Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
File: 4b12830e-a860-4a14-b52f-5284626c1a96.roa (raw, json)
Hash identifier: 59Esg6R+DDkp5v8zH6vv7PBMdeLrd4bYyaRezxfL5Mk=
Subject key identifier: F5:C0:52:B2:28:A7:CC:36:5F:BC:53:C8:95:F1:8D:86:15:87:13:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E19410038A268FFD9871308E45E3B1DBE749575
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
Signing time: Mon 12 May 2025 16:11:23 +0000
ROA not before: Mon 12 May 2025 16:11:23 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:19:41:00:38:a2:68:ff:d9:87:13:08:e4:5e:3b:1d:be:74:95:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:11:23 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=3be287976b36e543caac93a4eb3ef842b13b1740464f5aafc2f0c6a870bbbdb3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f2:1d:4d:fd:6d:e9:75:9f:75:94:fe:77:02:
a1:0c:3a:04:4c:b5:df:8b:05:90:47:a4:3e:d0:a6:
13:35:b2:f0:db:c4:a6:d2:89:f1:a5:f5:f0:d4:d2:
6f:8e:cb:2d:04:5c:5f:a3:f6:92:1c:71:01:00:70:
1d:eb:f8:87:c0:d9:31:7c:85:db:bd:8c:0d:f4:46:
c0:0d:2f:6e:16:bf:65:11:dc:69:8b:51:09:e4:27:
9e:1b:cb:64:a1:0d:7e:74:c8:f0:50:da:8d:99:80:
ad:2b:78:33:d1:00:7c:58:63:98:f8:71:c2:e7:51:
5a:6c:60:15:b9:10:5f:0a:93:5d:b6:bb:26:51:f0:
57:86:7e:6f:b4:8f:e7:4c:00:96:73:9c:9b:06:88:
f3:71:91:69:8c:be:4a:0d:93:df:46:cb:04:a1:43:
c5:c1:d1:86:8e:0c:4e:47:e5:e7:63:59:df:8f:9c:
26:54:45:1f:62:3e:4f:ee:a5:4c:09:22:e6:43:23:
19:9d:a6:fb:ac:e9:76:22:58:da:31:54:a6:a6:1d:
2d:06:53:23:6a:f1:1f:c3:ad:f0:87:bb:83:f6:29:
14:00:48:ef:49:cd:dd:d7:3e:e5:a1:b1:c2:53:16:
86:6e:4d:af:b0:4d:81:f8:67:8b:54:41:e8:dc:c8:
e9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C0:52:B2:28:A7:CC:36:5F:BC:53:C8:95:F1:8D:86:15:87:13:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:d5:34:86:e8:bc:c2:7c:65:3c:81:15:39:29:a8:01:75:4d:
c4:1f:18:62:0d:37:5b:a1:02:29:6e:93:3c:87:45:61:54:fc:
7f:e8:93:71:ce:1c:7f:54:45:4e:5a:92:15:8e:29:03:11:b7:
72:38:9f:cb:3b:77:3f:5d:19:ef:3c:ad:40:60:8c:00:7b:1a:
9f:66:95:7e:25:f2:6e:fb:c5:e7:fa:cf:6c:a0:4a:c0:ec:de:
0b:1c:2c:54:4c:9a:81:43:09:6b:7a:3d:b1:52:08:2f:e1:3f:
20:12:fb:0d:94:94:2f:63:ff:17:c7:97:15:78:31:a1:b8:c6:
89:9b:8f:f2:ee:4a:8d:d2:86:c3:a7:0e:6b:d1:99:73:b9:a2:
98:1b:63:30:8a:9f:15:3c:e6:5b:9b:45:1d:c5:18:ad:d3:dd:
44:fb:84:09:dd:61:d0:1f:6d:68:cc:b8:fe:66:72:18:b2:ce:
4c:cd:40:95:68:de:bc:93:88:f4:d2:cf:f7:ab:f3:68:6b:3d:
f1:62:15:48:7c:8c:39:32:f9:41:d9:89:0b:ea:ab:8f:aa:a3:
e1:54:78:e3:db:ff:18:85:ab:1d:a3:af:1b:00:d3:9a:e8:dc:
d4:12:9b:28:e8:b8:1c:34:61:a6:fa:bb:94:95:01:61:a2:f4:
b1:aa:c9:ed
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbhlBADiiaP/ZhxMI5F47Hb50lXUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjExMjNaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiZTI4Nzk3NmIzNmU1NDNjYWFjOTNhNGViM2VmODQyYjEzYjE3NDA0NjRm
NWFhZmMyZjBjNmE4NzBiYmJkYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIvyHU39bel1n3WU/ncCoQw6BEy134sFkEekPtCmEzWy8NvEptKJ8aX18NTS
b47LLQRcX6P2khxxAQBwHev4h8DZMXyF272MDfRGwA0vbha/ZRHcaYtRCeQnnhvL
ZKENfnTI8FDajZmArSt4M9EAfFhjmPhxwudRWmxgFbkQXwqTXba7JlHwV4Z+b7SP
50wAlnOcmwaI83GRaYy+Sg2T30bLBKFDxcHRho4MTkfl52NZ34+cJlRFH2I+T+6l
TAki5kMjGZ2m+6zpdiJY2jFUpqYdLQZTI2rxH8Ot8Ie7g/YpFABI70nN3dc+5aGx
wlMWhm5Nr7BNgfhni1RB6NzI6fECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT1wFKy
KKfMNl+8U8iV8Y2GFYcToDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGIxMjgzMGUtYTg2MC00YTE0LWI1MmYtNTI4NDYyNmMxYTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDALAiMA0G
CSqGSIb3DQEBCwUAA4IBAQBe1TSG6LzCfGU8gRU5KagBdU3EHxhiDTdboQIpbpM8
h0VhVPx/6JNxzhx/VEVOWpIVjikDEbdyOJ/LO3c/XRnvPK1AYIwAexqfZpV+JfJu
+8Xn+s9soErA7N4LHCxUTJqBQwlrej2xUggv4T8gEvsNlJQvY/8Xx5cVeDGhuMaJ
m4/y7kqN0obDpw5r0ZlzuaKYG2Mwip8VPOZbm0UdxRit091E+4QJ3WHQH21ozLj+
ZnIYss5MzUCVaN68k4j00s/3q/Noaz3xYhVIfIw5MvlB2YkL6quPqqPhVHjj2/8Y
hasdo68bANOa6NzUEpso6LgcNGGm+ruUlQFhovSxqsnt
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:48 2025 by rpki-client