Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
File: b2928b95-2f30-4b39-bb79-f70b43a46278.roa (raw, json)
Hash identifier: x9HkGkqCoLa6c8cO0A0pLNZkkYAzcECd5oeonssPyc0=
Subject key identifier: 6D:88:D8:8C:F6:EB:46:E0:4B:E4:18:7F:BD:93:F7:98:29:64:1F:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A3E7269117AAF70795918EF39F6AF00CC9E3EB5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
Signing time: Mon 12 May 2025 16:10:09 +0000
ROA not before: Mon 12 May 2025 16:10:09 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:3e:72:69:11:7a:af:70:79:59:18:ef:39:f6:af:00:cc:9e:3e:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:10:09 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=964c4a9d7a621e2998b50ad223d48cd609376621e5db9b121da0eab33f3f934d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:19:3e:39:40:d2:c3:a4:b1:04:8b:d7:17:32:
66:25:f1:e0:1f:6d:38:8c:eb:40:ce:ea:29:4d:22:
3a:b2:0c:29:55:cf:f5:a4:72:ac:3f:a0:3a:f4:41:
b0:81:50:be:60:38:5b:ea:03:68:c9:6b:78:ac:ea:
5c:1a:a9:8c:f1:57:4f:91:de:d8:d5:41:12:1d:3b:
01:86:33:18:6e:b7:03:eb:f2:11:84:ba:de:89:4c:
80:0c:17:57:7b:c4:44:76:89:8f:b4:aa:e0:72:8d:
91:24:7e:aa:77:ce:ce:c4:04:ea:c3:6a:22:52:f2:
8b:06:60:02:b7:1f:de:b9:48:a3:93:ad:28:32:13:
ce:4a:5e:62:b1:83:a0:87:6f:51:af:ae:c8:e3:7a:
5a:ac:6a:d3:d8:60:a7:23:ec:32:95:9f:4e:4a:1c:
93:d5:31:32:63:ed:59:9f:3a:93:9c:58:2f:4f:bf:
23:0c:c0:bd:ce:96:91:c5:f1:87:9f:b3:aa:73:dd:
e6:74:55:0d:94:03:80:a2:04:e3:29:75:53:42:45:
44:6e:7a:64:e8:b6:7c:0f:7d:d1:8b:10:9f:1b:1c:
32:f2:b9:9e:48:db:43:13:a8:d1:e6:96:5d:5c:c9:
67:f2:cb:0b:b8:79:12:90:15:c5:43:f5:60:f1:40:
80:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:88:D8:8C:F6:EB:46:E0:4B:E4:18:7F:BD:93:F7:98:29:64:1F:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.84.0/22
Signature Algorithm: sha256WithRSAEncryption
08:79:de:fd:9b:1a:67:76:cd:4f:09:f6:6b:ab:c9:b4:c9:2b:
2f:47:27:a1:45:2e:f4:9f:6a:7b:16:fb:8a:6e:16:19:50:fb:
36:9e:3f:04:3d:f7:36:de:e7:fb:97:38:d1:68:cd:e3:a1:91:
23:6f:40:48:f1:2b:65:dc:14:68:cd:28:b0:92:20:8c:40:9c:
c7:f1:46:68:7c:71:09:2b:01:6d:44:19:4b:8a:a4:49:1f:cc:
2c:80:22:1e:fb:54:09:a4:81:11:b4:79:ac:2f:9b:26:1c:f7:
81:85:a5:ca:05:7b:ed:b2:4d:64:8c:33:a4:e7:07:f0:85:27:
7e:bc:e3:a4:5f:59:c9:69:95:42:dc:53:6a:85:1d:02:49:14:
4f:96:93:9c:b7:84:41:83:7f:77:76:21:e3:95:f3:65:18:39:
a6:4d:56:79:6d:c4:bb:62:38:b4:e8:9b:1d:dd:5a:15:dc:0b:
f5:fd:b7:09:41:e5:fa:19:94:59:d5:44:45:15:0e:bf:cb:4a:
d4:48:a8:2a:24:4d:82:fc:fe:3a:c6:31:ca:03:4c:c3:13:86:
86:84:38:47:c0:7a:dd:cb:be:38:65:5e:f5:ab:0a:33:54:d1:
16:94:b0:3f:86:23:41:c9:c2:e6:7e:07:ab:e2:fd:32:e9:a6:
f2:f5:72:a2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOj5yaRF6r3B5WRjvOfavAMyePrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjEwMDlaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2NGM0YTlkN2E2MjFlMjk5OGI1MGFkMjIzZDQ4Y2Q2MDkzNzY2MjFlNWRi
OWIxMjFkYTBlYWIzM2YzZjkzNGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4ZPjlA0sOksQSL1xcyZiXx4B9tOIzrQM7qKU0iOrIMKVXP9aRyrD+gOvRB
sIFQvmA4W+oDaMlreKzqXBqpjPFXT5He2NVBEh07AYYzGG63A+vyEYS63olMgAwX
V3vERHaJj7Sq4HKNkSR+qnfOzsQE6sNqIlLyiwZgArcf3rlIo5OtKDITzkpeYrGD
oIdvUa+uyON6Wqxq09hgpyPsMpWfTkock9UxMmPtWZ86k5xYL0+/IwzAvc6WkcXx
h5+zqnPd5nRVDZQDgKIE4yl1U0JFRG56ZOi2fA990YsQnxscMvK5nkjbQxOo0eaW
XVzJZ/LLC7h5EpAVxUP1YPFAgIMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRtiNiM
9utG4EvkGH+9k/eYKWQfmzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjI5MjhiOTUtMmYzMC00YjM5LWJiNzktZjcwYjQzYTQ2Mjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgVDAN
BgkqhkiG9w0BAQsFAAOCAQEACHne/ZsaZ3bNTwn2a6vJtMkrL0cnoUUu9J9qexb7
im4WGVD7Np4/BD33Nt7n+5c40WjN46GRI29ASPErZdwUaM0osJIgjECcx/FGaHxx
CSsBbUQZS4qkSR/MLIAiHvtUCaSBEbR5rC+bJhz3gYWlygV77bJNZIwzpOcH8IUn
frzjpF9ZyWmVQtxTaoUdAkkUT5aTnLeEQYN/d3Yh45XzZRg5pk1WeW3Eu2I4tOib
Hd1aFdwL9f23CUHl+hmUWdVERRUOv8tK1EioKiRNgvz+OsYxygNMwxOGhoQ4R8B6
3cu+OGVe9asKM1TRFpSwP4YjQcnC5n4Hq+L9Mumm8vVyog==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:16 2025 by rpki-client