Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
File: 995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa (raw, json)
Hash identifier: WYKFN5MfRBIBJizqgA6SyY4QQGT/5gVoo4FWY0zA59A=
Subject key identifier: C4:2A:D2:06:15:08:28:DA:78:6C:7A:E3:09:A5:A1:AE:F0:4F:96:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 705B4FFE1A52D88CF8BCF9C03E3105EF9C8D6F50
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
Signing time: Mon 12 May 2025 16:10:13 +0000
ROA not before: Mon 12 May 2025 16:10:13 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.16.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:5b:4f:fe:1a:52:d8:8c:f8:bc:f9:c0:3e:31:05:ef:9c:8d:6f:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:10:13 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=9c5e8863028fbf85e6345584fae5f6b084edcb59547646889ec40702eed15a60, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d2:83:56:ef:1f:6b:1f:28:b5:15:6d:17:9a:
02:4f:8a:02:90:cd:c7:bd:d8:f9:59:6f:3b:35:56:
c1:35:34:5a:56:98:92:18:12:90:12:c7:4c:0d:86:
5e:cb:53:56:f6:f2:b9:37:21:27:03:72:57:84:bf:
68:48:6b:a1:26:11:6f:24:ef:fc:d8:f0:06:d3:ba:
a4:86:5f:02:34:06:a1:ac:2b:c0:c0:fc:29:01:58:
02:e1:57:50:e4:d8:3c:e0:ea:00:5b:9d:0e:3d:2a:
ad:74:dd:ad:4c:6f:00:14:8e:ab:82:cd:15:16:b6:
f8:39:71:50:6a:67:0f:89:e5:b6:34:32:66:4e:86:
6a:b4:bb:63:a5:5f:e2:ea:6f:9f:f4:95:4c:f6:32:
f0:98:13:b8:c1:7f:a1:38:38:82:d8:a8:e2:ed:95:
3d:3b:03:fc:92:87:e6:8e:e0:33:15:8f:97:5b:8a:
cf:a9:c6:23:f1:4f:b1:8f:aa:da:05:97:e1:1a:7c:
27:d1:22:cf:f5:7c:3b:47:a7:b1:cd:6c:6f:2f:5d:
33:46:8a:ba:12:2a:79:90:97:b8:e3:d1:57:82:24:
fa:19:ae:41:89:9e:66:fb:f0:a7:f9:70:49:ec:41:
77:0b:cf:54:a0:60:62:f1:04:33:6e:3e:e7:0e:e1:
fd:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2A:D2:06:15:08:28:DA:78:6C:7A:E3:09:A5:A1:AE:F0:4F:96:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.16.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:a4:29:25:2d:1f:1c:ae:a5:96:9b:5c:b4:d3:fd:cd:17:c4:
18:13:c6:6e:bc:07:4c:fd:f7:58:56:6e:08:3d:3f:49:9d:ae:
5d:42:91:80:0b:84:c8:9a:7f:a2:1a:e9:38:b7:83:55:cb:51:
63:44:c5:33:e1:43:a4:3f:57:6d:84:fe:49:c9:c8:c5:9e:1b:
a5:e9:8a:29:8c:54:81:e5:21:9e:44:7e:9c:ba:7c:a5:21:9c:
0b:11:48:87:7c:21:85:87:7d:03:25:54:9a:7a:b5:39:18:60:
5a:87:ec:2e:71:e8:46:68:ce:72:e8:30:7e:0b:ba:d9:17:d6:
7d:20:e5:58:ac:27:d8:93:77:fe:ce:ff:e0:38:ce:08:a2:c5:
03:14:d4:ff:ed:e2:aa:a9:7f:6c:37:d0:71:22:49:f5:d0:e4:
b4:97:e8:65:8c:d1:b4:a9:6d:48:b1:62:e5:03:1e:c1:7f:5b:
3f:31:ae:0e:10:1c:18:db:0b:b1:57:f5:20:3b:be:a0:55:4c:
2d:e4:ec:88:48:16:de:9a:97:07:f1:ef:ff:b8:1d:15:e2:8f:
11:f5:60:bc:c9:2e:e5:37:69:22:5e:4a:71:e8:a3:92:fa:d2:
8a:75:98:0d:f4:13:b5:a2:bf:ca:fa:29:b7:66:12:13:1a:6b:
50:4c:0c:ac
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcFtP/hpS2Iz4vPnAPjEF75yNb1AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjEwMTNaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDljNWU4ODYzMDI4ZmJmODVlNjM0NTU4NGZhZTVmNmIwODRlZGNiNTk1NDc2
NDY4ODllYzQwNzAyZWVkMTVhNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLSg1bvH2sfKLUVbReaAk+KApDNx73Y+VlvOzVWwTU0WlaYkhgSkBLHTA2G
XstTVvbyuTchJwNyV4S/aEhroSYRbyTv/NjwBtO6pIZfAjQGoawrwMD8KQFYAuFX
UOTYPODqAFudDj0qrXTdrUxvABSOq4LNFRa2+DlxUGpnD4nltjQyZk6GarS7Y6Vf
4upvn/SVTPYy8JgTuMF/oTg4gtio4u2VPTsD/JKH5o7gMxWPl1uKz6nGI/FPsY+q
2gWX4Rp8J9Eiz/V8O0ensc1sby9dM0aKuhIqeZCXuOPRV4Ik+hmuQYmeZvvwp/lw
SexBdwvPVKBgYvEEM24+5w7h/e8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTEKtIG
FQgo2nhseuMJpaGu8E+WAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk1ZDRmOGQtMGJjZC00YjMwLTlkYmUtNDJiY2RiZWIwNDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiEDAN
BgkqhkiG9w0BAQsFAAOCAQEAxKQpJS0fHK6llptctNP9zRfEGBPGbrwHTP33WFZu
CD0/SZ2uXUKRgAuEyJp/ohrpOLeDVctRY0TFM+FDpD9XbYT+ScnIxZ4bpemKKYxU
geUhnkR+nLp8pSGcCxFIh3whhYd9AyVUmnq1ORhgWofsLnHoRmjOcugwfgu62RfW
fSDlWKwn2JN3/s7/4DjOCKLFAxTU/+3iqql/bDfQcSJJ9dDktJfoZYzRtKltSLFi
5QMewX9bPzGuDhAcGNsLsVf1IDu+oFVMLeTsiEgW3pqXB/Hv/7gdFeKPEfVgvMku
5TdpIl5KceijkvrSinWYDfQTtaK/yvopt2YSExprUEwMrA==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:14 2025 by rpki-client