Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
File: b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa (raw, json)
Hash identifier: roCpf9y0nwMICt8gTc5+BVagSF6NcrsjUP/mtLaSR4A=
Subject key identifier: 56:43:13:00:2C:9B:73:05:82:43:C8:6F:E9:FF:E8:4C:06:A6:D5:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 771541547EEBC0628D511E14785A6BB541D62062
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
Signing time: Mon 12 May 2025 16:10:11 +0000
ROA not before: Mon 12 May 2025 16:10:11 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:15:41:54:7e:eb:c0:62:8d:51:1e:14:78:5a:6b:b5:41:d6:20:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:10:11 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=3baf2bd90839fb920159eaaae671850ff0d20434cc03ff5864adda93f6bb5d25, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a5:29:47:e5:ce:89:99:89:83:70:13:62:2b:
3f:a2:18:ea:c4:5e:17:bb:cc:39:df:5c:77:7b:30:
cb:11:1b:23:66:49:61:f0:50:7c:1c:c6:7a:c9:35:
df:3d:5f:ed:54:8e:ea:5a:d9:45:c0:52:9a:c4:76:
9c:6a:84:dd:7d:48:41:43:c0:37:08:2b:d9:3d:31:
df:7f:3a:9c:cf:5c:99:2f:b6:e1:11:e7:b1:42:99:
de:ca:35:dc:3e:39:d1:6a:7f:3a:a0:7a:9e:d7:cc:
f8:2b:63:f9:a8:09:9e:f6:a6:a2:64:08:96:7d:20:
ea:eb:b6:19:de:fd:f3:1b:aa:f8:04:50:45:67:b3:
4e:42:a9:d3:30:2d:9b:18:24:8e:44:5d:83:36:7c:
eb:82:ef:d9:22:67:e1:62:64:c8:75:76:5a:3e:91:
14:2f:ab:6f:8b:21:ff:32:82:7a:45:f8:39:0b:bc:
87:52:b5:35:fa:f8:cd:33:58:89:bf:ab:f7:55:61:
fb:0c:bc:0d:31:05:80:09:6f:31:6f:23:14:b2:7c:
cc:a1:1d:53:58:5d:7f:fc:7c:39:64:17:7a:7f:75:
25:89:5a:ec:2c:63:a8:15:9e:6a:33:89:79:85:db:
4d:3b:26:85:80:fb:ea:97:53:7e:2e:86:7b:c4:31:
a5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:43:13:00:2C:9B:73:05:82:43:C8:6F:E9:FF:E8:4C:06:A6:D5:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.44.0/22
Signature Algorithm: sha256WithRSAEncryption
87:ac:0a:e2:aa:af:b6:a7:31:0b:79:2a:30:1f:e6:cd:9b:6d:
dd:3f:7f:a3:d6:c3:90:88:41:84:ab:ab:9c:6c:cf:5f:55:23:
b5:a4:ea:da:da:e1:c8:58:50:2e:b5:8b:7d:67:77:54:c2:55:
71:49:88:7b:ec:40:fe:14:26:15:cf:06:a2:8b:e6:3f:c7:0e:
f1:2b:5a:2a:c5:e6:d5:d5:3b:62:f8:df:74:37:5a:b3:39:09:
6d:a6:18:14:39:29:76:dc:67:26:e3:03:63:04:3e:dc:8a:85:
ef:3b:e7:4b:73:73:44:c3:f0:1b:25:cf:60:b7:02:5b:00:77:
8e:01:4f:6c:18:bd:af:ff:00:c2:6e:90:99:7b:e4:48:6e:ee:
c3:6a:bf:23:13:e5:85:84:6b:27:e1:8b:bb:78:a1:6c:9d:38:
2e:0a:6f:44:99:02:0d:fb:a5:ca:18:9c:2d:df:7f:4a:b0:a4:
ea:78:fc:10:0f:a3:0f:cf:12:8a:a1:68:89:73:05:0d:21:bc:
a6:6a:65:80:50:1a:b6:50:05:40:a3:b0:e0:b6:78:c9:41:56:
44:d0:18:2a:89:49:d0:9e:3c:72:03:b5:b7:10:56:e8:e1:d2:
1c:77:b5:4a:5a:74:f2:4d:4d:f6:47:2a:78:07:e6:e3:6c:ee:
a7:30:59:e4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdxVBVH7rwGKNUR4UeFprtUHWIGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjEwMTFaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiYWYyYmQ5MDgzOWZiOTIwMTU5ZWFhYWU2NzE4NTBmZjBkMjA0MzRjYzAz
ZmY1ODY0YWRkYTkzZjZiYjVkMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMilKUflzomZiYNwE2IrP6IY6sReF7vMOd9cd3swyxEbI2ZJYfBQfBzGesk1
3z1f7VSO6lrZRcBSmsR2nGqE3X1IQUPANwgr2T0x3386nM9cmS+24RHnsUKZ3so1
3D450Wp/OqB6ntfM+Ctj+agJnvamomQIln0g6uu2Gd798xuq+ARQRWezTkKp0zAt
mxgkjkRdgzZ864Lv2SJn4WJkyHV2Wj6RFC+rb4sh/zKCekX4OQu8h1K1Nfr4zTNY
ib+r91Vh+wy8DTEFgAlvMW8jFLJ8zKEdU1hdf/x8OWQXen91JYla7CxjqBWeajOJ
eYXbTTsmhYD76pdTfi6Ge8QxpZUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRWQxMA
LJtzBYJDyG/p/+hMBqbVljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjhkNTVlOWQtMjczMC00ZWMyLTkxZDUtYWY5OGE1YTUxMzQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiLDAN
BgkqhkiG9w0BAQsFAAOCAQEAh6wK4qqvtqcxC3kqMB/mzZtt3T9/o9bDkIhBhKur
nGzPX1UjtaTq2trhyFhQLrWLfWd3VMJVcUmIe+xA/hQmFc8GoovmP8cO8StaKsXm
1dU7YvjfdDdaszkJbaYYFDkpdtxnJuMDYwQ+3IqF7zvnS3NzRMPwGyXPYLcCWwB3
jgFPbBi9r/8Awm6QmXvkSG7uw2q/IxPlhYRrJ+GLu3ihbJ04LgpvRJkCDfulyhic
Ld9/SrCk6nj8EA+jD88SiqFoiXMFDSG8pmplgFAatlAFQKOw4LZ4yUFWRNAYKolJ
0J48cgO1txBW6OHSHHe1Slp08k1N9kcqeAfm42zupzBZ5A==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:54 2025 by rpki-client