUXvuxhMPUvi+m9c7b5C7A+rOfjPSGHFFCtTmYtmeNFHa4gljY8ssiVo
TgoHowMxi2AGJ+/gPLXnRVSmxzlXqNgzNRg7HpA1pgFDKA==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:12 2025 by rpki-client