Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4df3a9b8-4cdc-4366-a38e-16d2eab129b7.roa
File: 4df3a9b8-4cdc-4366-a38e-16d2eab129b7.roa (raw, json)
Hash identifier: aGW7yG2B7Be0t2vMTyjhTCTO0Ot3DN2x7Iy1pjjjnnI=
Subject key identifier: 6B:1F:E0:5F:61:A7:3F:23:12:3F:9A:01:DE:69:57:EB:FE:A5:0A:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1944F86826278F60AFAC7ED4708582FEFEEC2B33
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4df3a9b8-4cdc-4366-a38e-16d2eab129b7.roa
Signing time: Mon 12 May 2025 16:11:25 +0000
ROA not before: Mon 12 May 2025 16:11:25 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:44:f8:68:26:27:8f:60:af:ac:7e:d4:70:85:82:fe:fe:ec:2b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:11:25 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=52754d5ecf15c92060cf93df6ce572c7582c971362a9c854ff9ee55a00464f1a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5b:d1:87:d1:c0:47:31:55:4e:e7:f3:c9:77:
3b:14:f5:9a:4d:bf:82:1d:bd:dc:6c:ef:6c:64:5e:
f1:07:dc:d3:65:c8:ee:c5:8f:44:00:3b:4d:e4:d3:
4d:1b:e6:24:7b:9a:4e:f9:79:20:f1:2b:66:60:04:
05:3c:b4:04:69:67:0b:2b:28:7a:1e:b4:06:ef:61:
df:87:fe:b7:18:bd:8f:50:f5:23:0f:81:e8:84:46:
72:5a:a3:38:3f:91:91:43:55:e2:cc:aa:11:84:db:
b6:7b:8b:90:a4:eb:d8:d9:15:f2:ac:ac:af:ea:1b:
26:5d:d9:80:65:c6:ea:f1:cc:eb:c8:c5:f1:4a:89:
26:49:ae:97:46:e7:3a:38:32:da:da:ab:d0:01:eb:
26:d1:92:b9:82:4b:fb:30:b9:21:e5:a0:c1:b9:80:
6c:d5:76:50:2a:a1:5c:e9:83:f3:8d:b1:3b:fd:1a:
60:41:60:2d:0a:ee:7c:d1:88:28:4a:e5:3e:d6:6d:
cf:e2:57:bb:b6:16:7b:a3:90:cd:13:db:75:7b:67:
54:49:cf:d1:bc:2e:b1:07:09:b5:2e:06:2f:52:e5:
e2:fd:c7:ab:68:f4:7f:5c:d8:83:00:45:6f:35:84:
c4:dd:ea:4c:17:08:72:c4:28:34:c9:7c:4c:9d:5f:
1c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1F:E0:5F:61:A7:3F:23:12:3F:9A:01:DE:69:57:EB:FE:A5:0A:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4df3a9b8-4cdc-4366-a38e-16d2eab129b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.32.0/19
Signature Algorithm: sha256WithRSAEncryption
03:a2:fe:e2:d3:b0:ae:5d:16:22:d7:f1:6d:7e:2b:aa:40:98:
e6:28:27:6d:e3:60:7b:6a:0d:ee:bd:2f:2b:ce:56:7b:29:cc:
e9:5e:e7:b0:e3:33:f6:fc:d8:7f:93:ac:ed:40:95:e8:f2:2a:
68:92:2e:3f:b6:7c:1f:8e:72:89:6f:03:eb:4e:80:dd:e3:81:
43:ec:79:35:11:be:ab:70:92:ae:c9:b1:3f:69:04:74:41:ba:
91:ee:b6:a9:3a:83:25:92:e1:6c:90:da:29:17:e8:4d:1d:49:
f3:09:e9:5a:06:d5:78:de:45:a8:aa:c6:31:c0:18:29:d3:d8:
88:57:95:64:d8:cb:43:d0:e0:44:3b:21:89:45:64:be:74:4f:
57:15:80:7c:6c:50:df:b8:93:9c:d4:2c:1a:51:4c:37:54:77:
39:cc:de:7f:6f:65:85:a5:8f:39:79:8a:23:8a:70:8b:00:77:
d9:0e:54:cb:00:72:be:65:b3:94:08:0b:dd:aa:e3:86:25:7b:
f0:f4:a6:52:4b:d9:a0:62:fd:00:f6:ee:15:6d:17:bb:9a:95:
6b:ca:0c:9d:75:3e:47:3f:8e:f2:cf:33:a3:17:e2:c6:49:35:
21:10:36:77:a6:08:9a:ed:ce:20:e0:fa:ff:96:e6:64:45:ef:
bf:de:7a:e1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGUT4aCYnj2CvrH7UcIWC/v7sKzMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjExMjVaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyNzU0ZDVlY2YxNWM5MjA2MGNmOTNkZjZjZTU3MmM3NTgyYzk3MTM2MmE5
Yzg1NGZmOWVlNTVhMDA0NjRmMWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNb0YfRwEcxVU7n88l3OxT1mk2/gh293GzvbGRe8Qfc02XI7sWPRAA7TeTT
TRvmJHuaTvl5IPErZmAEBTy0BGlnCysoeh60Bu9h34f+txi9j1D1Iw+B6IRGclqj
OD+RkUNV4syqEYTbtnuLkKTr2NkV8qysr+obJl3ZgGXG6vHM68jF8UqJJkmul0bn
Ojgy2tqr0AHrJtGSuYJL+zC5IeWgwbmAbNV2UCqhXOmD842xO/0aYEFgLQrufNGI
KErlPtZtz+JXu7YWe6OQzRPbdXtnVEnP0bwusQcJtS4GL1Ll4v3Hq2j0f1zYgwBF
bzWExN3qTBcIcsQoNMl8TJ1fHHECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRrH+Bf
Yac/IxI/mgHeaVfr/qUK5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRmM2E5YjgtNGNkYy00MzY2LWEzOGUtMTZkMmVhYjEyOWI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiIDAN
BgkqhkiG9w0BAQsFAAOCAQEAA6L+4tOwrl0WItfxbX4rqkCY5ignbeNge2oN7r0v
K85WeynM6V7nsOMz9vzYf5Os7UCV6PIqaJIuP7Z8H45yiW8D606A3eOBQ+x5NRG+
q3CSrsmxP2kEdEG6ke62qTqDJZLhbJDaKRfoTR1J8wnpWgbVeN5FqKrGMcAYKdPY
iFeVZNjLQ9DgRDshiUVkvnRPVxWAfGxQ37iTnNQsGlFMN1R3Oczef29lhaWPOXmK
I4pwiwB32Q5UywByvmWzlAgL3arjhiV78PSmUkvZoGL9APbuFW0Xu5qVa8oMnXU+
Rz+O8s8zoxfixkk1IRA2d6YImu3OIOD6/5bmZEXvv9564Q==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:22 2025 by rpki-client