Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa
File: aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa (raw, json)
Hash identifier: Twac8DRcp96uoXb9kkjjXTl8CC2d7IIvDLRWOqId2QE=
Subject key identifier: 36:AE:37:62:65:95:94:02:3B:E0:E1:91:76:3B:C2:0A:BA:0E:EB:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5609E580D2274183F8A59CC484E1A5E30C84E851
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa
Signing time: Mon 12 May 2025 16:11:30 +0000
ROA not before: Mon 12 May 2025 16:11:30 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.144.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:09:e5:80:d2:27:41:83:f8:a5:9c:c4:84:e1:a5:e3:0c:84:e8:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:11:30 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=8996b2b0c97f20500e99adc94757fde9cb13df85b4d556ced3841ef7c475b546, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:76:ac:33:48:85:af:12:dc:56:fc:82:76:8b:
92:48:17:16:a3:a8:51:c2:27:62:35:94:4f:a6:82:
40:9c:17:af:b6:37:92:29:b0:59:de:44:e1:0b:4f:
99:29:b9:84:aa:b1:2c:e2:b0:fe:ba:80:45:b9:57:
b1:bc:b2:75:a5:c4:ec:30:9f:a2:5d:01:f2:47:c9:
5b:30:69:51:bb:f4:2a:76:25:01:79:f4:5a:45:a8:
aa:68:f6:a8:10:54:65:e6:69:a0:97:df:83:34:4b:
76:50:ce:4b:75:8b:cf:57:fb:49:58:da:3c:2a:d5:
8f:67:e3:e4:ba:e9:6d:aa:16:2b:e6:e1:5e:86:a4:
33:c5:96:0c:85:dd:d9:c3:11:9c:4c:3e:15:a7:34:
5e:d6:e3:58:41:2a:b6:7a:14:55:04:7b:3a:8d:b4:
00:14:bc:23:4c:d2:d0:e3:3b:4f:91:d9:86:f6:e7:
c6:96:b6:fe:71:01:51:a9:22:1d:07:88:3e:f2:a1:
cb:2c:15:c0:e5:b6:e7:76:10:8d:2c:5b:9f:dd:c0:
4f:81:db:0d:83:c4:4c:00:f2:0e:9d:51:a4:77:8f:
67:c7:0b:f0:39:dc:44:e0:7c:e4:c5:4d:cf:56:dd:
5c:2d:7e:dd:a4:a6:51:8e:6d:85:95:5f:ab:ea:70:
fd:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:AE:37:62:65:95:94:02:3B:E0:E1:91:76:3B:C2:0A:BA:0E:EB:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.144.0/20
Signature Algorithm: sha256WithRSAEncryption
6c:94:e2:99:02:4f:14:57:ae:09:6f:78:95:a3:12:3d:a3:d0:
77:28:a8:a8:15:8d:d2:3f:33:7a:85:04:16:18:17:b6:5a:f8:
10:55:fb:1f:6c:7f:e2:4d:a5:c8:18:1e:bf:d3:61:bb:57:8c:
df:3c:cc:85:45:41:38:49:da:85:77:6b:63:ab:7a:96:98:96:
b7:bd:97:3f:41:d7:04:fc:0a:25:b1:8f:3f:cd:7c:5b:d5:5a:
66:b1:03:33:a0:ae:2e:7a:eb:d8:69:32:ab:15:cc:76:52:ea:
f5:bd:a9:75:65:bc:b9:b2:75:47:7d:0a:01:dc:e9:82:09:69:
06:1c:b6:dd:e4:8e:26:c4:a4:81:17:bd:69:2e:19:21:54:99:
46:f5:c6:8c:8d:e5:18:9f:88:14:0a:0f:58:50:0e:a7:e0:c4:
38:62:d9:d2:06:c4:50:e7:20:19:4c:86:77:4a:12:f9:76:19:
a3:09:2b:63:05:4f:2e:ee:e7:eb:fc:7c:82:8e:c2:44:4f:26:
bc:4b:d8:a5:9f:6b:a5:36:ee:6a:2f:7f:cf:d6:69:e0:ac:16:
12:cc:f8:17:7d:2f:cf:4f:f4:31:ac:11:ac:52:56:1e:03:03:
24:e8:b1:ff:2c:52:ec:6d:a4:52:c1:62:2d:19:3b:4b:99:1f:
5c:dc:e9:e9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVgnlgNInQYP4pZzEhOGl4wyE6FEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjExMzBaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5OTZiMmIwYzk3ZjIwNTAwZTk5YWRjOTQ3NTdmZGU5Y2IxM2RmODViNGQ1
NTZjZWQzODQxZWY3YzQ3NWI1NDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJ2rDNIha8S3Fb8gnaLkkgXFqOoUcInYjWUT6aCQJwXr7Y3kimwWd5E4QtP
mSm5hKqxLOKw/rqARblXsbyydaXE7DCfol0B8kfJWzBpUbv0KnYlAXn0WkWoqmj2
qBBUZeZpoJffgzRLdlDOS3WLz1f7SVjaPCrVj2fj5LrpbaoWK+bhXoakM8WWDIXd
2cMRnEw+Fac0XtbjWEEqtnoUVQR7Oo20ABS8I0zS0OM7T5HZhvbnxpa2/nEBUaki
HQeIPvKhyywVwOW253YQjSxbn93AT4HbDYPETADyDp1RpHePZ8cL8DncROB85MVN
z1bdXC1+3aSmUY5thZVfq+pw/U8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ2rjdi
ZZWUAjvg4ZF2O8IKug7rgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWE3OWJiMTgtYjc0ZC00Y2MzLWJhMDUtMjBhZjBmOTQzNWIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAikDAN
BgkqhkiG9w0BAQsFAAOCAQEAbJTimQJPFFeuCW94laMSPaPQdyioqBWN0j8zeoUE
FhgXtlr4EFX7H2x/4k2lyBgev9Nhu1eM3zzMhUVBOEnahXdrY6t6lpiWt72XP0HX
BPwKJbGPP818W9VaZrEDM6CuLnrr2GkyqxXMdlLq9b2pdWW8ubJ1R30KAdzpgglp
Bhy23eSOJsSkgRe9aS4ZIVSZRvXGjI3lGJ+IFAoPWFAOp+DEOGLZ0gbEUOcgGUyG
d0oS+XYZowkrYwVPLu7n6/x8go7CRE8mvEvYpZ9rpTbuai9/z9Zp4KwWEsz4F30v
z0/0MawRrFJWHgMDJOix/yxS7G2kUsFiLRk7S5kfXNzp6Q==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:12 2025 by rpki-client